folkd.com Open in urlscan Pro
76.76.21.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.folkd.com/submit/blog.probiotiv.com/top-10-high-fiber-food//
Effective URL:
https://folkd.com/
Submission: On November 14 via manual (November 14th 2023, 3:54:16 am UTC) from VN — Scanned from CH

Summary HTTP 854 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 71 IPs in 12 countries across 77 domains to perform 854 HTTP transactions. The main IP is 76.76.21.21, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is folkd.com.
TLS certificate: Issued by R3 on November 13th 2023. Valid for: 3 months.

This is the only time folkd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 12	76.76.21.21 76.76.21.21	16509 (AMAZON-02) (AMAZON-02)
7	104.16.203.66 104.16.203.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
114	104.16.88.20 104.16.88.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	185.3.92.76 185.3.92.76	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	142.250.185.136 142.250.185.136	15169 (GOOGLE) (GOOGLE)
3	108.138.7.13 108.138.7.13	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
15	142.250.184.228 142.250.184.228	15169 (GOOGLE) (GOOGLE)
2	13.107.213.44 13.107.213.44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
8 16	35.193.186.65 35.193.186.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	104.16.137.79 104.16.137.79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
6	216.58.212.163 216.58.212.163	15169 (GOOGLE) (GOOGLE)
2	172.64.144.166 172.64.144.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
2	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
2	99.86.4.96 99.86.4.96	16509 (AMAZON-02) (AMAZON-02)
4	52.152.143.207 52.152.143.207	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
14	35.186.236.140 35.186.236.140	15169 (GOOGLE) (GOOGLE)
1	104.22.52.86 104.22.52.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.1.3 178.250.1.3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.104 65.9.66.104	16509 (AMAZON-02) (AMAZON-02)
1	18.66.129.71 18.66.129.71	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11	172.217.16.129 172.217.16.129	15169 (GOOGLE) (GOOGLE)
1	35.80.175.49 35.80.175.49	16509 (AMAZON-02) (AMAZON-02)
1	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	142.250.185.251 142.250.185.251	15169 (GOOGLE) (GOOGLE)
2	103.28.36.168 103.28.36.168	131353 (NHANHOA-A...) (NHANHOA-AS-VN NhanHoa Software company)
2	13.32.27.66 13.32.27.66	16509 (AMAZON-02) (AMAZON-02)
2	103.247.8.134 103.247.8.134	58487 (CRI-AS-AP...) (CRI-AS-AP CV. Rumahweb Indonesia)
2	47.246.50.75 47.246.50.75	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
2	210.211.99.108 210.211.99.108	38731 (VTDC-AS-V...) (VTDC-AS-VN Vietel - CHT Compamy Ltd)
2	104.21.61.55 104.21.61.55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.73.2 192.0.73.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	34.149.134.227 34.149.134.227	15169 (GOOGLE) (GOOGLE)
2	116.118.49.56 116.118.49.56	7602 (SPT-AS-VN...) (SPT-AS-VN Sai gon Postel Corporation)
2	34.120.245.111 34.120.245.111	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.73.167.29 54.73.167.29	16509 (AMAZON-02) (AMAZON-02)
3	23.32.185.60 23.32.185.60	16625 (AKAMAI-AS) (AKAMAI-AS)
55	142.250.185.129 142.250.185.129	15169 (GOOGLE) (GOOGLE)
10	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1 4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1 6	67.220.228.202 67.220.228.202	16509 (AMAZON-02) (AMAZON-02)
5	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 21	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
27	18.245.60.74 18.245.60.74	16509 (AMAZON-02) (AMAZON-02)
50	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
39	34.250.128.111 34.250.128.111	16509 (AMAZON-02) (AMAZON-02)
10	13.48.169.31 13.48.169.31	16509 (AMAZON-02) (AMAZON-02)
1	213.227.153.223 213.227.153.223	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
5	172.217.18.1 172.217.18.1	15169 (GOOGLE) (GOOGLE)
1 1	185.196.197.130 185.196.197.130	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
9	18.66.122.80 18.66.122.80	16509 (AMAZON-02) (AMAZON-02)
78	3.227.250.215 3.227.250.215	14618 (AMAZON-AES) (AMAZON-AES)
4 4	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2.18.160.23 2.18.160.23	16625 (AKAMAI-AS) (AKAMAI-AS)
4	52.58.37.65 52.58.37.65	16509 (AMAZON-02) (AMAZON-02)
1 2	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1 2	104.18.24.173 104.18.24.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 7	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
9	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
18	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
4 13	18.245.60.72 18.245.60.72	16509 (AMAZON-02) (AMAZON-02)
31	3.253.142.96 3.253.142.96	16509 (AMAZON-02) (AMAZON-02)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
854	71

12 76.76.21.21 (Walnut, United States) 3 redirects

ASN16509 (AMAZON-02, US)

www.folkd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
folkd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.16.203.66 (None, )

ASN13335 (CLOUDFLARENET, US)

folkd0612.bubbleapps.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

114 104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.3.92.76 (London, United Kingdom)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: nb-185-3-92-76.tc.nodebalancer.linode.com

monu.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.7.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-13.fra56.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.213.44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 35.193.186.65 (United States) 8 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.186.193.35.bc.googleusercontent.com

xeqe-t3lw-i7hv.n7.xano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.137.79 (None, )

ASN13335 (CLOUDFLARENET, US)

1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.212.163 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.144.166 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-96.fra6.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.152.143.207 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

o.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 35.186.236.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.236.186.35.bc.googleusercontent.com

imps.monu.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.52.86 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.129.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-129-71.fra60.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.16.129 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f129.1e100.net

ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.80.175.49 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-80-175-49.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.251 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f27.1e100.net

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.28.36.168 (Viet Nam)

ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN)
PTR: wordpress-hosting09.nhanhoa.com

thietbivesinhtoto.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-66.fra56.r.cloudfront.net

mleqzsi8gjmm.i.optimole.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.247.8.134 (Indonesia)

ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID)
PTR: sanggau.dua.rumahweb.net

ssicertify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.246.50.75 (Paris, France)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

ledcoms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.211.99.108 (Thu Dau Mot, Viet Nam)

ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN)

static.tylebongdaplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.61.55 (None, )

ASN13335 (CLOUDFLARENET, US)

cuahoangminh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.73.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

www.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.134.227 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 227.134.149.34.bc.googleusercontent.com

prd.storage.lit.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 116.118.49.56 (Ho Chi Minh City, Viet Nam)

ASN7602 (SPT-AS-VN Sai gon Postel Corporation, VN)

www.thuocdantoc.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.245.111 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 111.245.120.34.bc.googleusercontent.com

cdn.dnse.com.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.167.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-167-29.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.32.185.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-60.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.254 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 67.220.228.202 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.185.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 18.245.60.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-74.fra60.r.cloudfront.net

static.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 34.250.128.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.48.169.31 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-48-169-31.eu-north-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.153.223 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

b1t-eudc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.196.197.130 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.66.122.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-80.fra60.r.cloudfront.net

matchadsrvr.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

78 3.227.250.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-250-215.compute-1.amazonaws.com

kinesis.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.204.74.118 (Groningen, Netherlands) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.160.23 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.58.37.65 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-37-65.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.38.120.206 (Hessen, Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.24.173 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.245.60.72 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-72.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 3.253.142.96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com

s.update.tas.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.21.200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
116	googlesyndication.com ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149 pagead2.googlesyndication.com — Cisco Umbrella Rank: 97	678 KB
114	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	77 KB
106	yieldmo.com static.yieldmo.com — Cisco Umbrella Rank: 2504 ads.yieldmo.com — Cisco Umbrella Rank: 657 matchadsrvr.yieldmo.com — Cisco Umbrella Rank: 2834 sync-openx.ads.yieldmo.com Failed sync-adform.ads.yieldmo.com Failed sync-pm.ads.yieldmo.com Failed sync-eq.ads.yieldmo.com Failed s.update.tas.yieldmo.com — Cisco Umbrella Rank: 10171	2 MB
78	amazonaws.com kinesis.us-east-1.amazonaws.com — Cisco Umbrella Rank: 1266	22 KB
52	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	423 KB
18	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	1 MB
18	monu.delivery monu.delivery — Cisco Umbrella Rank: 26382 imps.monu.delivery — Cisco Umbrella Rank: 31634	178 KB
16	xano.io 8 redirects xeqe-t3lw-i7hv.n7.xano.io	22 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	896 KB
15	google.com www.google.com — Cisco Umbrella Rank: 2	38 KB
13	scorecardresearch.com 4 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	5 KB
12	folkd.com 3 redirects www.folkd.com folkd.com	17 KB
10	clarium.io protected-by.clarium.io — Cisco Umbrella Rank: 1459	2 KB
10	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	606 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 storage.googleapis.com — Cisco Umbrella Rank: 409	207 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 827 o.clarity.ms — Cisco Umbrella Rank: 7480 c.clarity.ms — Cisco Umbrella Rank: 1405	23 KB
7	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 487	3 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1287 q.stripe.com — Cisco Umbrella Rank: 7148 m.stripe.com — Cisco Umbrella Rank: 1249	141 KB
7	bubbleapps.io folkd0612.bubbleapps.io	1 MB
6	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890	5 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 406	104 KB
5	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	741 B
5	openx.net oajs.openx.net — Cisco Umbrella Rank: 1656 Failed google-bidout-d.openx.net — Cisco Umbrella Rank: 1665 eu-u.openx.net — Cisco Umbrella Rank: 2753 us-u.openx.net — Cisco Umbrella Rank: 522	1 KB
4	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 559	137 B
4	simpli.fi 4 redirects um.simpli.fi — Cisco Umbrella Rank: 795	3 KB
4	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 454 dis.criteo.com — Cisco Umbrella Rank: 597	8 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 599	2 KB
3	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1799	14 KB
3	bubble.io 1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io	187 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	30 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 860 s.tribalfusion.com — Cisco Umbrella Rank: 2311	1 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 746	906 B
2	dnse.com.vn cdn.dnse.com.vn — Cisco Umbrella Rank: 583817	98 KB
2	thuocdantoc.org www.thuocdantoc.org	193 KB
2	lit.link prd.storage.lit.link	709 KB
2	gravatar.com www.gravatar.com — Cisco Umbrella Rank: 3795	126 KB
2	cuahoangminh.com cuahoangminh.com	64 KB
2	tylebongdaplus.com static.tylebongdaplus.com	150 KB
2	ledcoms.com ledcoms.com	10 KB
2	ssicertify.com ssicertify.com	52 KB
2	optimole.com mleqzsi8gjmm.i.optimole.com	35 KB
2	thietbivesinhtoto.vn thietbivesinhtoto.vn	85 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	13 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 863 id5-sync.com — Cisco Umbrella Rank: 440	32 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1354	16 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	304 B
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1481	170 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 236	764 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 921 Failed	442 B
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 1513 contextual.media.net — Cisco Umbrella Rank: 691 Failed	878 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 9432	291 B
1	zemanta.com b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 22764 b1sync.zemanta.com — Cisco Umbrella Rank: 580 Failed	151 B
1	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4524	474 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491	3 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 668	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1762	8 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	80 KB
0	bidswitch.net Failed x.bidswitch.net — Cisco Umbrella Rank: 351 Failed
0	metadsp.co.uk Failed u.ipw.metadsp.co.uk Failed
0	nrich.ai Failed dsp.nrich.ai Failed
0	loopme.me Failed csync.loopme.me — Cisco Umbrella Rank: 940 Failed
0	bidr.io Failed match.prod.bidr.io Failed
0	mfadsrvr.com Failed rtb.mfadsrvr.com Failed
0	rlcdn.com Failed idsync.rlcdn.com Failed
0	iqzone.com Failed xsync.iqzone.com Failed
0	admanmedia.com Failed cs.admanmedia.com Failed
0	agkn.com Failed aa.agkn.com Failed
0	smartadserver.com Failed ssbsync.smartadserver.com — Cisco Umbrella Rank: 774 Failed
0	quantserve.com Failed cms.quantserve.com — Cisco Umbrella Rank: 764 Failed
0	adentifi.com Failed rtb.adentifi.com Failed
0	stackadapt.com Failed sync.srv.stackadapt.com Failed
0	bttrack.com Failed bttrack.com Failed
0	dotomi.com Failed yieldmo-match.dotomi.com — Cisco Umbrella Rank: 6405 Failed
0	turn.com Failed ad.turn.com Failed
0	yahoo.com Failed ups.analytics.yahoo.com — Cisco Umbrella Rank: 327 Failed
0	unrulymedia.com Failed sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268 Failed
854	77

	Domain	Requested by
114	cdn.jsdelivr.net	folkd.com folkd0612.bubbleapps.io securepubads.g.doubleclick.net
78	kinesis.us-east-1.amazonaws.com	static.yieldmo.com
55	tpc.googlesyndication.com	folkd.com ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
50	pagead2.googlesyndication.com	ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com folkd.com pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
39	ads.yieldmo.com	ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com folkd.com ads.yieldmo.com static.yieldmo.com
31	s.update.tas.yieldmo.com	folkd.com s.update.tas.yieldmo.com
27	static.yieldmo.com	folkd.com static.yieldmo.com ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
22	securepubads.g.doubleclick.net	monu.delivery securepubads.g.doubleclick.net ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com folkd.com
21	cm.g.doubleclick.net	2 redirects google-bidout-d.openx.net ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com folkd.com ads.yieldmo.com
18	s0.2mdn.net	ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com folkd.com
16	xeqe-t3lw-i7hv.n7.xano.io	8 redirects cdn.jsdelivr.net
15	www.google.com	folkd0612.bubbleapps.io ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com folkd.com tpc.googlesyndication.com www.gstatic.com www.google.com
14	imps.monu.delivery	folkd.com
13	sb.scorecardresearch.com	4 redirects ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
11	ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net cdn.confiant-integrations.net
11	folkd.com	2 redirects folkd.com folkd0612.bubbleapps.io
10	protected-by.clarium.io	ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com folkd.com
10	www.googletagservices.com	folkd.com ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
10	fonts.gstatic.com	fonts.googleapis.com www.google.com
9	googleads.g.doubleclick.net	folkd.com
9	matchadsrvr.yieldmo.com	static.yieldmo.com
8	storage.googleapis.com	folkd.com
7	pixel.tapad.com	3 redirects ads.yieldmo.com
7	folkd0612.bubbleapps.io	folkd.com folkd0612.bubbleapps.io
6	aax-eu.amazon-adsystem.com	1 redirects google-bidout-d.openx.net ads.yieldmo.com
6	www.gstatic.com	www.google.com www.gstatic.com
5	cdn.ampproject.org	cdn.confiant-integrations.net
5	match.adsrvr.org	google-bidout-d.openx.net ads.yieldmo.com
4	match.sharethrough.com	ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
4	um.simpli.fi	4 redirects
4	o.clarity.ms	www.clarity.ms
4	monu.delivery	folkd.com monu.delivery
3	c1.adform.net	3 redirects
3	widgets.outbrain.com	folkd.com widgets.outbrain.com ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
3	q.stripe.com	folkd.com
3	1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io	folkd.com folkd0612.bubbleapps.io
3	js.stripe.com	folkd.com js.stripe.com
3	cdnjs.cloudflare.com	folkd.com
2	c.clarity.ms	1 redirects
2	onetag-sys.com	1 redirects ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
2	dis.criteo.com	2 redirects
2	gum.criteo.com	static.criteo.net gum.criteo.com
2	google-bidout-d.openx.net	1 redirects oa.openxcdn.net
2	cdn.dnse.com.vn	folkd.com
2	www.thuocdantoc.org	folkd.com
2	prd.storage.lit.link	folkd.com
2	www.gravatar.com	folkd.com
2	cuahoangminh.com	folkd.com
2	static.tylebongdaplus.com	folkd.com
2	ledcoms.com	folkd.com
2	ssicertify.com	folkd.com
2	mleqzsi8gjmm.i.optimole.com	folkd.com
2	thietbivesinhtoto.vn	folkd.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	region1.google-analytics.com	www.googletagmanager.com
2	cdn.confiant-integrations.net	monu.delivery cdn.confiant-integrations.net
2	www.clarity.ms	folkd.com www.clarity.ms
2	fonts.googleapis.com	folkd0612.bubbleapps.io ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
1	c.bing.com	1 redirects
1	stags.bluekai.com	ads.yieldmo.com
1	s.tribalfusion.com	ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	cs.media.net	1 redirects
1	s.uuidksinc.net	1 redirects
1	b1t-eudc1.zemanta.com	ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
1	us-u.openx.net	google-bidout-d.openx.net
1	eu-u.openx.net	google-bidout-d.openx.net
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	oajs.openx.net	folkd.com
1	esp.rtbhouse.com	folkd.com
1	m.stripe.com	m.stripe.network
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	www.googletagmanager.com	folkd.com
1	www.folkd.com	1 redirects
0	sync-eq.ads.yieldmo.com Failed	ads.yieldmo.com
0	x.bidswitch.net Failed	ads.yieldmo.com
0	sync-pm.ads.yieldmo.com Failed	ads.yieldmo.com
0	u.ipw.metadsp.co.uk Failed	ads.yieldmo.com
0	dsp.nrich.ai Failed	ads.yieldmo.com
0	csync.loopme.me Failed	ads.yieldmo.com
0	match.prod.bidr.io Failed	ads.yieldmo.com
0	rtb.mfadsrvr.com Failed	ads.yieldmo.com
0	idsync.rlcdn.com Failed	ads.yieldmo.com
0	contextual.media.net Failed	ads.yieldmo.com
0	xsync.iqzone.com Failed	ads.yieldmo.com
0	b1sync.zemanta.com Failed	ads.yieldmo.com
0	sync-adform.ads.yieldmo.com Failed	ads.yieldmo.com
0	cs.admanmedia.com Failed	ads.yieldmo.com
0	aa.agkn.com Failed	ads.yieldmo.com
0	ssbsync.smartadserver.com Failed	ads.yieldmo.com
0	cms.quantserve.com Failed	ads.yieldmo.com
0	rtb.adentifi.com Failed	ads.yieldmo.com
0	sync-openx.ads.yieldmo.com Failed	ads.yieldmo.com
0	sync.srv.stackadapt.com Failed	ads.yieldmo.com
0	bttrack.com Failed	ads.yieldmo.com
0	yieldmo-match.dotomi.com Failed	ads.yieldmo.com
0	ad.turn.com Failed	ads.yieldmo.com
0	ups.analytics.yahoo.com Failed	ads.yieldmo.com
0	sync.targeting.unrulymedia.com Failed	ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
854	105

This site contains links to these domains. Also see Links.

Domain
thietbivesinhtoto.vn
nhacaiuytin.com.co
ssicertify.com
ledcoms.com
tylebongdaplus.com
cuahoangminh.com
hackmd.io
lit.link
www.thuocdantoc.org
www.dnse.com.vn

Subject Issuer	Validity	Valid
folkd.com R3	`2023-11-13` - `2024-02-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-05` - `2024-05-04`	a year	crt.sh
*.monu.delivery Sectigo RSA Domain Validation Secure Server CA	`2023-02-23` - `2024-03-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.n7.xano.io R3	`2023-10-04` - `2024-01-02`	3 months	crt.sh
bubble.io Cloudflare Inc ECC CA-3	`2022-12-17` - `2023-12-16`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
confiant-integrations.net GTS CA 1P5	`2023-09-20` - `2023-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
imps.monu.delivery GTS CA 1D4	`2023-11-13` - `2024-02-11`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-11-08` - `2024-02-06`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
thietbivesinhtoto.vn R3	`2023-10-09` - `2024-01-07`	3 months	crt.sh
*.i.optimole.com Amazon RSA 2048 M01	`2023-03-13` - `2024-04-09`	a year	crt.sh
*.ssicertify.com R3	`2023-09-20` - `2023-12-19`	3 months	crt.sh
ledcoms.com Encryption Everywhere DV TLS CA - G2	`2023-11-01` - `2024-10-31`	a year	crt.sh
static.tylebongdaplus.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-19` - `2024-09-18`	a year	crt.sh
cuahoangminh.com E1	`2023-10-29` - `2024-01-27`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
prd.storage.lit.link GTS CA 1D4	`2023-11-04` - `2024-02-02`	3 months	crt.sh
thuocdantoc.org Sectigo RSA Domain Validation Secure Server CA	`2022-10-31` - `2023-11-29`	a year	crt.sh
*.dnse.com.vn GlobalSign RSA OV SSL CA 2018	`2023-09-26` - `2024-10-27`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
static.yieldmo.com Amazon RSA 2048 M02	`2023-05-21` - `2024-06-18`	a year	crt.sh
*.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
protected-by.clarium.io Amazon RSA 2048 M01	`2022-12-16` - `2024-01-14`	a year	crt.sh
*.zemanta.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-16` - `2024-09-05`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
kinesis.us-east-1.amazonaws.com Amazon RSA 2048 M01	`2023-03-08` - `2024-03-07`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.tapad.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-18` - `2024-09-17`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
post.update.tas.yieldmo.com R3	`2023-10-01` - `2023-12-30`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh

This page contains 67 frames:

Primary Page: https://folkd.com/
Frame ID: 97D9E0517F07F94A9A6C4CD3E7356DF1
Requests: 240 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 78479A76E740114A6897880C9B3F36A1
Requests: 4 HTTP requests in this frame

Frame: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: F162B2C2831A5412F58A790C06626D65
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 3A50D2525AF3145AB69697FFF693265E
Requests: 4 HTTP requests in this frame

Frame: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0D01822CB5BACD5538764348C2E8DC7E
Requests: 1 HTTP requests in this frame

Frame: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8ED1F7B5D5D2237F78881C160A2CCF1E
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/n2d/widget/widget.js
Frame ID: F37D7498F4643712D1F546E3A978EC77
Requests: 8 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Frame ID: B9242A6617C9818C83EC1C03211AFB93
Requests: 6 HTTP requests in this frame

Frame: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D493B1897DE7CB6DE5089942F492BBEF
Requests: 29 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=folkd.com
Frame ID: 84639F2C2CAACE261BF30FDF3424AFA1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BD3D1D61D6E8D490EE1558D7F04DA3DC
Requests: 9 HTTP requests in this frame

Frame: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A9182F9C020772BB6BA16E37A0603144
Requests: 23 HTTP requests in this frame

Frame: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5D0423C058BADB79A800B30148A74D66
Requests: 23 HTTP requests in this frame

Frame: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8B42AEBE0974D3AFA44BCE4BC38CB776
Requests: 22 HTTP requests in this frame

Frame: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C6D0A06A09C9829028D0C899B383F7E4
Requests: 23 HTTP requests in this frame

Frame: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CF2F38C70F92BB9B61CB9653301470AC
Requests: 23 HTTP requests in this frame

Frame: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 070E8A86D6C819FA5F6D20D9A275B2E0
Requests: 23 HTTP requests in this frame

Frame: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 64F89A7A38955D104DAC49E2277EC76D
Requests: 22 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: C8B58F6733B41DB5B0F543BE36622EA7
Requests: 12 HTTP requests in this frame

Frame: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CD56A44920287D628D86FD6E8B5EFD36
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 09CD13ACDCD2DF991CECED80DA539587
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 71217F9CCBCB0610BD032A3BCD9A7960
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9EEB376BE9CBCC294257F23331C655BC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EF6EC58F04847363B250D6E198249315
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4770E02D87472E022DF5093068D1CD16
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CFBFAE8DA49F7E66B316F0EC2C737CAA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B61EA20A19E5C77BE54DD0E512E10B7C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D598A40476CEF9147A61B3EE006ACB92
Requests: 9 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 70035CC28BE1802576FC2366504D0042
Requests: 32 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 95431D1FDF75DC8D0512A7798BEF6B5A
Requests: 32 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 43750FC81F0B266E5B676E6590AC59F2
Requests: 32 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 950CE5E37C58E81E3269EDCEEBA5B372
Requests: 32 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 1006717BE47C86ECE4E37A7156B61812
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: B9002F36151E2C16EED667A5FD337F0D
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 90E47AD635D9742ACFEDF9F215135443
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: A7FF221F1EC4B297D950F3C4782B3BE0
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 0B9CF169CC4DC164B865750452B1F879
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: CC30C158AE6B4288B3A8A372E94C4B13
Requests: 5 HTTP requests in this frame

Frame: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3406412741847641488&pv=4a15f476-2063-4f8b-ae11-8977b59abeed&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3406412741847641488&bt=programmatic&gt=ch
Frame ID: D1F788A81764DF98C0F0A06CC495CF90
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 7D4870D76C5F4ED35A4E17662FD2496E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 29175C98A3FAC2748055AD4D83F02BA1
Requests: 5 HTTP requests in this frame

Frame: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3406412741864163421&pv=e2837ed2-fb5d-46c1-86f8-fe192e68516a&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3406412741864163421&bt=programmatic&gt=ch
Frame ID: 8D1EBE75D37DECDD632B2A22675F74F0
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 0940B958A7DD9718B046D4934D114611
Requests: 5 HTTP requests in this frame

Frame: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3406412741679615071&pv=f61d60d0-0b4f-4611-b831-f4e60183c08c&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3406412741679615071&bt=programmatic&gt=ch
Frame ID: 74AA83A7E75FB0541FB68F7449822811
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: EF397A29AEF0BB63A76069CB200AE36A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: C1F14A36825379E606B55E9B22B9740E
Requests: 5 HTTP requests in this frame

Frame: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3406412741603456321&pv=ceb77ef4-6942-4245-894c-770ee57cbe67&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3406412741603456321&bt=programmatic&gt=ch
Frame ID: 4151B6874EF0D27662381CD09C4A0C1D
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 87C9E63745FDE5AF8E9B72E1FFBAE33E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: F92D3F9B0139041D706099945BEE3FAC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 1679FBD23794B7B8C35638E5BDA6D0F4
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FDB09D122AB6241946562C244CCD7EDF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A2B5471E1F1962DE30D36AD02C129731
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E91DBB5E66F3BEB15A775026FB97D497
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 39B163B2513B49D0E9005E81442B9CD1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7D14D28607730E378D7E88A555A3CD50
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 11AB90B35DDA3CAB491461B547D98E16
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 734F7FAE1A36AE607C79E21E434A4B81
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 79A728FF941498EF11F68B0346FBBA64
Requests: 2 HTTP requests in this frame

Frame: blob://https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/cacb6eca-6865-4f55-a825-ec7c1807eb2b
Frame ID: 2A675E3620B1AC1289A6459F63EA7550
Requests: 1 HTTP requests in this frame

Frame: blob://https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/97671fa7-0428-4823-85a2-27054a3b19fc
Frame ID: 578384A92CA640E538FF3EA2304FE26F
Requests: 1 HTTP requests in this frame

Frame: blob://https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/121133a1-18ec-4318-81ca-9adde867c380
Frame ID: 31496F2E69BEF0C3528A9EC04653020B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 47B320AC3C77C12FC8ADC43A1B4B01A6
Requests: 2 HTTP requests in this frame

Frame: blob://https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/c117f6c4-2fd3-449e-98f9-d627e2abc08e
Frame ID: 5D6FA81AD0A8192F5BC84DED89C8CB46
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5EDBFA6A02DA230E8EBC06B7D332AAF8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6A206CFD0030AAA0BA866481456CD075
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI&co=aHR0cHM6Ly9mb2xrZC5jb206NDQz&hl=de-CH&type=image&v=fGZmEzpfeSeqDJiApS_XZ4Y2&theme=light&size=normal&cb=h040h01kc5q2
Frame ID: 658765AC75FDF0B728B75B8BE45D9F4B
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI
Frame ID: AD215581BED14637E51C6DE041107BAD
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Folkd | Home

Page URL History Show full URLs

https://www.folkd.com/submit/blog.probiotiv.com/top-10-high-fiber-food// HTTP 307
https://folkd.com/submit/blog.probiotiv.com/top-10-high-fiber-food// HTTP 308
https://folkd.com/submit/blog.probiotiv.com/top-10-high-fiber-food/ HTTP 301
https://folkd.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

854
Requests

77 %
HTTPS

0 %
IPv6

77
Domains

105
Subdomains

71
IPs

12
Countries

9909 kB
Transfer

27587 kB
Size

86
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://thietbivesinhtoto.vn/thiet-bi-ve-sinh-toto-dap-ung-moi-nhu-cau-ve-sinh-cho-khong-gian-nha-tam/

Search URL Search Domain Scan URL

URL: https://nhacaiuytin.com.co/bluff-trong-poker-la-gi/

Search URL Search Domain Scan URL

URL: https://ssicertify.com/sertifikasi-iso-27001-manajemen-keamanan-informasi-dan-data/

Search URL Search Domain Scan URL

URL: https://ledcoms.com/the-impact-of-sports-stadium-led-displays-in-the-nba-experience/

Search URL Search Domain Scan URL

URL: https://tylebongdaplus.com/lich-ngoai-hang-anh-anh.html

Search URL Search Domain Scan URL

URL: https://cuahoangminh.com/khi-hau-cua-nuoc-ta-co-phu-hop-de-lap-dat-cua-luoi-chong-muoi-hay-khong-51.html

Search URL Search Domain Scan URL

URL: https://hackmd.io/@topnotchgutterservices/SJ0Oel5mp

Search URL Search Domain Scan URL

URL: https://lit.link/en/istanaslots

Search URL Search Domain Scan URL

URL: https://www.thuocdantoc.org/tri-hac-lao-bang-cu-rieng.html

Search URL Search Domain Scan URL

URL: https://www.dnse.com.vn/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.folkd.com/submit/blog.probiotiv.com/top-10-high-fiber-food// HTTP 307
https://folkd.com/submit/blog.probiotiv.com/top-10-high-fiber-food// HTTP 308
https://folkd.com/submit/blog.probiotiv.com/top-10-high-fiber-food/ HTTP 301
https://folkd.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 120

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/YsOU_--9IrqY-vwNvHxokrksVto/-lbP5Q../nhacaiyutincomco.jpg HTTP 303
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/YsOU_--9IrqY-vwNvHxokrksVto/-lbP5Q../nhacaiyutincomco.jpg

Request Chain 130

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/k-OFGUmzgKWnKICkpsDz1exyeSg/v93BfA../tylebongdaplus.jpg HTTP 303
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/k-OFGUmzgKWnKICkpsDz1exyeSg/v93BfA../tylebongdaplus.jpg

Request Chain 137

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/yr8HZKgpbVEUPIkp4IPuDx4y7MM/rvoo3Q../gutter-logo500.jpg HTTP 303
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/yr8HZKgpbVEUPIkp4IPuDx4y7MM/rvoo3Q../gutter-logo500.jpg

Request Chain 144

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/btEjYu-qXLGzUlVOZq5sBFcXa8g/xXkU5w../thuocdantoc-dai-dien.jpg HTTP 303
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/btEjYu-qXLGzUlVOZq5sBFcXa8g/xXkU5w../thuocdantoc-dai-dien.jpg

Request Chain 222

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/YsOU_--9IrqY-vwNvHxokrksVto/-lbP5Q../nhacaiyutincomco.jpg HTTP 303
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/YsOU_--9IrqY-vwNvHxokrksVto/-lbP5Q../nhacaiyutincomco.jpg

Request Chain 223

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/k-OFGUmzgKWnKICkpsDz1exyeSg/v93BfA../tylebongdaplus.jpg HTTP 303
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/k-OFGUmzgKWnKICkpsDz1exyeSg/v93BfA../tylebongdaplus.jpg

Request Chain 224

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/yr8HZKgpbVEUPIkp4IPuDx4y7MM/rvoo3Q../gutter-logo500.jpg HTTP 303
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/yr8HZKgpbVEUPIkp4IPuDx4y7MM/rvoo3Q../gutter-logo500.jpg

Request Chain 225

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/btEjYu-qXLGzUlVOZq5sBFcXa8g/xXkU5w../thuocdantoc-dai-dien.jpg HTTP 303
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/btEjYu-qXLGzUlVOZq5sBFcXa8g/xXkU5w../thuocdantoc-dai-dien.jpg

Request Chain 233

https://google-bidout-d.openx.net/w/1.0/pd?plm=5 HTTP 302
https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

Request Chain 248

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5759223980947758559

Request Chain 249

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fffc442b-d60c-8812-87c7-e98285ffe11e HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fffc442b-d60c-8812-87c7-e98285ffe11e&dcc=t

Request Chain 252

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFaNM03ia5vzkjn3_J1iS-o&google_cver=1

Request Chain 358

https://s.uuidksinc.net/match/47/?remote_uid=CAESEBlCw0ukpN28wSl6SKtsluE&c_param1=AXcoOmTAmMxHiYlkTbq_0RR-MC8YyQ3MbDw5Bb_9wapHNAerFxPwQzUZwRskvE3y4kYHBIsoW-yPwsiHnOrLnKrWZis0ViNkGeFB&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTAmMxHiYlkTbq_0RR-MC8YyQ3MbDw5Bb_9wapHNAerFxPwQzUZwRskvE3y4kYHBIsoW-yPwsiHnOrLnKrWZis0ViNkGeFB

Request Chain 359

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESED2s02GFu3oPcTVEI1filBU&google_cver=1&google_push=AXcoOmR_XxFLAqRNHrfAZb_7WRjNyHcbAC2_ncM_7aBOLAy8Ve1kTlHzan-PmRei0E2tHDMjJalKaVnC3BTz25iSRHDAWwoR0Ces4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTc1OTIyMzk4MDk0Nzc1ODU1OQ&google_push=AXcoOmR_XxFLAqRNHrfAZb_7WRjNyHcbAC2_ncM_7aBOLAy8Ve1kTlHzan-PmRei0E2tHDMjJalKaVnC3BTz25iSRHDAWwoR0Ces4Q

Request Chain 360

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_cver=1&google_push=AXcoOmQrvHTORZquKMIdmrlKbaGuorNzqC5yEx0-VBInNZMW7nRKvPF8VW-F09LB15hahZZc9g7sYQd32CBAPSIw2feNI5ytUof8yA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_push=AXcoOmQrvHTORZquKMIdmrlKbaGuorNzqC5yEx0-VBInNZMW7nRKvPF8VW-F09LB15hahZZc9g7sYQd32CBAPSIw2feNI5ytUof8yA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_hm=ZVLvXdOQZHukhhGRsBecegAABLcAAAAB&google_nid=index&google_push=AXcoOmQrvHTORZquKMIdmrlKbaGuorNzqC5yEx0-VBInNZMW7nRKvPF8VW-F09LB15hahZZc9g7sYQd32CBAPSIw2feNI5ytUof8yA

Request Chain 361

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQ6j5YP_Y4mNtvLzFH2QT3lgi_EdQFn_goXFqcdYzRMyZ-KyV61pUKg15Fphxxqo020s_GuGoerB4rxFnRrFeK4UFmo5Ih1mw%26google_hm%3D%5BUID%5D&google_gid=CAESEIENc5bLtoW3UiC8wrEougA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQ6j5YP_Y4mNtvLzFH2QT3lgi_EdQFn_goXFqcdYzRMyZ-KyV61pUKg15Fphxxqo020s_GuGoerB4rxFnRrFeK4UFmo5Ih1mw&google_hm=3bb026b2-0a9f-4413-b17a-1b2d9b98551f

Request Chain 362

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEAZ2565kR2qfG1gUnW9deqs&google_cver=1&google_push=AXcoOmRdbh3VZtKlabYol3F7kC8ehAJcxv5vUOVdd6mcKLGS9PdS-RagDuHPHhxsskewICs_dTAOpCgSGssOcXf9uruO29f-PF7Iog HTTP 302
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEAZ2565kR2qfG1gUnW9deqs&google_push=AXcoOmRdbh3VZtKlabYol3F7kC8ehAJcxv5vUOVdd6mcKLGS9PdS-RagDuHPHhxsskewICs_dTAOpCgSGssOcXf9uruO29f-PF7Iog&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRdbh3VZtKlabYol3F7kC8ehAJcxv5vUOVdd6mcKLGS9PdS-RagDuHPHhxsskewICs_dTAOpCgSGssOcXf9uruO29f-PF7Iog&google_hm=NGRSY2FnOUowWkZfYUl0QjYzMTQ=

Request Chain 363

https://trace.mediago.io/cs/google?google_gid=CAESEHqUPaYG2mFgT2kISeD0xSM&google_cver=1&google_push=AXcoOmQVvLGQt-1mwm6-O_0W9JZvMTiKCm_T2fnNyUKjU6ja8SDki1GL703GZbVvDsv1yTSZU7ntx7au92cTPAX9sr5TcJ9I5t1ADdc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQVvLGQt-1mwm6-O_0W9JZvMTiKCm_T2fnNyUKjU6ja8SDki1GL703GZbVvDsv1yTSZU7ntx7au92cTPAX9sr5TcJ9I5t1ADdc&google_hm=f34e9699a6bb4ca716kltk00loxsu8cf

Request Chain 364

https://sync.gonet-ads.com/match/google?google_gid=CAESEHjLwtZLJf0LEm1lhx6PE8E&google_cver=1&google_push=AXcoOmR6SNw94mqKesn7s6gBXaoDv5VnD15kfetqTd8Ux6xrRrVP_lEhVWoMdRtUecq4knx-92aDHiKL0ZbjnG7hui_xkV3dhKnXh88 HTTP 302
https://sync.gonet-ads.com/match/google?google_gid=CAESEHjLwtZLJf0LEm1lhx6PE8E&google_cver=1&google_push=AXcoOmR6SNw94mqKesn7s6gBXaoDv5VnD15kfetqTd8Ux6xrRrVP_lEhVWoMdRtUecq4knx-92aDHiKL0ZbjnG7hui_xkV3dhKnXh88&chk=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=N2VhMTNlMTEzY2MyMWQ3MA&google_push=AXcoOmR6SNw94mqKesn7s6gBXaoDv5VnD15kfetqTd8Ux6xrRrVP_lEhVWoMdRtUecq4knx-92aDHiKL0ZbjnG7hui_xkV3dhKnXh88

Request Chain 372

https://um.simpli.fi/gp_match?google_gid=CAESEB27WBbC6lD_LKQ6J07Zt_s&google_cver=1&google_push=AXcoOmSV8P4DBRWUAmkWcgO0kqWGGm01_1rMxxWXj9G1_NB1cmbZd_3xPve9CYREfPhKaaUXTWOLj8ltwfwF1e91HVFxVgBUjmtf HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=04B56E68EEFA4867A23538639895A5F4&google_push=AXcoOmSV8P4DBRWUAmkWcgO0kqWGGm01_1rMxxWXj9G1_NB1cmbZd_3xPve9CYREfPhKaaUXTWOLj8ltwfwF1e91HVFxVgBUjmtf

Request Chain 373

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENW2LuUOeLtri2cfG748aJQ&google_cver=1&google_push=AXcoOmRANOboi5Iv2fhRu7njtoDBoxmKCJk3dAAfNiYZGbec8RkBhOn9rY2FW076THrbkHBtn00dU_HSpdQROVUjU9Nj2Ac0EJ8 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENW2LuUOeLtri2cfG748aJQ&google_cver=1&google_push=AXcoOmRANOboi5Iv2fhRu7njtoDBoxmKCJk3dAAfNiYZGbec8RkBhOn9rY2FW076THrbkHBtn00dU_HSpdQROVUjU9Nj2Ac0EJ8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRANOboi5Iv2fhRu7njtoDBoxmKCJk3dAAfNiYZGbec8RkBhOn9rY2FW076THrbkHBtn00dU_HSpdQROVUjU9Nj2Ac0EJ8&google_hm=ECZOh3ijRmmSvGkQe9W54w==

Request Chain 374

https://d5p.de17a.com/cookies/google?google_gid=CAESEMh3RrLUjzU9Dxh0JkREAQk&google_cver=1&google_push=AXcoOmQioxFIVWefCdBE6Tjj91CNbjL3W3if3Y7r24J_sXFfOJ_WU9Qdvd7m4ByYmJugDsi5WKJQLahs6qm19IcEZ4mCQUMkgmXI HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMh3RrLUjzU9Dxh0JkREAQk&google_cver=1&google_push=AXcoOmQioxFIVWefCdBE6Tjj91CNbjL3W3if3Y7r24J_sXFfOJ_WU9Qdvd7m4ByYmJugDsi5WKJQLahs6qm19IcEZ4mCQUMkgmXI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQioxFIVWefCdBE6Tjj91CNbjL3W3if3Y7r24J_sXFfOJ_WU9Qdvd7m4ByYmJugDsi5WKJQLahs6qm19IcEZ4mCQUMkgmXI

Request Chain 375

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPzZEbubelPxHvIaNVtiKrw&google_cver=1&google_push=AXcoOmQ-UA2cfqCyM8E3rRU77AElZndnsAovxXwhwdX34oK66kjyxM9xffIHephSKueDJeNCXKKQpIi_rWJZt75YZ76B2Rd5zbs HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPzZEbubelPxHvIaNVtiKrw&google_cver=1&google_push=AXcoOmQ-UA2cfqCyM8E3rRU77AElZndnsAovxXwhwdX34oK66kjyxM9xffIHephSKueDJeNCXKKQpIi_rWJZt75YZ76B2Rd5zbs&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aOGwZNJ8S_Wi-QudT_iWDw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQ-UA2cfqCyM8E3rRU77AElZndnsAovxXwhwdX34oK66kjyxM9xffIHephSKueDJeNCXKKQpIi_rWJZt75YZ76B2Rd5zbs

Request Chain 376

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_cver=1&google_push=AXcoOmTMFVHudmZV2NQR3HncWTS4LY1Xutr7PsiSSXLX4nBP1UrZfhq_KWN7KvAUDuxKiiMg3gyt2feiylpsgW7NGq1aPorF6EA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_push=AXcoOmTMFVHudmZV2NQR3HncWTS4LY1Xutr7PsiSSXLX4nBP1UrZfhq_KWN7KvAUDuxKiiMg3gyt2feiylpsgW7NGq1aPorF6EA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_hm=ZVLvXdOQZHukhhGRsBecegAABLcAAAAB&google_nid=index&google_push=AXcoOmTMFVHudmZV2NQR3HncWTS4LY1Xutr7PsiSSXLX4nBP1UrZfhq_KWN7KvAUDuxKiiMg3gyt2feiylpsgW7NGq1aPorF6EA

Request Chain 377

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmT6ED_vDMP-50sT2Mi6P4Fz_30hh1EglpicNUyO-0y3K06jPX1JRhZOQWpfcglFhfJoU3d2bT6oeP_98DF9ZmgeGv6mNXY%26google_hm%3D%5BUID%5D&google_gid=CAESEIENc5bLtoW3UiC8wrEougA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmT6ED_vDMP-50sT2Mi6P4Fz_30hh1EglpicNUyO-0y3K06jPX1JRhZOQWpfcglFhfJoU3d2bT6oeP_98DF9ZmgeGv6mNXY&google_hm=d11c3103-dc29-4b6d-9c06-9c626751255f

Request Chain 378

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGKjrsYcU5y2zsXq78KwJXw&google_cver=1&google_push=AXcoOmTtbGr3EQ5ytBPymc6lpqOfNGDGh1_FL3GLovBQK-M4qvwMyA7MvYM4st9jYhIhaC874oSONdIWEg7mIHgZ1DvRwMxfpwsb HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTtbGr3EQ5ytBPymc6lpqOfNGDGh1_FL3GLovBQK-M4qvwMyA7MvYM4st9jYhIhaC874oSONdIWEg7mIHgZ1DvRwMxfpwsb&google_gid=CAESEGKjrsYcU5y2zsXq78KwJXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkzMzAwMDk5ODE2MTc0Nzg5NzM2OA%3D%3D&google_push=AXcoOmTtbGr3EQ5ytBPymc6lpqOfNGDGh1_FL3GLovBQK-M4qvwMyA7MvYM4st9jYhIhaC874oSONdIWEg7mIHgZ1DvRwMxfpwsb

Request Chain 380

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENW2LuUOeLtri2cfG748aJQ&google_cver=1&google_push=AXcoOmTaV9txLM6UDdH5ywcibD9rbsXoxgNDa9um_4O9AkE9wUdk9fs4KlDyv0Rjq13_lshucvhE1zQ0EKKU3ffJ9XLwLDMabYqR HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENW2LuUOeLtri2cfG748aJQ&google_cver=1&google_push=AXcoOmTaV9txLM6UDdH5ywcibD9rbsXoxgNDa9um_4O9AkE9wUdk9fs4KlDyv0Rjq13_lshucvhE1zQ0EKKU3ffJ9XLwLDMabYqR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTaV9txLM6UDdH5ywcibD9rbsXoxgNDa9um_4O9AkE9wUdk9fs4KlDyv0Rjq13_lshucvhE1zQ0EKKU3ffJ9XLwLDMabYqR&google_hm=Pn3WGXYWRfaW3LQkbKJEWA==

Request Chain 381

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTXFJsrwz5T0NKI0q_5eqR1grMBmHwsiFuY-YwA40zhTqzmXKBu4EWG0hEKA56s-JgDDH7SL-IvtgP9S2roD3Fqn89OTs4&google_gid=CAESEEnrek-lxJdbos7bWUDXAqI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-lqVQ_WdwpTYEUw9FpYyhdFOgK0awIDkhKA70hQ&google_push=AXcoOmTXFJsrwz5T0NKI0q_5eqR1grMBmHwsiFuY-YwA40zhTqzmXKBu4EWG0hEKA56s-JgDDH7SL-IvtgP9S2roD3Fqn89OTs4

Request Chain 382

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPzZEbubelPxHvIaNVtiKrw&google_cver=1&google_push=AXcoOmQXhL3rptoPSD57z94qxx7OzkwNHWw1W8xRamAV8MRk8uhSsa0xrsrYH4_veUCspU6BQqJAMPAIbwT_32bWim2ODrJkEhq1 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPzZEbubelPxHvIaNVtiKrw&google_cver=1&google_push=AXcoOmQXhL3rptoPSD57z94qxx7OzkwNHWw1W8xRamAV8MRk8uhSsa0xrsrYH4_veUCspU6BQqJAMPAIbwT_32bWim2ODrJkEhq1&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nbRp9Ch7SaCCfLfzk1i_WA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQXhL3rptoPSD57z94qxx7OzkwNHWw1W8xRamAV8MRk8uhSsa0xrsrYH4_veUCspU6BQqJAMPAIbwT_32bWim2ODrJkEhq1

Request Chain 383

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_cver=1&google_push=AXcoOmRuvktECRJdmFBebY4z0_na5Wnf7AtwZTCtYopYiUlsabkiKFQ6nyGgyZcMHB2zYOaOUWaw16vkb6mxcAxbeTww9MPUHNSy HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_push=AXcoOmRuvktECRJdmFBebY4z0_na5Wnf7AtwZTCtYopYiUlsabkiKFQ6nyGgyZcMHB2zYOaOUWaw16vkb6mxcAxbeTww9MPUHNSy&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_hm=ZVLvXf6gEsRT6ZwT9PMEHwAAFJ8AAAIB&google_nid=index&google_push=AXcoOmRuvktECRJdmFBebY4z0_na5Wnf7AtwZTCtYopYiUlsabkiKFQ6nyGgyZcMHB2zYOaOUWaw16vkb6mxcAxbeTww9MPUHNSy

Request Chain 384

https://ads.yieldmo.com/exptsync?google_gid=CAESEOru4RPDbZ2M2wlmPrXjEWk&google_cver=1&google_push=AXcoOmTtiUquCQnJqEYbTZklj7O9TigYBHqz_zhIABuLrf6vfL0RJDp6Vk-a-rFB588kUot2Ci3OXs-Fo-hu59wKcB0TwJTkGZBl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTtiUquCQnJqEYbTZklj7O9TigYBHqz_zhIABuLrf6vfL0RJDp6Vk-a-rFB588kUot2Ci3OXs-Fo-hu59wKcB0TwJTkGZBl&google_hm=M0ZpWjRwcGpqTHBVSnl1NUd3b2g=

Request Chain 385

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEFZEIw9RBJ2ekx5WwCUDaU&google_cver=1&google_push=AXcoOmRvdRhWP8HjQoTvbE3Wi6yFEs9Nb68EG59o2z7TuFT0-irD6cTD56woaQnn7AggkkaDXM_uUIeaWBapaNgkE5zs79daxUM HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRvdRhWP8HjQoTvbE3Wi6yFEs9Nb68EG59o2z7TuFT0-irD6cTD56woaQnn7AggkkaDXM_uUIeaWBapaNgkE5zs79daxUM&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1699934045385 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-f48bb6d9-94ab-4124-9dd7-d07e497ee5cf-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRvdRhWP8HjQoTvbE3Wi6yFEs9Nb68EG59o2z7TuFT0-irD6cTD56woaQnn7AggkkaDXM_uUIeaWBapaNgkE5zs79daxUM%26google_hm%3DA_SLttmUq0EkndfQfkl-5c8

Request Chain 386

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGKjrsYcU5y2zsXq78KwJXw&google_cver=1&google_push=AXcoOmS62OehRLCIvkttKP2WO3yBq5Y6Tj2AOqTaZX8wMsW0ejM-S4kV5UTq72LOclgbwax80a9okaEP3N1N4A2EMif3pzUkIUQg HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmS62OehRLCIvkttKP2WO3yBq5Y6Tj2AOqTaZX8wMsW0ejM-S4kV5UTq72LOclgbwax80a9okaEP3N1N4A2EMif3pzUkIUQg&google_gid=CAESEGKjrsYcU5y2zsXq78KwJXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk1OTU0NzU2ODM3MjA4ODIyMjUy&google_push=AXcoOmS62OehRLCIvkttKP2WO3yBq5Y6Tj2AOqTaZX8wMsW0ejM-S4kV5UTq72LOclgbwax80a9okaEP3N1N4A2EMif3pzUkIUQg

Request Chain 388

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENW2LuUOeLtri2cfG748aJQ&google_cver=1&google_push=AXcoOmSdAqRjpRkCsK7Qe5SMoZoKuwJvjyR3QrpE-7xKLGLhXr833fAsuJ55QcMAYEwo0aAFYtfkSZote601T0P-jg2pNYAPIJaIAg HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENW2LuUOeLtri2cfG748aJQ&google_cver=1&google_push=AXcoOmSdAqRjpRkCsK7Qe5SMoZoKuwJvjyR3QrpE-7xKLGLhXr833fAsuJ55QcMAYEwo0aAFYtfkSZote601T0P-jg2pNYAPIJaIAg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSdAqRjpRkCsK7Qe5SMoZoKuwJvjyR3QrpE-7xKLGLhXr833fAsuJ55QcMAYEwo0aAFYtfkSZote601T0P-jg2pNYAPIJaIAg&google_hm=S-Ho14mrTNqSiEQb47a2rA==

Request Chain 389

https://d5p.de17a.com/cookies/google?google_gid=CAESEMh3RrLUjzU9Dxh0JkREAQk&google_cver=1&google_push=AXcoOmTdnGJp_TZzLDHOK_rwTPJcrbyVyaG4our_AAGxeXTeFNUgha3mUPwhuhCi1uyXBSOkd30P1bJ3u9ykzDIPhfdPRUSAC8RxeA HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMh3RrLUjzU9Dxh0JkREAQk&google_cver=1&google_push=AXcoOmTdnGJp_TZzLDHOK_rwTPJcrbyVyaG4our_AAGxeXTeFNUgha3mUPwhuhCi1uyXBSOkd30P1bJ3u9ykzDIPhfdPRUSAC8RxeA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTdnGJp_TZzLDHOK_rwTPJcrbyVyaG4our_AAGxeXTeFNUgha3mUPwhuhCi1uyXBSOkd30P1bJ3u9ykzDIPhfdPRUSAC8RxeA

Request Chain 390

https://ads.yieldmo.com/exptsync?google_gid=CAESEOru4RPDbZ2M2wlmPrXjEWk&google_cver=1&google_push=AXcoOmTgGtmHM6DJZpY523WuC9Io4WX42krNmBLKyYOdPodVdoKDqEjnczB6FEelVo6fNqhEvyW1FAbMlsmWAld1lqLhx5dyoG-X6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTgGtmHM6DJZpY523WuC9Io4WX42krNmBLKyYOdPodVdoKDqEjnczB6FEelVo6fNqhEvyW1FAbMlsmWAld1lqLhx5dyoG-X6A&google_hm=M0ZpWjRwcGpqTHBVSnl1NUd3b2g=

Request Chain 391

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEFZEIw9RBJ2ekx5WwCUDaU&google_cver=1&google_push=AXcoOmQU37Y9fshYQNgZ476__O489BUYPwo2Wlq2l4zqTjh5TEfDkN71ZNo0nWSPGgS9RDfnLzlkBUP0qkFCpronIoxA_Ym1iPr3Xw HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQU37Y9fshYQNgZ476__O489BUYPwo2Wlq2l4zqTjh5TEfDkN71ZNo0nWSPGgS9RDfnLzlkBUP0qkFCpronIoxA_Ym1iPr3Xw&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1699934045385 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-49f0d173-dc87-44c4-9c95-b0a58e0c5e16-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQU37Y9fshYQNgZ476__O489BUYPwo2Wlq2l4zqTjh5TEfDkN71ZNo0nWSPGgS9RDfnLzlkBUP0qkFCpronIoxA_Ym1iPr3Xw%26google_hm%3DA0nw0XPch0TEnJWwpY4MXhY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQU37Y9fshYQNgZ476__O489BUYPwo2Wlq2l4zqTjh5TEfDkN71ZNo0nWSPGgS9RDfnLzlkBUP0qkFCpronIoxA_Ym1iPr3Xw&google_hm=A0nw0XPch0TEnJWwpY4MXhY

Request Chain 392

https://cs.media.net/cksync?type=g&google_gid=CAESENDVyt-jr9Jo1erqLbHAGck&google_cver=1&google_push=AXcoOmRRd47Rd70Qi5I1WyKfSqU1s3lr4SAUBJUzSOulnR17b3styihmCBHsuE9BUlQooBNw_rYD1fLH2Q7MeS9Hx6SxzeZewc9d HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyOTM1NjQ1Njg2MjkwNTAwMFYxMA%3d%3d&mn_hm=MzQyOTM1NjQ1Njg2MjkwNTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRRd47Rd70Qi5I1WyKfSqU1s3lr4SAUBJUzSOulnR17b3styihmCBHsuE9BUlQooBNw_rYD1fLH2Q7MeS9Hx6SxzeZewc9d&gdpr=&gdpr_consent=

Request Chain 394

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEH4Wrk9vFcJ_s4bE-L7lejc&google_cver=1&google_push=AXcoOmRU7ciqy9avUh7EFB6SCVbOQVZhB315Royb75pBqQqlbFASq-rLcT3d3fbTZee415VM4wf4VUl2OXHlhqgLGl1ZCWZu73IJrPI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi8v3BNETZfOPkMGbNClPof-nF2Ul09D4iQ&google_push=AXcoOmRU7ciqy9avUh7EFB6SCVbOQVZhB315Royb75pBqQqlbFASq-rLcT3d3fbTZee415VM4wf4VUl2OXHlhqgLGl1ZCWZu73IJrPI HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 411

https://um.simpli.fi/gp_match?google_gid=CAESEB27WBbC6lD_LKQ6J07Zt_s&google_cver=1&google_push=AXcoOmTQIRVv--sYT78AaL0ZyGlznKS8tlsbeSEjR9CD_h_1ogtBIgeTHPxHcFiT-oPr2h-YpWYanLOA5amr0otazvK3bJtYl83miQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7981F128CF754E1F90A6E0B7231F5862&google_push=AXcoOmTQIRVv--sYT78AaL0ZyGlznKS8tlsbeSEjR9CD_h_1ogtBIgeTHPxHcFiT-oPr2h-YpWYanLOA5amr0otazvK3bJtYl83miQ

Request Chain 412

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRj3NQ215m4jNnkZCuaoKKsrqHXDuYEnZu7rxdtnfw0Hit7zMNCafTm4xxjUvFYY3oriDRAGqMTMeZ0EQSDS6Ey9eVyqMTJkA&google_gid=CAESEEnrek-lxJdbos7bWUDXAqI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-lqVQ_WdwpTYEUw9FpYyhdFOgK0awIDkhKA70hQ&google_push=AXcoOmRj3NQ215m4jNnkZCuaoKKsrqHXDuYEnZu7rxdtnfw0Hit7zMNCafTm4xxjUvFYY3oriDRAGqMTMeZ0EQSDS6Ey9eVyqMTJkA

Request Chain 413

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPzZEbubelPxHvIaNVtiKrw&google_cver=1&google_push=AXcoOmQIHakJXQ2UPGgbCyOgnbC7Vx8HG1K6LMX5u4u_d-9BTmC-4RwGTOA8g0y9qEzF1jhdiksZi9fKNXZjSKMOoE0LrCcEKoEXpg HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPzZEbubelPxHvIaNVtiKrw&google_cver=1&google_push=AXcoOmQIHakJXQ2UPGgbCyOgnbC7Vx8HG1K6LMX5u4u_d-9BTmC-4RwGTOA8g0y9qEzF1jhdiksZi9fKNXZjSKMOoE0LrCcEKoEXpg&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Lc8Yitm_Rxaeo-UZKdoTHw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQIHakJXQ2UPGgbCyOgnbC7Vx8HG1K6LMX5u4u_d-9BTmC-4RwGTOA8g0y9qEzF1jhdiksZi9fKNXZjSKMOoE0LrCcEKoEXpg

Request Chain 414

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_cver=1&google_push=AXcoOmQzvFzEpl441bgqUAabtcwVDZ7crEPpswghdCSikr4uem8OHa4f1e_Xmf2kM7JkJy4-NjSFg-ExxHmG_JZbbtX-_7vrO7TFrg HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_push=AXcoOmQzvFzEpl441bgqUAabtcwVDZ7crEPpswghdCSikr4uem8OHa4f1e_Xmf2kM7JkJy4-NjSFg-ExxHmG_JZbbtX-_7vrO7TFrg&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_hm=ZVLvXdhlxa_jmfJ1_BzSSgAACF4AAAIB&google_nid=index&google_push=AXcoOmQzvFzEpl441bgqUAabtcwVDZ7crEPpswghdCSikr4uem8OHa4f1e_Xmf2kM7JkJy4-NjSFg-ExxHmG_JZbbtX-_7vrO7TFrg

Request Chain 415

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEFZEIw9RBJ2ekx5WwCUDaU&google_cver=1&google_push=AXcoOmRqdL1_dzzqVXtM5Zp5Iv2WSgOJtqMofKvFlrlaTKgnAMZYNQIp6ouPTDSzaB7WdZ7TJ7TrStRaHO2KhTyPC_6E-_uvQZLL HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRqdL1_dzzqVXtM5Zp5Iv2WSgOJtqMofKvFlrlaTKgnAMZYNQIp6ouPTDSzaB7WdZ7TJ7TrStRaHO2KhTyPC_6E-_uvQZLL&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1699934045385 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-49f0d173-dc87-44c4-9c95-b0a58e0c5e16-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRqdL1_dzzqVXtM5Zp5Iv2WSgOJtqMofKvFlrlaTKgnAMZYNQIp6ouPTDSzaB7WdZ7TJ7TrStRaHO2KhTyPC_6E-_uvQZLL%26google_hm%3DA0nw0XPch0TEnJWwpY4MXhY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRqdL1_dzzqVXtM5Zp5Iv2WSgOJtqMofKvFlrlaTKgnAMZYNQIp6ouPTDSzaB7WdZ7TJ7TrStRaHO2KhTyPC_6E-_uvQZLL&google_hm=A0nw0XPch0TEnJWwpY4MXhY

Request Chain 416

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGKjrsYcU5y2zsXq78KwJXw&google_cver=1&google_push=AXcoOmTI3W2xpe3uEc25ezKvhBAQyz62pdGLJX5LlMSfLMvLYp0Wcy9QVnmXaMBvfgCvqENqWFueVWd2TtxrLKTZ-mVZof4wym_M HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTI3W2xpe3uEc25ezKvhBAQyz62pdGLJX5LlMSfLMvLYp0Wcy9QVnmXaMBvfgCvqENqWFueVWd2TtxrLKTZ-mVZof4wym_M&google_gid=CAESEGKjrsYcU5y2zsXq78KwJXw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ1NDMxNDI0MDEzNTQ1NDcxNDI5Mw%3D%3D&google_push=AXcoOmTI3W2xpe3uEc25ezKvhBAQyz62pdGLJX5LlMSfLMvLYp0Wcy9QVnmXaMBvfgCvqENqWFueVWd2TtxrLKTZ-mVZof4wym_M

Request Chain 428

https://um.simpli.fi/gp_match?google_gid=CAESEB27WBbC6lD_LKQ6J07Zt_s&google_cver=1&google_push=AXcoOmS3kfLj_IoTc2wK0S1DQvdm0mk57g-ccRJgiMLhzqxd2e6DkD4BHopEoQZdH-0ZPdBKJSzuffiF2_tmNFo3qVH2NSOJXtc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=17D08A2DF7414A398BBFF17AB51FD74A&google_push=AXcoOmS3kfLj_IoTc2wK0S1DQvdm0mk57g-ccRJgiMLhzqxd2e6DkD4BHopEoQZdH-0ZPdBKJSzuffiF2_tmNFo3qVH2NSOJXtc

Request Chain 429

https://d5p.de17a.com/cookies/google?google_gid=CAESEMh3RrLUjzU9Dxh0JkREAQk&google_cver=1&google_push=AXcoOmS3HveI-26vjKcR3OEWLiiLdYv91GNEc6otHBbqOjOKpHwaH-apEaKW2hGJvrAtPa8rbsJdfysbABJrz3V1ciYn7j-exVg HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMh3RrLUjzU9Dxh0JkREAQk&google_cver=1&google_push=AXcoOmS3HveI-26vjKcR3OEWLiiLdYv91GNEc6otHBbqOjOKpHwaH-apEaKW2hGJvrAtPa8rbsJdfysbABJrz3V1ciYn7j-exVg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmS3HveI-26vjKcR3OEWLiiLdYv91GNEc6otHBbqOjOKpHwaH-apEaKW2hGJvrAtPa8rbsJdfysbABJrz3V1ciYn7j-exVg

Request Chain 430

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPzZEbubelPxHvIaNVtiKrw&google_cver=1&google_push=AXcoOmROYt57LhVTY1YJZg5_h0-6ZT-GMYf2WKXyvi0gDf9wEei1s2bxvJRL8NAWd7gcKiDbA74LpjuXDI8RpIN4zhfzg5ylcfU HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPzZEbubelPxHvIaNVtiKrw&google_cver=1&google_push=AXcoOmROYt57LhVTY1YJZg5_h0-6ZT-GMYf2WKXyvi0gDf9wEei1s2bxvJRL8NAWd7gcKiDbA74LpjuXDI8RpIN4zhfzg5ylcfU&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SgVmX0MOS0eMZrMlYOCJlw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmROYt57LhVTY1YJZg5_h0-6ZT-GMYf2WKXyvi0gDf9wEei1s2bxvJRL8NAWd7gcKiDbA74LpjuXDI8RpIN4zhfzg5ylcfU

Request Chain 431

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_cver=1&google_push=AXcoOmR5lOrNWShJtoqb4bsmrh0GWG5mGCp2vB4q5d3xT2s4sezQUN1PhXVZgGUXTMsLbseLLpFhE3USxeSr_0pQR_0KPZw68fV8 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_push=AXcoOmR5lOrNWShJtoqb4bsmrh0GWG5mGCp2vB4q5d3xT2s4sezQUN1PhXVZgGUXTMsLbseLLpFhE3USxeSr_0pQR_0KPZw68fV8&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_hm=ZVLvXcWoY9-Lfjjl8kRqowAAFKYAAAIB&google_nid=index&google_push=AXcoOmR5lOrNWShJtoqb4bsmrh0GWG5mGCp2vB4q5d3xT2s4sezQUN1PhXVZgGUXTMsLbseLLpFhE3USxeSr_0pQR_0KPZw68fV8

Request Chain 432

https://ads.yieldmo.com/exptsync?google_gid=CAESEOru4RPDbZ2M2wlmPrXjEWk&google_cver=1&google_push=AXcoOmSmmc-wk9AqSqfdIsTFwPuOZ1YgzC18Ssx-dbhm9SoDl2G9yU5XCB3RgMnZpQbfrhKeDBpRsBRkg3pBWDWTvUlRLralaj4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSmmc-wk9AqSqfdIsTFwPuOZ1YgzC18Ssx-dbhm9SoDl2G9yU5XCB3RgMnZpQbfrhKeDBpRsBRkg3pBWDWTvUlRLralaj4&google_hm=M0ZpWjRwcGpqTHBVSnl1NUd3b2g=

Request Chain 433

https://cs.media.net/cksync?type=g&google_gid=CAESENDVyt-jr9Jo1erqLbHAGck&google_cver=1&google_push=AXcoOmRysJpiZYmm8vuUjPN3p2-EEz0MmPh6X5noUc-vJBU5SpfsU66ggUE3xaB5Ew8hhG8rQ2mhMS61d8mHtRJ_3JsXINvP0eeH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyOTM1NjQ1Njg2MjkyNDAwMFYxMA%3d%3d&mn_hm=MzQyOTM1NjQ1Njg2MjkyNDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRysJpiZYmm8vuUjPN3p2-EEz0MmPh6X5noUc-vJBU5SpfsU66ggUE3xaB5Ew8hhG8rQ2mhMS61d8mHtRJ_3JsXINvP0eeH&gdpr=&gdpr_consent=

Request Chain 434

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEH4Wrk9vFcJ_s4bE-L7lejc&google_cver=1&google_push=AXcoOmSjA-NLHQewqS1aaCcjK-kMHVKj1eAiPIJEBuMUTr99OwvCdDfKBDHZ0vtGqhnzFH67wSGMCoZCxFLE8FO63irVvWmzaYUW1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi8v3BTJRt9zD8Xb9gjRY80nVQ3UPVnDeAA&google_push=AXcoOmSjA-NLHQewqS1aaCcjK-kMHVKj1eAiPIJEBuMUTr99OwvCdDfKBDHZ0vtGqhnzFH67wSGMCoZCxFLE8FO63irVvWmzaYUW1A

Request Chain 442

https://a.tribalfusion.com/i.match?p=b6&u=CAESEA_c0SWOhZW1xoTmQkJNfRE&google_cver=1&google_push=AXcoOmR7SQTZ9WhvKqEVEIsMzDE_N-eMG3R8wGOwkm07DIHItQafwneMbunC3IkqJCw-0or4Xclt6IEAB8lDx2mDTFKb0vVvGQjk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR7SQTZ9WhvKqEVEIsMzDE_N-eMG3R8wGOwkm07DIHItQafwneMbunC3IkqJCw-0or4Xclt6IEAB8lDx2mDTFKb0vVvGQjk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEA_c0SWOhZW1xoTmQkJNfRE&google_cver=1&google_push=AXcoOmR7SQTZ9WhvKqEVEIsMzDE_N-eMG3R8wGOwkm07DIHItQafwneMbunC3IkqJCw-0or4Xclt6IEAB8lDx2mDTFKb0vVvGQjk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR7SQTZ9WhvKqEVEIsMzDE_N-eMG3R8wGOwkm07DIHItQafwneMbunC3IkqJCw-0or4Xclt6IEAB8lDx2mDTFKb0vVvGQjk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 443

https://d5p.de17a.com/cookies/google?google_gid=CAESEMh3RrLUjzU9Dxh0JkREAQk&google_cver=1&google_push=AXcoOmST6AZ7L8zuj_m0azuuJ7QubLXjm_z5rh4Tta1M_czhucJlQn8D8kmuHYdJZzju5uC7JSXmNimZHTApn9sr-kpuO99NSXGV HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMh3RrLUjzU9Dxh0JkREAQk&google_cver=1&google_push=AXcoOmST6AZ7L8zuj_m0azuuJ7QubLXjm_z5rh4Tta1M_czhucJlQn8D8kmuHYdJZzju5uC7JSXmNimZHTApn9sr-kpuO99NSXGV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmST6AZ7L8zuj_m0azuuJ7QubLXjm_z5rh4Tta1M_czhucJlQn8D8kmuHYdJZzju5uC7JSXmNimZHTApn9sr-kpuO99NSXGV

Request Chain 444

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQWtyprwiVNi105LOBTebLvWgkTnzErw0nJOUfdz7nKaFoXVcdiSDIIEbah1z4NW4dGbQZwwd-rLuuH90uaX_7Tso-905Fi&google_gid=CAESEEnrek-lxJdbos7bWUDXAqI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-lqVQ_WdwpTYEUw9FpYyhdFOgK0awIDkhKA70hQ&google_push=AXcoOmQWtyprwiVNi105LOBTebLvWgkTnzErw0nJOUfdz7nKaFoXVcdiSDIIEbah1z4NW4dGbQZwwd-rLuuH90uaX_7Tso-905Fi

Request Chain 445

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQdG1SW0Mm4RrzBkFil3CogzUksASE1U8W6-21ZWRUcJZsGfLHcK7jcqyfyEeFps6Owuh9S2guD7SiS856SSZYV9QeqBeo%26google_hm%3D%5BUID%5D&google_gid=CAESEIENc5bLtoW3UiC8wrEougA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQdG1SW0Mm4RrzBkFil3CogzUksASE1U8W6-21ZWRUcJZsGfLHcK7jcqyfyEeFps6Owuh9S2guD7SiS856SSZYV9QeqBeo&google_hm=45e33816-6768-4934-8029-a7cb8abe5f7c

Request Chain 446

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEFZEIw9RBJ2ekx5WwCUDaU&google_cver=1&google_push=AXcoOmQgDJvXL_R944rZLGis8JI8upr7jQUYEloDHtkM1uyza6K6NUh2zt2reR5dSiuvMbQgXCKr2taya8nRyVaqyY1u_fNo3t4 HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQgDJvXL_R944rZLGis8JI8upr7jQUYEloDHtkM1uyza6K6NUh2zt2reR5dSiuvMbQgXCKr2taya8nRyVaqyY1u_fNo3t4&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1699934045544 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-7542592c-1926-46fd-ad1d-2c5e41b4500e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQgDJvXL_R944rZLGis8JI8upr7jQUYEloDHtkM1uyza6K6NUh2zt2reR5dSiuvMbQgXCKr2taya8nRyVaqyY1u_fNo3t4%26google_hm%3DA3VCWSwZJkb9rR0sXkG0UA4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQgDJvXL_R944rZLGis8JI8upr7jQUYEloDHtkM1uyza6K6NUh2zt2reR5dSiuvMbQgXCKr2taya8nRyVaqyY1u_fNo3t4&google_hm=A3VCWSwZJkb9rR0sXkG0UA4

Request Chain 447

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGKjrsYcU5y2zsXq78KwJXw&google_cver=1&google_push=AXcoOmRtoG-YAXRpRP17zTMpnLw6XnPI8A8F6iN7hu3UgTDaabaPH0dhrUTpVmOcr-6L3IiJmlkoEKRE8MXV1x7Dl2Iv5vLMwRSW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk1OTU0NzU2ODM3MjA4ODIyMjUy&google_push=AXcoOmRtoG-YAXRpRP17zTMpnLw6XnPI8A8F6iN7hu3UgTDaabaPH0dhrUTpVmOcr-6L3IiJmlkoEKRE8MXV1x7Dl2Iv5vLMwRSW

Request Chain 448

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEH4Wrk9vFcJ_s4bE-L7lejc&google_cver=1&google_push=AXcoOmQUUQKEyVKKBvseus0F_yymDs9xt6mTj-i5Xh_K73s0h6ByfiEbo8IqEesExxFBvI7JAquqYhV4-yPRPgtUwJWTwlh__qkD5w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi8v3BWQqLMpQrzeNTs1Ye42NfK7oQoxQqA&google_push=AXcoOmQUUQKEyVKKBvseus0F_yymDs9xt6mTj-i5Xh_K73s0h6ByfiEbo8IqEesExxFBvI7JAquqYhV4-yPRPgtUwJWTwlh__qkD5w

Request Chain 451

https://um.simpli.fi/gp_match?google_gid=CAESEB27WBbC6lD_LKQ6J07Zt_s&google_cver=1&google_push=AXcoOmRroCSgQTX5zwpPrRquYjkP0iZvM_n2zHZaCheB09aeJrig1ahuyRtMSP61vAhhCuyQrzvLxQeJTaqSHryemI0zlB01mfGrRQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B21E19D074A64BA496E7CBBE5241FE74&google_push=AXcoOmRroCSgQTX5zwpPrRquYjkP0iZvM_n2zHZaCheB09aeJrig1ahuyRtMSP61vAhhCuyQrzvLxQeJTaqSHryemI0zlB01mfGrRQ

Request Chain 452

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENW2LuUOeLtri2cfG748aJQ&google_cver=1&google_push=AXcoOmQLIlKEbsLIQQEXdSEH6Paa_pozpbP8VOVB0B4oCMHQBq5Z_JzHOag_XN95YP8R_rloT8waaHIteuToQ7IsJbqdgUgz1Eumng HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENW2LuUOeLtri2cfG748aJQ&google_cver=1&google_push=AXcoOmQLIlKEbsLIQQEXdSEH6Paa_pozpbP8VOVB0B4oCMHQBq5Z_JzHOag_XN95YP8R_rloT8waaHIteuToQ7IsJbqdgUgz1Eumng HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQLIlKEbsLIQQEXdSEH6Paa_pozpbP8VOVB0B4oCMHQBq5Z_JzHOag_XN95YP8R_rloT8waaHIteuToQ7IsJbqdgUgz1Eumng&google_hm=HDCQVU2GSqKEaLdqv5ypNQ==

Request Chain 453

https://ads.yieldmo.com/exptsync?google_gid=CAESEOru4RPDbZ2M2wlmPrXjEWk&google_cver=1&google_push=AXcoOmSzQN0FvSH93NOotdN04LcJvSSeYkjF9isEoYizJn53tJlkQ3sqwJePGJNf81C9FTNQHWl9SoZ_-MfOloJawtZr7NUMBKQt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSzQN0FvSH93NOotdN04LcJvSSeYkjF9isEoYizJn53tJlkQ3sqwJePGJNf81C9FTNQHWl9SoZ_-MfOloJawtZr7NUMBKQt&google_hm=M0ZpWjRwcGpqTHBVSnl1NUd3b2g=

Request Chain 454

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEFZEIw9RBJ2ekx5WwCUDaU&google_cver=1&google_push=AXcoOmQFjWkEJk4DIht83A3I5-7V7KVBma_UdBUPDifkPMrf8EU2c8M6SI8BFi7ZZrK2uKinnYuO0bsWzUtbq-PVHVV006fw3ud4tQ HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQFjWkEJk4DIht83A3I5-7V7KVBma_UdBUPDifkPMrf8EU2c8M6SI8BFi7ZZrK2uKinnYuO0bsWzUtbq-PVHVV006fw3ud4tQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1699934045610 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-ff666fc9-9e51-4ab4-8232-e75f66648025-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQFjWkEJk4DIht83A3I5-7V7KVBma_UdBUPDifkPMrf8EU2c8M6SI8BFi7ZZrK2uKinnYuO0bsWzUtbq-PVHVV006fw3ud4tQ%26google_hm%3DA_9mb8meUUq0gjLnX2ZkgCU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQFjWkEJk4DIht83A3I5-7V7KVBma_UdBUPDifkPMrf8EU2c8M6SI8BFi7ZZrK2uKinnYuO0bsWzUtbq-PVHVV006fw3ud4tQ&google_hm=A_9mb8meUUq0gjLnX2ZkgCU

Request Chain 455

https://cs.media.net/cksync?type=g&google_gid=CAESENDVyt-jr9Jo1erqLbHAGck&google_cver=1&google_push=AXcoOmQZJAEAOxSQ4PptbyH4_zGzEP2H-74h0MYpC2e7hAvgpJ3BVspQEAuzCfGUe12T5trYuLaQyjXZRMdrZgNXiJGXQ8nNpSF-HQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyOTM1NjQ1Njg2MjkzMzAwMFYxMA%3d%3d&mn_hm=MzQyOTM1NjQ1Njg2MjkzMzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQZJAEAOxSQ4PptbyH4_zGzEP2H-74h0MYpC2e7hAvgpJ3BVspQEAuzCfGUe12T5trYuLaQyjXZRMdrZgNXiJGXQ8nNpSF-HQ&gdpr=&gdpr_consent=

Request Chain 457

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEH4Wrk9vFcJ_s4bE-L7lejc&google_cver=1&google_push=AXcoOmRsMYctX1Kcuxtjdb06pRnS0Gw6DkOXZ4jcuIbLD13jwhLjiHfpGeuduGm1mCDzOXA3nNHwakt4R_q_feq4VBMpGS84PRE7iII HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi8v3BaXjJNIzanQTqx44fb3-2A6es-4vMQ&google_push=AXcoOmRsMYctX1Kcuxtjdb06pRnS0Gw6DkOXZ4jcuIbLD13jwhLjiHfpGeuduGm1mCDzOXA3nNHwakt4R_q_feq4VBMpGS84PRE7iII

Request Chain 461

https://um.simpli.fi/gp_match?google_gid=CAESEB27WBbC6lD_LKQ6J07Zt_s&google_cver=1&google_push=AXcoOmRUMKFhIyy8maBnXgpziNRZiRbq4wXl7JoLZD3mGmCV9eoZyzsJC-XlzCmGvHW6FY7ZlQYd6pLaoPOEAG47G9P02wLjN5ZDKQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3F2DCF0A817B43E895D550A0AF49F2FA&google_push=AXcoOmRUMKFhIyy8maBnXgpziNRZiRbq4wXl7JoLZD3mGmCV9eoZyzsJC-XlzCmGvHW6FY7ZlQYd6pLaoPOEAG47G9P02wLjN5ZDKQ

Request Chain 462

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRZ6rmLHbUcRSmato5c7QY9IjoTwdnD4-lXAeKv_woanpFPNWPZWwxIgjxOr6Z_M2eDgBWl74wKvOSo6BGeI71ffrkWT0_gmw&google_gid=CAESEEnrek-lxJdbos7bWUDXAqI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-lqVQ_WdwpTYEUw9FpYyhdFOgK0awIDkhKA70hQ&google_push=AXcoOmRZ6rmLHbUcRSmato5c7QY9IjoTwdnD4-lXAeKv_woanpFPNWPZWwxIgjxOr6Z_M2eDgBWl74wKvOSo6BGeI71ffrkWT0_gmw

Request Chain 463

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_cver=1&google_push=AXcoOmRmzX62k8UGQjEKH6xXxqSYCwsgEKu92YLpLsUuj4A_Pq2oIyepdVgRa9SgYd2DsVm4fC2ukCBsHAgUaygm_BTlFG_Qb1KS HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_hm=ZVLvXdOQZHukhhGRsBecegAABLcAAAAB&google_nid=index&google_push=AXcoOmRmzX62k8UGQjEKH6xXxqSYCwsgEKu92YLpLsUuj4A_Pq2oIyepdVgRa9SgYd2DsVm4fC2ukCBsHAgUaygm_BTlFG_Qb1KS

Request Chain 464

https://ads.yieldmo.com/exptsync?google_gid=CAESEOru4RPDbZ2M2wlmPrXjEWk&google_cver=1&google_push=AXcoOmT_cRKLosEKh0xLacfR3j6aBJLRRm7AivuhPoYEGCqJFAv0Ls4YLOU6SybYUacc1reZ2JvWdX50WpeftHsFRob1HFvwVjPd-w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmT_cRKLosEKh0xLacfR3j6aBJLRRm7AivuhPoYEGCqJFAv0Ls4YLOU6SybYUacc1reZ2JvWdX50WpeftHsFRob1HFvwVjPd-w&google_hm=M0ZpWjRwcGpqTHBVSnl1NUd3b2g=

Request Chain 465

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGKjrsYcU5y2zsXq78KwJXw&google_cver=1&google_push=AXcoOmSWrfA4_77I6_zRm0TcB_jf0lM1OyV9mzXb9Ytil3k1t6-ez4TIAE6cPkNpBZ4PylGl1j5YSl640cu3fnJv2y61S4dmB3KQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk1OTU0NzU2ODM3MjA4ODIyMjUy&google_push=AXcoOmSWrfA4_77I6_zRm0TcB_jf0lM1OyV9mzXb9Ytil3k1t6-ez4TIAE6cPkNpBZ4PylGl1j5YSl640cu3fnJv2y61S4dmB3KQ

Request Chain 466

https://cs.media.net/cksync?type=g&google_gid=CAESENDVyt-jr9Jo1erqLbHAGck&google_cver=1&google_push=AXcoOmRUEJihHRqfMB3wlHowVAFD9d5rNFUZuCpYr503dDUF5VdmEnTF8FxTaBlxpRauuPmfOZVPni65BPJjaBR_oGcOylRU83X9hQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyOTM1NjQ1Njg2Mjk0OTAwMFYxMA%3d%3d&mn_hm=MzQyOTM1NjQ1Njg2Mjk0OTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRUEJihHRqfMB3wlHowVAFD9d5rNFUZuCpYr503dDUF5VdmEnTF8FxTaBlxpRauuPmfOZVPni65BPJjaBR_oGcOylRU83X9hQ&gdpr=&gdpr_consent=

Request Chain 476

https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy= HTTP 302
https://ads.yieldmo.com/v000/sync?userid=0fRreYpNWgjc&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0

Request Chain 477

https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3FiZ4ppjjLpUJyu5Gwoh HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3FiZ4ppjjLpUJyu5Gwoh

Request Chain 478

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
https://ads.yieldmo.com/sync?pn_id=rc&id=LOXSU8S0-1-A8KT

Request Chain 479

https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDJGODVCQjktQUU0MC00MkJGLThFMTAtNTI3NDhGMzAwMDg2&gdpr=-1&gdpr_consent=

Request Chain 480

https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fuserid%3D%24UID%26pn_id%3Dan HTTP 302
https://ads.yieldmo.com/v000/sync?userid=8149008930017261356&pn_id=an

Request Chain 482

https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3FiZ4ppjjLpUJyu5Gwoh&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3FiZ4ppjjLpUJyu5Gwoh&redir=true&verify=true

Request Chain 484

https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=5311750456

Request Chain 488

https://u.openx.net/w/1.0/cm?id=d4c5257e-828d-4b73-90b8-97929e02d6c9&r=https%3A%2F%2Fsync-openx.ads.yieldmo.com%2Fsync%3Fpn_id%3Dopenx%26id%3D HTTP 302
https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=c321ab4b-58a2-09c9-1aac-777b11273f60

Request Chain 490

https://dis.criteo.com/dis/usersync.aspx?r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=83f2cad0-9bea-4d6b-9a29-02ed6bc04996

Request Chain 491

https://x.bidswitch.net/sync?ssp=yieldmo HTTP 302
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=yieldmo&gdpr=&gdpr_consent=

Request Chain 496

https://c1.adform.net/serving/cookie/match?party=1283 HTTP 302
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=5759223980947758559

Request Chain 515

https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3FiZ4ppjjLpUJyu5Gwoh HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3FiZ4ppjjLpUJyu5Gwoh

Request Chain 516

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
https://ads.yieldmo.com/sync?pn_id=rc&id=LOXSU8V8-5-D4M1

Request Chain 518

https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fuserid%3D%24UID%26pn_id%3Dan HTTP 302
https://ads.yieldmo.com/v000/sync?userid=8149008930017261356&pn_id=an

Request Chain 520

https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0QwOTgxNEEtNDMyOC00MTU4LTlDQTQtRjk2NTM4MzNBQTg0&gdpr=-1&gdpr_consent=

Request Chain 521

https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=1309583805

Request Chain 522

https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy= HTTP 302
https://ads.yieldmo.com/v000/sync?userid=BxVZ4MqfSNQh&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0

Request Chain 524

https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3FiZ4ppjjLpUJyu5Gwoh&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3FiZ4ppjjLpUJyu5Gwoh&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58259&ovsid=3FiZ4ppjjLpUJyu5Gwoh&redir=true

Request Chain 526

https://dis.criteo.com/dis/usersync.aspx?r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=83f2cad0-9bea-4d6b-9a29-02ed6bc04996

Request Chain 527

https://u.openx.net/w/1.0/cm?id=d4c5257e-828d-4b73-90b8-97929e02d6c9&r=https%3A%2F%2Fsync-openx.ads.yieldmo.com%2Fsync%3Fpn_id%3Dopenx%26id%3D HTTP 302
https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=c321ab4b-58a2-09c9-1aac-777b11273f60

Request Chain 531

https://x.bidswitch.net/sync?ssp=yieldmo HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=yieldmo&bsw_custom_parameter=3e7dd619-7616-45f6-96dc-b4246ca24458&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 532

https://c1.adform.net/serving/cookie/match?party=1283 HTTP 302
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=5759223980947758559

Request Chain 546

https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDMxNUE1NUUtQjg3Qi00NzNBLThDNzEtNzYyNDA4RjEyMURC&gdpr=-1&gdpr_consent=

Request Chain 547

https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy= HTTP 302
https://ads.yieldmo.com/v000/sync?userid=ccOGRsGmkMiy&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0

Request Chain 548

https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fuserid%3D%24UID%26pn_id%3Dan HTTP 302
https://ads.yieldmo.com/v000/sync?userid=8149008930017261356&pn_id=an

Request Chain 549

https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=1858563272

Request Chain 552

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
https://ads.yieldmo.com/sync?pn_id=rc&id=LOXSU8VA-X-AF3C

Request Chain 554

https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3FiZ4ppjjLpUJyu5Gwoh HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3FiZ4ppjjLpUJyu5Gwoh

Request Chain 555

https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3FiZ4ppjjLpUJyu5Gwoh&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3FiZ4ppjjLpUJyu5Gwoh&redir=true&verify=true

Request Chain 558

https://dis.criteo.com/dis/usersync.aspx?r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=83f2cad0-9bea-4d6b-9a29-02ed6bc04996

Request Chain 560

https://u.openx.net/w/1.0/cm?id=d4c5257e-828d-4b73-90b8-97929e02d6c9&r=https%3A%2F%2Fsync-openx.ads.yieldmo.com%2Fsync%3Fpn_id%3Dopenx%26id%3D HTTP 302
https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=c321ab4b-58a2-09c9-1aac-777b11273f60

Request Chain 562

https://x.bidswitch.net/sync?ssp=yieldmo HTTP 302
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=yieldmo&bsw_user_id=${BSW_USER_UD}&bsw_param=1c309055-4d86-4aa2-8468-b76abf9ca935&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 572

https://c1.adform.net/serving/cookie/match?party=1283 HTTP 302
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=5759223980947758559

Request Chain 584

https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D4A05665F-430E-4B47-8C66-B32560E08997%26gdpr%3D-1%26gdpr_consent%3D HTTP 302
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=4A05665F-430E-4B47-8C66-B32560E08997&gdpr=-1&gdpr_consent=

Request Chain 587

https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
https://ads.yieldmo.com/v000/sync?userid=8149008930017261356&pn_id=an

Request Chain 588

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
https://ads.yieldmo.com/sync?pn_id=rc&id=LOXSU8ZL-17-70VY

Request Chain 589

https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3FiZ4ppjjLpUJyu5Gwoh&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3FiZ4ppjjLpUJyu5Gwoh&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58259&ovsid=3FiZ4ppjjLpUJyu5Gwoh&redir=true

Request Chain 590

https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=7246214971

Request Chain 592

https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy= HTTP 302
https://ads.yieldmo.com/v000/sync?userid=0fRreYpNWgjc&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0

Request Chain 595

https://dis.criteo.com/dis/usersync.aspx?r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=83f2cad0-9bea-4d6b-9a29-02ed6bc04996

Request Chain 597

https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1 HTTP 302
https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=2c5583f31e6a16e4&is_secure=true&networkId=42851&version=1

Request Chain 599

https://x.bidswitch.net/sync?ssp=yieldmo HTTP 302
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=yieldmo&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=yieldmo&gdpr=0&user_id=2ieEE4l0hETBdoMUiiqcQIkjiRPBKtBE3yQw3gdn

Request Chain 600

https://u.openx.net/w/1.0/cm?id=d4c5257e-828d-4b73-90b8-97929e02d6c9&r=https%3A%2F%2Fsync-openx.ads.yieldmo.com%2Fsync%3Fpn_id%3Dopenx%26id%3D HTTP 302
https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=c321ab4b-58a2-09c9-1aac-777b11273f60

Request Chain 602

https://csync.loopme.me/?pubid=11479&redirect=https%3A%2F%2Fads.yieldmo.com%2Fsync%3Fpn_id%3Dloopme%26id%3D%7Bviewer_token%7D HTTP 307
https://ads.yieldmo.com/sync?pn_id=loopme&id=d24b8f70-bf83-486f-975d-4e86f4a15cf9

Request Chain 604

https://contextual.media.net/cksync.php?cs=3&type=yld&ovsid=setstatuscode&redirect=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dmnt%26userid%3D%3Cvsid%3E HTTP 302
https://ads.yieldmo.com/v000/sync?pn_id=mnt&userid=0000EEA

Request Chain 605

https://c1.adform.net/serving/cookie/match?party=1283 HTTP 302
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=5759223980947758559

Request Chain 607

https://ssbsync.smartadserver.com/api/sync?callerId=71&gdpr=0&gdpr_consent= HTTP 302
https://sync-eq.ads.yieldmo.com/sync?pn_id=eq&id=6175204657591028361&gdpr=0&gdpr_consent=

Request Chain 608

https://b1sync.zemanta.com/usersync/yieldmo/?cb=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dz%26userid%3D__ZUID__ HTTP 302
https://ads.yieldmo.com/v000/sync?pn_id=z&userid=

Request Chain 637

https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=e4eac496473040b6c9da HTTP 302
https://sb.scorecardresearch.com/p2?c1=8&c2=18969557&ns_ap_it=b&rn=e4eac496473040b6c9da

Request Chain 648

https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=3ad8b06faab8fe0b2c3b HTTP 302
https://sb.scorecardresearch.com/p2?c1=8&c2=18969557&ns_ap_it=b&rn=3ad8b06faab8fe0b2c3b

Request Chain 660

https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=e2031714f412ec3bd9c8 HTTP 302
https://sb.scorecardresearch.com/p2?c1=8&c2=18969557&ns_ap_it=b&rn=e2031714f412ec3bd9c8

Request Chain 670

https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=6860cb33178d0b21ea23 HTTP 302
https://sb.scorecardresearch.com/p2?c1=8&c2=18969557&ns_ap_it=b&rn=6860cb33178d0b21ea23

Request Chain 812

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=328040E02AED482B898BAEFB512EFEA7&RedC=c.clarity.ms&MXFR=34CD861A198265E0046195D31D826BAB HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=328040E02AED482B898BAEFB512EFEA7&MUID=0BB02B6634AD6F113CDB38AF35F66E99

854 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
folkd.com/
Redirect Chain

https://www.folkd.com/submit/blog.probiotiv.com/top-10-high-fiber-food//
https://folkd.com/submit/blog.probiotiv.com/top-10-high-fiber-food//
https://folkd.com/submit/blog.probiotiv.com/top-10-high-fiber-food/
https://folkd.com/

17 KB
8 KB

815ms
814ms

Document
text/html

76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

2571002d747a1f1c5d0c199660607be42e54e6b564ed2115a6ec82cc1ffb060b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 825c4f735e491d9a-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Tue, 14 Nov 2023 03:53:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wVIBHH%2BXtq8bN%2ByUX5dLb8Y%2FqrqtdLhulzeVzUz3reetNPI67p08EUGsP4%2BOU2%2Fdzojp711IF8qw%2BOlD94rysD6RVaTqeEoBN9O8Dsim7I%2BWrS0phOqvJyzB%2BwO2Fl0Wnt0CdMr4vC6udmtRM5eMZTOXJ2eXPXTXz2YkDkRdsNyyksBag%3D%3D"}],"group":"cf-nel","max_age":604800}
server: Vercel
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-bubble-capacity-limit: 0 ms slower
x-bubble-capacity-used: 0.181 unit-seconds used
x-bubble-perf: {"total":209.4,"percents":{"top":{"bubble_cpu":37.4,"block":62.7,"capacity_rl":0,"other_pause":0,"pre_fiber":0.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":74.2,"appserver_cache_misses_time":0,"redis":67.1,"fiber_queue":5.4,"capacity_wait":2.1}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":9,"derived_cache_memory_misses":9,"serverjson":121,"appserver_cache_attempts":4,"appserver_mem_cache_hits":0,"appserver_cache_hits":4,"appserver_cache_misses":0,"redis":133,"fiber_queue":128,"blocks":127},"misc":{"userdb_results":1,"userdb_data":629,"spent_time":11732514}}
x-coalias-cache: MISS
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-vercel-id: fra1::s2mmp-1699934037005-9ee0c8aab935

Redirect headers

cache-control: no-store
cf-ray: 825c4f72bb7b6adc-FRA
content-length: 0
content-type: text/plain;charset=UTF-8
date: Tue, 14 Nov 2023 03:53:56 GMT
location: /
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrTk1wXid7simUGqaE%2FDN2NTCEd9CN6n%2FoSCeubA1IRBtAaU3qfS1Cdo37AMI6Eky0sc2IaBZ2zzsI7YCvMeZzAV7j7ojnHsyJhkPOpR9TftoBc%2FgyHpnhNObPIOGgwxzJO5njB6orzeT7nP22Nc4hu%2FKdoaRMQx%2FzttFJIa7Pb4TI1cFg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: Vercel
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-vercel-id: fra1::wp4j7-1699934036903-f1532817bb14

GET
H2 200 coalias_meta.js Show response
folkd.com/ 2 KB
1016 B 62ms
60ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/coalias_meta.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

63048d3da9b8ef24703db0cb353c4bec041d9acc3575b407755a5affda7eb9db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1:fra1:fra1::pvncg-1699934037829-58016c7326d6
age: 520742
etag: W/"162388d1b605b8c339e98419fcdfbb9d"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="coalias_meta.v1.min.js"

GET
H2 200 coalias_page_logic.js Show response
folkd.com/ 1 KB
741 B 60ms
59ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/coalias_page_logic.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

09fa48367ecdb31ccbb365e0428d3d7bd7f32f48890b84d2e6c6ab9d2b12e3f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1:fra1:fra1::s2mmp-1699934037830-1bfc9b3a74ba
age: 531570
etag: W/"c01471c249877474d63c6beba5d7cb51"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="coalias_page_logic.v1.min.js"

GET
H2 200 coalias_static_rewrite.js Show response
folkd.com/ 616 B
851 B 58ms
57ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/coalias_static_rewrite.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

18a847f8474bbd62b4a8e5d7fc404c2d3863b05bd4e940750f7bf3fb31c78430

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1:fra1:fra1::95ml5-1699934037829-f78c6b0ac2f3
age: 529651
etag: "142bd05e9b948e2640c9647c7734ee4b"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="coalias_static_rewrite.v1.min.js"
accept-ranges: bytes
content-length: 616

GET
H2 200 early.js Show response
folkd0612.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/ 24 KB
9 KB 455ms
51ms Script
application/javascript 104.16.203.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://folkd0612.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:58 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":12.6,"percents":{"top":{"bubble_cpu":35.6,"block":48,"capacity_rl":0,"other_pause":0,"pre_fiber":4.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":14,"fiber_queue":3.4,"capacity_wait":32.2}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":4,"fiber_queue":5,"blocks":4},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":675629}}
server: cloudflare
age: 531489
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.01 unit-seconds used
timing-allow-origin: *
cf-ray: 825c4f7af8272373-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 run.css
folkd0612.bubbleapps.io/package/run_css/569715a74d34116b109d04078ae8caebc599c2b374ae6cd41974e77a1ec5325e/folkd0612/live/index/xfalse/xfalse/ 628 KB
41 KB 452ms
58ms Stylesheet
text/css 104.16.203.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://folkd0612.bubbleapps.io/package/run_css/569715a74d34116b109d04078ae8caebc599c2b374ae6cd41974e77a1ec5325e/folkd0612/live/index/xfalse/xfalse/run.css
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b62e0fff7678b78322fac55b3db3ffa3f2c404dc9868831d65c1d0673c6d4faa

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:58 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":28.2,"percents":{"top":{"bubble_cpu":35.4,"block":60.9,"capacity_rl":0,"other_pause":0,"pre_fiber":2.6},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":63.9,"appserver_cache_misses_time":0,"redis":78.7,"fiber_queue":3.5,"capacity_wait":6.8}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":13,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":17,"fiber_queue":14,"blocks":13},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1497677}}
age: 7333
cf-polished: origSize=800298
x-powered-by: Express
x-bubble-capacity-used: 0.023 unit-seconds used
cf-bgj: minify
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 825c4f7b1eb624be-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 pre_run_jquery.js Show response
folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/ 88 KB
32 KB 424ms
52ms Script
application/javascript 104.16.203.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:58 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":7,"percents":{"top":{"bubble_cpu":23.7,"block":64.9,"capacity_rl":0,"other_pause":0,"pre_fiber":5.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":64.6,"fiber_queue":2,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":3,"fiber_queue":4,"blocks":3},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":248641}}
server: cloudflare
age: 531489
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.004 unit-seconds used
timing-allow-origin: *
cf-ray: 825c4f7af82c2373-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 run.js Show response
folkd0612.bubbleapps.io/package/run_js/d744d9d8f06c7c57f89ea68a3b63b39bf529105b403e5ee4150da0858fbc723d/xtrue/x21/ 4 MB
809 KB 439ms
68ms Script
application/javascript 104.16.203.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://folkd0612.bubbleapps.io/package/run_js/d744d9d8f06c7c57f89ea68a3b63b39bf529105b403e5ee4150da0858fbc723d/xtrue/x21/run.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fe9f681cb09a5b6660eb9868e72ea12b6dc1fc5f9c96ddb3a5ee5f6c6e098fbc

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:58 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":16.9,"percents":{"top":{"bubble_cpu":15.2,"block":71.2,"capacity_rl":0,"other_pause":0,"pre_fiber":5.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":11.4,"fiber_queue":3.5,"capacity_wait":13.8}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":4,"fiber_queue":7,"blocks":6},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":384073}}
server: cloudflare
age: 7332
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.006 unit-seconds used
timing-allow-origin: *
cf-ray: 825c4f7af82b2373-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 static.js Show response
folkd0612.bubbleapps.io/package/static_js/6d1582215e7236395305316b308cf031fcbcb3e42b0b37819aea172a1ea08302/folkd0612/live/index/xnull/xfalse/xfalse/xtrue/ 1 MB
128 KB 449ms
79ms Script
application/javascript 104.16.203.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://folkd0612.bubbleapps.io/package/static_js/6d1582215e7236395305316b308cf031fcbcb3e42b0b37819aea172a1ea08302/folkd0612/live/index/xnull/xfalse/xfalse/xtrue/static.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 448861b6b8131dd64ef98fb2736f97025ae210d97c046800b5dcc53f33875e44

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:58 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":41.8,"percents":{"top":{"bubble_cpu":67.6,"block":30.1,"capacity_rl":0,"other_pause":0,"pre_fiber":1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":90.9,"appserver_cache_misses_time":0,"redis":83.7,"fiber_queue":1.9,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":57,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":25,"fiber_queue":14,"blocks":13},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":4245884}}
server: cloudflare
age: 7333
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.065 unit-seconds used
timing-allow-origin: *
cf-ray: 825c4f7af8292373-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 dynamic.js Show response
folkd0612.bubbleapps.io/package/dynamic_js/6f60b96dbdc6461523f524553aae26d1e98c2d111f1b720aa9d0811d40f13cab/folkd0612/live/index/xnull/xfalse/xtrue/en_us/xfalse/xfalse/ 2 MB
211 KB 430ms
60ms Script
application/javascript 104.16.203.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://folkd0612.bubbleapps.io/package/dynamic_js/6f60b96dbdc6461523f524553aae26d1e98c2d111f1b720aa9d0811d40f13cab/folkd0612/live/index/xnull/xfalse/xtrue/en_us/xfalse/xfalse/dynamic.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: eccd397c246d4ecf65b5dec92e71c5df710a635346415da5ff36203f66045d20

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:58 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":15.5,"percents":{"top":{"bubble_cpu":58,"block":36,"capacity_rl":0,"other_pause":0,"pre_fiber":2.6},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":22.5,"appserver_cache_misses_time":0,"redis":31.4,"fiber_queue":2.4,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":5,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1352339}}
server: cloudflare
age: 413003
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.021 unit-seconds used
timing-allow-origin: *
cf-ray: 825c4f7af8282373-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 iziToast.min.css
cdnjs.cloudflare.com/ajax/libs/izitoast/1.4.0/css/ 41 KB
10 KB 461ms
62ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/izitoast/1.4.0/css/iziToast.min.css

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1052343
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9391
last-modified: Mon, 04 May 2020 16:11:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ebd-a221"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zP%2B62slItKSdU6mtLRnl7HJ%2FAkRCebgJ8taHxRLZ6lzRUiBn4uN5f5ELJUWKOhsJRbOpMOseExO8LO7AtHlMG3mS%2FC5GMMj%2F6ctrvAZu0NjvAuVWzkBzkIse%2FopF6Uz4LGpq0KnK"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 825c4f7b281524c4-ZRH
expires: Sun, 03 Nov 2024 03:53:58 GMT

GET
H2 200 iziToast.min.js Show response
cdnjs.cloudflare.com/ajax/libs/izitoast/1.4.0/js/ 18 KB
5 KB 466ms
68ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/izitoast/1.4.0/js/iziToast.min.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1039933
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4440
last-modified: Mon, 04 May 2020 16:11:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ebd-4836"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WvChPMXmzyQaQDTQKSkdbIR2HgPqgx8cm9g38Em948fc6bVOD1LiPp8wBGrTopsMpyPoGLTXVPoUe6m%2BfCAUvP5c3H5T6BHHSlzt%2Bvm8UEBoLTKuWPMGfMjD2bt0dZLFY0MYRvE7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 825c4f7b281624c4-ZRH
expires: Sun, 03 Nov 2024 03:53:58 GMT

GET
H2 200 openbuild.css
cdn.jsdelivr.net/gh/matmaz99/openbuild-core@latest/ 2 KB
1 KB 451ms
57ms Stylesheet
text/css 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/matmaz99/openbuild-core@latest/openbuild.css

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce658fec86c1f9a68dfdfcd3a26f13e51f5e6002c96fbfe1010b72810aa6bea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7333
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230124-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"610-Hhq7J7BAZ2hStZBftPx+L7C331g"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ZUou09roOWGD2Gin9k8xzj1FZRtokKdBYveUZZcfMHks3kBPEvDyGTmBsLolP9rju1wB9efZuNu1sXlDh8TZA3jZcPl1Wxwra5vJVySRwoTJcPp%2Fx%2B5tWOS1%2BZs2ttZY%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 825c4f7b195123f7-ZRH

GET
H2 200 xano.min.js Show response
cdn.jsdelivr.net/npm/@xano/js-sdk/dist/ 32 KB
10 KB 459ms
65ms Script
application/javascript 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

745097fdeb0ffd3d61c322f951065a79ea6cde580a5746b312028d2ab4995dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 18270
x-jsd-version: 1.0.21
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220060-FRA, cache-mxp6944-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"816c-y4fQWjEhnwuADXqNUiHMJJo4LgE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSNJv0WRyveb5eVIDfIXafMTBC0%2FZjhBPF%2BhUYAZc1Lxis%2Bfb0XLhC6C3sb9hXrRdI9njlLMULMWphe66te5bGE%2FgNR54AlM8bR0jLZ5HNMBTtmyr7NXGoiudUwCFI%2FZ2yg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 825c4f7b195323f7-ZRH

GET
H/1.1 200
OK 65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js Show response
monu.delivery/site/5/d/ 50 KB
13 KB 625ms
183ms Script
application/javascript 185.3.92.76
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.92.76 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: nb-185-3-92-76.tc.nodebalancer.linode.com
Software: nginx /
Resource Hash: 77d2830b02bef2b31aa6c4d7c3c903f1d82a48ad30acb8f846f1ff8944234a34

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:58 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPq3EiQPnltWKaqU0AeKAq6Hqn5GX21Ic_INgtJJxcpqLUHsB4vjJhFV13BPkhlRKc0lvtUYX4pQFA
transfer-encoding: chunked
x-cache: MISS
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
connection: close
server: nginx
vary: Accept-Encoding
x-goog-generation: 1699768473438498
content-type: application/javascript
x-goog-hash: crc32c=ogfUBw==, md5=aandzOSC7xyi0VSJefEgLA==
cache-control: max-age=7200
x-goog-stored-content-length: 50760
expires: Tue, 14 Nov 2023 05:53:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
80 KB 503ms
70ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7BR5TDFFPC

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d8c80da029f9aff8ec3c8553783c8b5558e978f7ca898fcec03247584d8371fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81146
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Nov 2023 03:53:59 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 552 KB
137 KB 204ms
60ms Script
text/javascript 108.138.7.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-13.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b2f9d40677eaea428eb387e6eddf9d171187e9a7a6fc23865fea6652a11f9a5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:27 GMT
content-encoding: br
via: 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 32
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
last-modified: Mon, 13 Nov 2023 21:47:08 GMT
server: Cloudfront
etag: W/"745e82fbcfeb5b677809d10fe5a0146a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: t9KlsNp_FSZxwnaQw4zzA8CThF6jV7CRGZP1-W7UV2N1gnO7Xd5V-w==

GET
H2 200 css
fonts.googleapis.com/ 20 KB
2 KB 463ms
58ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

2bd61072fddb7d64c22fa244070964af040c1ea3262f22f1594a182664e915c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 14 Nov 2023 03:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 03:53:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Nov 2023 03:53:58 GMT

GET
H2 200 data Show response
folkd.com/api/1.1/init/ 706 B
2 KB 316ms
314ms XHR
text/plain 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/api/1.1/init/data?location=https%3A%2F%2Ffolkd.com%2F

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

509984fa6aa5e1861fd0d2805776427951bef2c38ac92ff7b812f648bc639584

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://folkd.com/
x-coalias-route: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNjk5OTM0MDM3fQ.TyE1O7KGl_a7lCfmfZdueCTsWmQEKhMX0erIBwNvAHI
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:58 GMT
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: Vercel
x-coalias-cache: MISS
x-bubble-perf: {"total":22.4,"percents":{"top":{"bubble_cpu":33.6,"block":59.9,"capacity_rl":0,"other_pause":0,"pre_fiber":2.6},"sub":{"pp_userdb":13.4,"pp_wait_userdb":0,"http_request":0,"serverjson":13.2,"appserver_cache_misses_time":0,"redis":45.9,"fiber_queue":3.6,"capacity_wait":0}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":8,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":14,"fiber_queue":16,"blocks":15},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":7131894}}
x-vercel-id: fra1::57lpk-1699934038294-8d82b62490d4
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCYmyk%2Fh42%2FXWkCXCW9BJvXioD5wdHWt4qzq%2FHKzV1NYBjzcAKB6k%2B0uWsvOxAQDdgNsAPPtcXSsA3LSNLQ4QAG9C3zXwqZyq56bWwQ7Iiqyxpy7OSvcWhlZ8eRycSqEHxXkPdW%2Bu1CcqGo8mLodfZ4LIV4Vr2qSbUaNg%2F5s7qJVtZIx7A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
x-bubble-capacity-used: 0.11 unit-seconds used
cf-ray: 825c4f7b68f06aba-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 478ms
53ms Script
text/javascript 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/dynamic_js/6f60b96dbdc6461523f524553aae26d1e98c2d111f1b720aa9d0811d40f13cab/folkd0612/live/index/xnull/xfalse/xtrue/en_us/xfalse/xfalse/dynamic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

GSE /

Resource Hash

a9ae6543584438f6e979f85f43e01686b1f05f293cc6a44becd50c7083ac158b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 14 Nov 2023 03:53:59 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.0/ 50 KB
15 KB 48ms
46ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.0/moment.min.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c42c23a0a15b19aa34fbf250c2ef3717f98169f8f123875936de604ca03070a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 440074
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15241
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-c9b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4m64bMcJdBSwu4U83Naolf0rRmA%2B4PXr%2BDL0B5z%2F7qqG4%2F2Xub%2Fd0pr%2B9EKeig2GXZ4hq5i6BnGWquh5OR7%2Fa9YXrkzX0HO0ngHMVhl3VblEI77cUIQhF%2FqW%2Ftwza6DItFIcfc6S"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 825c4f7fbfb024c4-ZRH
expires: Sun, 03 Nov 2024 03:53:58 GMT

GET
H/1.1 200
OK xdomain_cookie.min.js Show response
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ 5 KB
2 KB 55ms
54ms Script
application/javascript 185.3.92.76
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.92.76 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: nb-185-3-92-76.tc.nodebalancer.linode.com
Software: nginx /
Resource Hash: 7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:58 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPqBj6pGcllyAHRK2w4hVKRe_QgxLMPvl5NFin-3w7If_NhrQfXEPGh1fiKobXFEhwdjR786hO2CRg
transfer-encoding: chunked
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
connection: close
last-modified: Tue, 25 Aug 2020 07:36:03 GMT
server: nginx
vary: Accept-Encoding
x-goog-generation: 1598340963244234
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
cache-control: max-age=31104000, public
x-goog-stored-content-length: 4733
expires: Fri, 08 Nov 2024 03:53:58 GMT

GET
H2 200 hysaayfb9e Show response
www.clarity.ms/tag/ 650 B
1012 B 649ms
236ms Script
application/x-javascript 13.107.213.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/hysaayfb9e
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dbeebff092654136321d2d1fc2a50a8fc41c0757e4cd6f59436586fa8068a949

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
date: Tue, 14 Nov 2023 03:53:58 GMT
x-azure-ref: 0V+9SZQAAAAA/vzkTYLMKSoIUkum5uesuWlJIRURHRTEzMjIANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 650
expires: -1

GET
H2 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
23 KB 469ms
60ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 03:43:58 GMT
x-content-type-options: nosniff
age: 346201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23880
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 03:43:58 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 478ms
69ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:30:12 GMT
x-content-type-options: nosniff
age: 15827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 23:30:12 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 460ms
53ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 03:38:46 GMT
x-content-type-options: nosniff
age: 432913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 03:38:46 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v32/ 14 KB
14 KB 473ms
66ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v32/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

5fc4c95920416b0ef0b5aee93a90984989183a6d29f712e725a3383309806a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 21:11:22 GMT
x-content-type-options: nosniff
age: 369757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14256
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 20:55:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 21:11:22 GMT

GET
H2 200 ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2
fonts.gstatic.com/s/publicsans/v15/ 26 KB
26 KB 481ms
75ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/publicsans/v15/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

432501d7bf47b128295c61f72eeee2e5c2d33755f85db43ba89188408ab9389d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:18:36 GMT
x-content-type-options: nosniff
age: 380123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26244
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:34:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 18:18:36 GMT

GET
H2 200 L0x-DF02iFML4hGCyMqlbS0.woff2
fonts.gstatic.com/s/urbanist/v15/ 27 KB
27 KB 485ms
79ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/urbanist/v15/L0x-DF02iFML4hGCyMqlbS0.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

84221e6c0c5f950b44d38a40bc19ffa9a340b2a5d207cb6f6461b84d474f2555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 15:53:11 GMT
x-content-type-options: nosniff
age: 302448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27824
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:09:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 15:53:11 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK 65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js Show response
monu.delivery/sitesplit/d3/0.9.2/5/d/ 560 KB
159 KB 605ms
184ms Script
application/javascript 185.3.92.76
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/sitesplit/d3/0.9.2/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.92.76 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: nb-185-3-92-76.tc.nodebalancer.linode.com
Software: nginx /
Resource Hash: 676f8ccd4c1774ff8b01c14ff5bb9896a15acccd9e43610b67984e7341cc7150

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:59 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPoXZRyAoqWRXJSvQdr7a-SBEVxmULvZIpuBNA1Xm-U2TajhfL-BpUZ-CMezW0f1dcllZI0
transfer-encoding: chunked
x-cache: MISS
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
connection: close
server: nginx
vary: Accept-Encoding
x-goog-generation: 1699854778879128
content-type: application/javascript
x-goog-hash: crc32c=E1FmUA==, md5=5fzUJ/EMHNTfm/XXan4lEA==
cache-control: max-age=7200
x-goog-stored-content-length: 573002
expires: Tue, 14 Nov 2023 05:53:59 GMT

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame 7847 200 B
1 KB 52ms
51ms Document
text/html 108.138.7.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-13.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1422
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 14 Nov 2023 03:30:23 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 10 Nov 2023 21:04:42 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
x-amz-cf-id: pR0i6CAzuiHd_rui1KcGWVLoOftQMmsEvntO0fTMVNu9o_o4l5778g==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

OPTIONS
H2 200 me
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/ Frame 0
0 690ms
305ms Preflight
text/html 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/me

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-data-source
Access-Control-Request-Method: GET
Origin: https://folkd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 14 Nov 2023 03:54:00 GMT
expires: Sat, 16 Nov 2013 03:54:00 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

OPTIONS
H2 200 suggestedTagsNew
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ Frame 0
0 678ms
305ms Preflight
text/html 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/suggestedTagsNew?perPage=10

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-data-source
Access-Control-Request-Method: GET
Origin: https://folkd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 14 Nov 2023 03:54:00 GMT
expires: Sat, 16 Nov 2013 03:54:00 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

GET
H2 200 logo-40px.svg
1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1676897406070x914614085739208700/ 2 KB
1 KB 148ms
49ms Image
image/svg+xml 104.16.137.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1676897406070x914614085739208700/logo-40px.svg

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.137.79 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b26090b7c2ddac21b5731cd0dc5ada44fd88d3b7ee421dd8ddc0a7db2b12c70

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:59 GMT
x-amz-version-id: NoYri7j3dqGJ_o.0cuCTxKXFnTaBUSkL
content-encoding: br
cf-cache-status: HIT
content-security-policy: script-src 'none'
x-amz-request-id: ESVZW6HVHCQ6FV34
age: 2614
x-amz-server-side-encryption: AES256
x-amz-meta-app-version: test
x-amz-id-2: cV3/G8OwA020CO8bvlY8MjSnYzoZkPZMnUS8rCdNa+1YgW3Gi1Uhzh3Ml4rj9OIbRhIXx25R1jo=
x-amz-meta-appname: folkd0612
last-modified: Mon, 20 Feb 2023 12:50:07 GMT
server: cloudflare
etag: W/"98bcc0ebb1abcca0eceef4c5f8ed8d71"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=86400
cf-ray: 825c4f83cf0024c4-ZRH

GET
H2 200 me Show response
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/ 162 B
690 B 340ms
340ms XHR
application/json 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/me

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

b924c0f3cca5409ff9a2c9641e5610cee45e81ae4d315dc6bfa594dd0d5ca663

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Data-Source: live
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
Authorization: Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;
x-app: hit
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: deny
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: *
expires: Sat, 16 Nov 2013 03:54:00 GMT

GET
H2 200 suggestedTagsNew Show response
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ 4 KB
2 KB 333ms
333ms XHR
application/json 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/suggestedTagsNew?perPage=10

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

9d0e6e7579557120905bba43878535e5a96bd40436b5c7ecddd9f6519e2b128a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Data-Source: live
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
Authorization: Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;
x-query-cache: 1
x-app: hit
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: deny
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: *
expires: Sat, 16 Nov 2013 03:54:00 GMT

GET
H2 200 magnifying-glass.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 276 B
524 B 451ms
62ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/magnifying-glass.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4802186f6cb20846f699483e25a99a51ba958a3b00ec07f124c46a94800b3e4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272842
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230119-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"114-kQKqpN6Fzv24NlTHkXKL/4wb5Hg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qAo5aTyMKve1fNGqiDYApi%2BEtCuB3XpGiGydsRaLpU4F6PmZpKk9wzrje9wvgPn0LEAsol2F8KSMp4Q234%2BB2xtn%2BiLCgxCadQ7o4TbXiYUAFUpiNo0zUvzxdsNFo%2BU04Rc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f85cf8a01db-ZRH

POST
H2 200 hi Show response
folkd.com/user/ 57 B
1 KB 644ms
643ms XHR
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/user/hi

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

643614e29ce6d0005345eff017235d80ce746222fcb38c966c16920514ab10bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID: 1699934039001x293131098476722560
X-Bubble-Fiber-ID: 1699934039628x133804227080805090
X-Bubble-PL: 1699934037577x268
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://folkd.com/
cache-control: no-cache
Referer: https://folkd.com/
X-Requested-With: XMLHttpRequest
x-coalias-route: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNjk5OTM0MDM3fQ.TyE1O7KGl_a7lCfmfZdueCTsWmQEKhMX0erIBwNvAHI
X-Bubble-Breaking-Revision: 5

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf: {"total":6.8,"percents":{"top":{"bubble_cpu":32.9,"block":48.9,"capacity_rl":0,"other_pause":0,"pre_fiber":10.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":5.3,"appserver_cache_misses_time":0,"redis":26.3,"fiber_queue":6.8,"capacity_wait":18.6}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":7,"fiber_queue":8,"blocks":7},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":336300}}
strict-transport-security: max-age=63072000
x-bubble-appname: folkd0612
x-powered-by: Express
x-bubble-capacity-used: 0.005 unit-seconds used
x-coalias-cache: MISS
server: Vercel
x-vercel-id: fra1::pd96p-1699934039645-1f6f07883e6a
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASIKRzpZmpJFvVG7MAOH6rq58QCA0gLjeLzHU8hPz7UWDQv8jB%2FGscHHEP4xq8mvpU9j19QqNolRzQ%2BnbJYzSK%2FW9pxe0uROHcuhSSHpVkVsoMEWN0prI52jKqZ94xDs2lZi7jQo2dGTC0HHX5gfNWjqMfz%2Bl4IbxO2z52ij%2FKUxed4JzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-bubble-request-took: 7
cache-control: no-cache
cf-ray: 825c4f83f8a639d0-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
547 B 370ms
53ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272842
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrF3lRl5Hk0nRFogXYu0I0%2BuEIV34HzmUH3Z9di2yqz7lVdCKmBuF9tzIV8oIrfv%2BBJO62ih%2FbYambi7k8OtyC3lZpzySCm9r5OBKsq6p5E2%2F9CG57oO2YxDn82PLG36uEQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f85cf9201db-ZRH

GET
H2 200 magnifying-glass.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 276 B
846 B 357ms
82ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/magnifying-glass.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4802186f6cb20846f699483e25a99a51ba958a3b00ec07f124c46a94800b3e4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272842
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230119-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"114-kQKqpN6Fzv24NlTHkXKL/4wb5Hg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBbs5adixJ2k28Ugg3LJAmZdRcShbGrv%2Fzm%2BdGERpzZ5x5Vp7AIIdfcnZVNRpjPfwUlV%2Butn53npmBg4SzDBozT1djd93D3QmftUlq1Lm%2BeW%2FJKuGZcqv2wefzaUepriOcM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f85cf9901db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
555 B 327ms
55ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272842
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3yErM8rOEIiQwcLhbzj7tNkqerBkts3IIIzmaUYkxEL1dnE%2F7ICO3TNp4LUcx2Ih4bbaAbpb7sxBhZhNhAyvO4AjoxnXawFOH2V%2FrEZ7S%2BGXT%2FCIET%2BnQCXOduO%2BxFpn%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f85cf8f01db-ZRH

GET
H2 200 link.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
556 B 301ms
60ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/link.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

200dc7bef742f1444cb61f8815c670559515190e8c26b22d2321d97f0b9f772b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 524420
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-7SIfGbMr0v+LWC1mugpE30WyzaY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BdtLwELFZ5ryjKLiQBmb9sVv3ARacx%2FsQl7q3vWz42%2FYS8AzUntL59gs135siPUzOlP%2FrYD%2FnQWrM333RKcoVQP4PhgoW6huezwli9XRElVUYG0pVDJkO4yZDiqfDifuVTY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f85cf9701db-ZRH

GET
H2 200 arrow-right.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 238 B
458 B 324ms
86ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-right.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c47b5a01db671339098d535f5e4ba9b1aea4e8f6a587115f3c5fb1c5f536c026

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 526185
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230112-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"ee-sKiN6U34uU57BENu+Y1GOws6S4A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3XMAzds%2FhQHpdzb%2B7tCsf79IIVJpDZnivzNsWDYYP4edTUFLEV2hgBI6c7XFJqL22I%2BfE4fk62rnT4UGt2yhmIQH4z77MubD6ITAlUCvHjGAvePYSpxtncPzPx6NNgTWHQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f85cf9c01db-ZRH

GET
H2 200 link.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
496 B 288ms
61ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/link.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

200dc7bef742f1444cb61f8815c670559515190e8c26b22d2321d97f0b9f772b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 524420
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-7SIfGbMr0v+LWC1mugpE30WyzaY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6wqtcruWLpWj2D0Qj4up9Yz7SJXhZcW641a96TJQk3YQWgdcJqdQ6LrvgzxXQkauu%2FsOD1nPSscbu6RZCKeWGaFtJfeSrbjDpBNZ98FR8oydmsWpZ9bzNq6YmJS%2BvbAOw8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f85cf9001db-ZRH

GET
H2 200 arrow-right.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 238 B
541 B 306ms
80ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-right.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c47b5a01db671339098d535f5e4ba9b1aea4e8f6a587115f3c5fb1c5f536c026

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 526185
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230112-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"ee-sKiN6U34uU57BENu+Y1GOws6S4A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Lx2u%2FfLGL%2BdOJC%2FyOp%2Byzo9JxKVtTu2NVDY58GK6tlQ140MOdQuogx0C0J2kZmzpHbjxWtCl%2BZ5C3NiQojE%2F8xrI213TWN5wssbKgfYYVUZZAlgONKtNV0nh20NgBuNxtQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f85cf9f01db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
997 B 272ms
52ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272842
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wsZDavcSvG7dMmV8qdivWxTCmW%2BIcMsQuedUNrxn5LJjotjSsgHYBsGV%2FdpvfSIUDrr6dYzpEVGe77kGdhHPw6PlcK2lcm6KYyc51fkJ4lJ5FoOnl7J84oEHrOCC%2F49cXE8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f85cf9501db-ZRH

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7847 631 B
1 KB 48ms
48ms Script
text/javascript 108.138.7.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-13.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:30:16 GMT
via: 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 1423
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 03 Nov 2023 20:07:01 GMT
server: Cloudfront
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 3nYIv_awkc6BWxWpcM-HgI5tdnka6-vzd2ap5UtP4TgjLyhGSSBoUg==

POST
H2 200 csp-report
q.stripe.com/ Frame 7847 0
716 B 617ms
201ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699934040277960
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699934040277127
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 7847 0
717 B 615ms
200ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699934040277516
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699934040277142
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

OPTIONS
H2 200 post_index_feed
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ Frame 0
0 441ms
304ms Preflight
text/html 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=1&latestDate=1699934039785

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-data-source
Access-Control-Request-Method: GET
Origin: https://folkd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 14 Nov 2023 03:54:00 GMT
expires: Sat, 16 Nov 2013 03:54:00 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

GET
H2 200 post_index_feed Show response
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ 32 KB
8 KB 338ms
337ms XHR
application/json 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=1&latestDate=1699934039785

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

66be9d14c1815451674cb04f2de6115ee8da1d7a5acdb15c2579032e7718f2ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Data-Source: live
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
Authorization: Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;
x-query-cache: 1
x-app: hit
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: deny
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: *
expires: Sat, 16 Nov 2013 03:54:00 GMT

GET
H2 200 recaptcha__de_ch.js Show response
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ 470 KB
189 KB 468ms
55ms Script
text/javascript 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de_ch.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

d215f38ba9fc751e85b8e259a2ac223405de271f243ad65bc30a70d1edfae329

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192511
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 04:12:51 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.13/ 59 KB
20 KB 48ms
46ms Script
application/javascript 13.107.213.44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.13/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/hysaayfb9e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:59 GMT
content-encoding: br
last-modified: Tue, 17 Oct 2023 11:58:02 GMT
x-azure-ref-originshield: 0lSFSZQAAAACna56dqH2lTJmhFxGR7xrlRlJBMjMxMDUwNDE4MDIxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "0x8DBCF0850CC9F3D"
x-azure-ref: 0V+9SZQAAAAD8TLkQY2HZS7U3hqS/SGg9WlJIRURHRTEzMjIANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 7534c9d4-d01e-007a-198b-15339b000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/ 418 KB
87 KB 590ms
189ms Script
text/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def3b35a2c5334201c1d4bb1fd5be7cbce32f1eab0b1db4e61d0984c858be5b0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 14 Nov 2023 01:30:34 GMT
server: cloudflare
x-amz-request-id: 72PV53X19D8MF9A4
etag: W/"253e9e74fdb674eff9740264421dd8be"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 825c4f87ae8001f4-ZRH
alt-svc: h3=":443"; ma=86400
x-amz-id-2: vcsgJTQr1Th/PiKymnfy5uBDM7wlH+YJszW2+aOIPi8otIAecnJooxa+I0Q8DgXVRHnfhuMPkXs=

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 102 KB
32 KB 490ms
74ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

9588978a232d8c8ef9c082ce5803123b60b011bb93494dcccaf5c3e2b7f3fe30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31739
x-xss-protection: 0
server: cafe
etag: 355 / 19675 / m202311090101 / config-hash: 2459397958677358047
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 03:54:00 GMT

GET
H/1.1 200
OK xdomain_cookie.html Show response
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame F162 3 KB
2 KB 501ms
73ms Document
text/html 185.3.92.76
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by: Host: monu.delivery
URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.92.76 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: nb-185-3-92-76.tc.nodebalancer.linode.com
Software: nginx /
Resource Hash: 2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-origin: *
age: 1702
cache-control: max-age=31104000 public
connection: close
content-encoding: gzip
content-type: text/html
date: Tue, 14 Nov 2023 03:54:00 GMT
expires: Fri, 08 Nov 2024 03:54:00 GMT
last-modified: Tue, 25 Aug 2020 07:36:09 GMT
server: nginx
transfer-encoding: chunked
vary: Accept-Encoding
x-cache: HIT
x-goog-generation: 1598340969597109
x-goog-hash: crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3440
x-guploader-uploadid: ABPtcPqbfv-9azxD1_BzkSSy3dzL-ForVJCOhuboeegPwwFgHCq0XOiB8UjmdnkEjH6Qfgo_i3g

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 495ms
71ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7BR5TDFFPC&gtm=45je3b81v9135293448&_p=1699934038948&gcd=11l1l1l1l1&dma=0&cid=1651993066.1699934040&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1699934039&sct=1&seg=0&dl=https%3A%2F%2Ffolkd.com%2F&dt=Folkd%20%7C%20Home&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1373
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7BR5TDFFPC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://folkd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 3A50 930 B
2 KB 481ms
59ms Document
text/html 99.86.4.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-96.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 187
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 14 Nov 2023 03:50:54 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-id: CissFaIhVeiRFtry50JGnRPainddCuqSuZ6tyHl0vxzbfybYFj87Qw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 m Show response
folkd.com/user/ 4 B
833 B 340ms
339ms XHR
text/plain 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/user/m

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

X-Bubble-Fiber-ID: 1699934040036x584518302195825200
X-Bubble-PL: 1699934037577x268
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://folkd.com/
cache-control: no-cache
Referer: https://folkd.com/
X-Requested-With: XMLHttpRequest
x-coalias-route: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNjk5OTM0MDM3fQ.TyE1O7KGl_a7lCfmfZdueCTsWmQEKhMX0erIBwNvAHI
X-Bubble-Breaking-Revision: 5

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: Vercel
x-coalias-cache: MISS
x-bubble-perf: {"total":9.5,"percents":{"top":{"bubble_cpu":32.7,"block":26.2,"capacity_rl":0,"other_pause":0,"pre_fiber":9.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":18.9,"fiber_queue":4.7,"capacity_wait":1.5}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":7,"fiber_queue":8,"blocks":7},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":465622}}
x-vercel-id: fra1::xjb7d-1699934040053-bc3f8c1269a8
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZ48PlSnvYOJ6Az0d2hRYENyQ2LLoKjdJ%2FPh4czuYW%2BV%2BDpUJrb0YfdZ5OhzvKhlV%2BnLJP%2BZdcQpfxhbE9Bh1LDlUYslmuJBYywGpXA%2F18ISQOMvEDyUmVqyrzrgDD4KSr0ane7JtCFnxZzQPLmlDCmJ0jbQ3v7WeIbeSXjiUO%2BbQ%2B0d3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
x-bubble-capacity-used: 0.007 unit-seconds used
cf-ray: 825c4f869b6e0be5-AMS
x-bubble-capacity-limit: 0 ms slower

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
289 B 464ms
137ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://folkd.com
Date: Tue, 14 Nov 2023 03:54:00 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 429 KB
135 KB 46ms
44ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:17:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16584
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137535
x-xss-protection: 0
server: cafe
etag: 18342593356503948095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 12 Nov 2024 23:17:36 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 3A50 0
490 B 284ms
276ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699934040676508
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1699934040676098
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 3A50 87 KB
15 KB 54ms
46ms Script
text/javascript 99.86.4.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-96.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:45 GMT
content-encoding: br
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 16
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: Kw0SOkYrNJs5lKEUOQU7jV48pOddqyOzxT3U46r1TXfoNxtqmUF8Og==

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
535 B 139ms
39ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=7ada6bc7-d831-4ccc-9c49-6a685d6852e0&a=p.d.l&u=JYM01M&d=%7B%22b%22%3A%22chrome%22%2C%22c%22%3A%22CH%22%2C%22r%22%3A%22BE%22%2C%22p%22%3A%22%2F%22%7D
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 01:42:22 GMT
age: 439898
x-guploader-uploadid: ABPtcPpCkonmBGjk2dfiQa2Hgo3mEfBmcptQk_6vFkluw7dOFBMkIE8fNVKxW9vwBa_JDINMl-T2rh3GKAzhRv97Ly1w76nqU0GE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Fri, 08 Nov 2024 01:42:22 GMT

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 264 KB
84 KB 62ms
60ms Script
application/javascript 172.64.144.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.144.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Oct 2023 16:04:16 GMT
server: cloudflare
x-amz-request-id: V56T6WNWVZ98A02D
age: 533938
etag: W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 825c4f8998a101f4-ZRH
alt-svc: h3=":443"; ma=86400
x-amz-id-2: g9yZ2ceZ5NsRJ5Fk/EJ1qEJkIKPIU7jlfU671KpXAwP+Idw05wEbM2Slau5BhJPxmqLbrqrVOdU=

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 47ms
40ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=7ada6bc7-d831-4ccc-9c49-6a685d6852e0&a=s.d&u=28f81968-7637-4e59-b276-64fe8525c1dc
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 01:42:22 GMT
age: 439898
x-guploader-uploadid: ABPtcPpCkonmBGjk2dfiQa2Hgo3mEfBmcptQk_6vFkluw7dOFBMkIE8fNVKxW9vwBa_JDINMl-T2rh3GKAzhRv97Ly1w76nqU0GE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Fri, 08 Nov 2024 01:42:22 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
782 B 55ms
53ms Script
application/javascript 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 32438
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZ5hW2%2Fgz3Twm9Hz1Ja%2FSpXMjYwOZNPpOSgOPVUkuXei%2BPA%2FjdmK%2BfvSBmgAcX4dTDGafR%2BeF83BSp8%2BtA4aTX%2FEMwWW%2FSJkpboGo5HTShscFJ6F9kKysYzdMFecBxv0kmw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 825c4f8a0f1c23f7-ZRH

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 147 KB
32 KB 485ms
73ms Script
text/javascript 104.22.52.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b02f712bafaaaf093abcbe50187969700636642c4a9b659974eae2da90b2f914

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 09:47:12 GMT
server: cloudflare
x-amz-request-id: X1E9FWAKQ4Y2EH6J
age: 1208
etag: W/"c129d5681852fdb4346e144820aba0c3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 825c4f8cab143626-FRA
x-amz-id-2: Hn2i5MZ5hXrurG2LX+E4jwSB83iIahvYMNT7VlraOmVu10nVgjaGgBGWoLNhZQxGJ8q8jJwqxlE=

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 145ms
39ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 15:01:28 GMT
content-encoding: gzip
age: 305552
x-guploader-uploadid: ABPtcPrkeBTNnr7iwEOQsOO1crWmoZ9iqL2ey0CP8aUBoDmjemJ9aPIOtU-feRiw5Wy2dKUFws4yGGOQFv5l4BNB7C1_dbA4tPMg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 09 Nov 2024 15:01:28 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 486ms
77ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Nov 2023 03:54:01 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 165ms
60ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:25:56 GMT
content-encoding: gzip
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 41285
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: xQ8fsrXO7xIRVhYp_uccsBpXQt8yTYNqoks4QMxQnqVBTt4VB1akHg==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 485ms
74ms Script
text/javascript 18.66.129.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.129.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-129-71.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Mon, 13 Nov 2023 05:04:04 GMT
Via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 82198
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: M0mG6XCi7-IAtZ9DmXujSIH9OFbiZC9Pc45eEzMJWce_zhJtU1EC0w==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 164ms
59ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: ea66bcd65afc9e589ea7ac7318f13597
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 69 KB
21 KB 252ms
252ms XHR
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2815995020238576&correlator=1057896747327477&eid=31079630%2C44807409%2C44780989%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDW.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699934040616&lmt=1699934040&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1651993066.1699934040&ga_sid=1699934041&ga_hid=1815630392&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYo-Tb37wxSABSAghkEhkKCnB1YmNpZC5vcmcYo-Tb37wxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKPk29-8MUgAUgIIZBIUCgVvcGVueBij5NvfvDFIAFICCGQSGQoKdWlkYXBpLmNvbRik5NvfvDFIAFICCGQSFwoIcnRiaG91c2UYpOTb37wxSABSAghkEhsKDGlkNS1zeW5jLmNvbRij5NvfvDFIAFICCGQ.&dlt=1699934037811&idt=762&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26iabCategory%3D264%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse&adks=3006380593&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

a9f917bf132e6899e3b815073423c43d600dbb099e083ddb4267338788746aba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21037
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0D01 6 KB
3 KB 528ms
77ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 03:54:01 GMT
expires: Wed, 13 Nov 2024 03:54:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 39 KB
14 KB 47ms
47ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:48:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39959
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13750
x-xss-protection: 0
server: cafe
etag: 15254217830347453119
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 12 Nov 2024 16:48:01 GMT

POST
H2 200 apm Show response
folkd.com/user/ 4 B
932 B 297ms
296ms XHR
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/user/apm

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

X-Bubble-Fiber-ID: 1699934040745x383976205157385400
X-Bubble-PL: 1699934037577x268
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://folkd.com/
cache-control: no-cache
Referer: https://folkd.com/
X-Requested-With: XMLHttpRequest
x-coalias-route: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNjk5OTM0MDM3fQ.TyE1O7KGl_a7lCfmfZdueCTsWmQEKhMX0erIBwNvAHI
X-Bubble-Breaking-Revision: 5

Response headers

date: Tue, 14 Nov 2023 03:54:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf: {"total":12.3,"percents":{"top":{"bubble_cpu":40,"block":50.1,"capacity_rl":0,"other_pause":0,"pre_fiber":8.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":47.9,"fiber_queue":2.9,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":6,"fiber_queue":7,"blocks":6},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":735893}}
strict-transport-security: max-age=63072000
x-bubble-appname: folkd0612
x-powered-by: Express
x-bubble-capacity-used: 0.011 unit-seconds used
x-coalias-cache: MISS
server: Vercel
x-vercel-id: fra1::qccsx-1699934040765-993bd66286da
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLjBSPXehqF4qM%2FkzSJz1W6jCD4eSiWvYxWBSmLuRgBklQjBHVDUMCg%2FUcDor18Kz0a8d8WFyAisgnBUnQI8HxXqu62IZGBcgA%2FGc5xjYITU9pDWScdz4whXoeihqri9fCyMmMSnPfychr%2FgiXM2zCHJ%2Fx0Pz2ayGlARm11HIl3uJvXL9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-bubble-request-took: 12
cache-control: no-cache
cf-ray: 825c4f8ae9f44d84-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
626 B 47ms
45ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272843
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPITUGJE8Cds4L7H83PKxnUaexHxNNq%2FnqzOOGV4T2gLmyH8svUAsBFVJLopFzTtg7UAavidnhR778mYks4ptZ3z9Hz%2FBZrogGuaqs2IEYM5bF5CGQ3GkxIxppikJ7z2Rzw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f8b9dc701db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
545 B 47ms
47ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272843
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MNhslAkLOFfwY4px99b4iRuotubDJn3pYyBqjlk2zJf3gUlKe%2B93TEB1li1dhA9BMa7wZLTfavQbqPzBZYIHck6%2FnutqPfjtjN7XCeVXYP5rHcCGyNTXJnizjiJfQ2s4ano%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f8b9dcc01db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
546 B 49ms
49ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272843
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlVmDJ96r1G6F97yrlitgHYCO3ddrdj4O1fU%2FQE8B%2FkQVoGrue%2FU2DG8lmE1zOLRnvcTFmWQi6SzPFp3KjBHyE7x5fJOFG76rr9sIHQABHT7wakDoEieJ9z1vTI56h6X2A0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f8badd701db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
542 B 50ms
49ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272843
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CEQw6uFqg5OXgmdleUG0C3Sdm5atjr5QhyqZCGzrwBuRaZRNwlWcdUKMNUzoCpcoyK8I0cgAF98ke9HOGYMMgolDKkSyQ0iMLfMenH1ke4hjRnLyQdxm2pTtuBkyceFQ31E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f8badde01db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
553 B 48ms
48ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272843
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fj6n1lMrQ%2BnQi3aRHl0%2Bs0poKbBmubXmulUtiiCUmtnyK%2FJQTkDM1yArN6aO4tGZTPN%2BsL1eIXXnqw6iuK4MI6uiYjgo73lq1qIo%2B97jRleL%2FUqYJQAW%2BLE0B%2FDqAxhuHrk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f8bade001db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
557 B 48ms
48ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272843
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2B%2Fc%2F0RPlZvWvj%2FLMe%2BqdrZO3A2OaTvCarisa05Sa%2Fu182FFMdQCxkpv%2FgFHYHFqJ7TmVz%2BndEUS%2Fpqk5mTaEXDLjUFfYrThs%2BQX6R7WEMbh7nh9WCJR4dDpcehbiDEflfo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f8badee01db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
765 B 48ms
48ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272843
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fer0BE%2FtYKw5W4keaccwn6Pa8smBP9J1TCCQ690UFbcsfMos0dwOV%2FEGADnTUBMYf%2BUOVczcCF1JAOe3y9ohEOPvBP5fUBxysYzzRAEi3xv3ubSd8nR34S3ArrvRJ06ra6I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f8badf601db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
676 B 46ms
46ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272843
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkGpKt78YpFQ51F%2FGROOCreoyX%2BVO2WEQeLv2K3TE221v76cwns7gyzGsmg2KjsZN%2BFYa6ZDGtf3%2BNL5AU4vkCMjZx7UxF3dwH52S7iOtJn9sQQhZ%2FVbS9ZhkB46dQq3bN8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f8badf701db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
547 B 51ms
50ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272843
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e9E1hUy55c2EiG2rBjjL4F1LfwlBleWSOYMKZleMy%2BMUh0BP3l%2Fi3oMwvRQcbWCDSTWh8dSxdEHIQVF7D8HMvKFeFsB0e5kX7xexhxdzlQxCBilJF%2F79Z79v38dqC6svn0I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f8bbe0101db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
642 B 48ms
48ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272843
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=riXWt%2Fjd1Us8yJy%2FgSx4bTElRd9%2BU7l6LpZkEkvntBJu3gDGvc8e7qVXDWxYhoQqeD7eHhvGw%2BMz0FNpQg6%2BC%2BeS7wFYnk2MtOSzm6zi7lc3lnSFfDZaCyBNfZJmATiCB%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f8bbe0701db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
552 B 48ms
48ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272843
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5jgjOoKKa74f9eLEQIWbZlKMvw%2BdbVsahfQokdBBBMz%2B87%2FRPa17AwqY%2Fhsx5kb29Uh9%2FWWEKpGkbClaN15I4%2Fso7wshkSFn9mQwBgff5fdxTv9b%2B5WV2VHHMzuIazIdOg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f8bbe0801db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
549 B 49ms
48ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272843
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVrYk0GZS5jOuA%2FrFYvF2rhL2qnnCz6yQuNL7ybKwz7NLs2X2NGQZNt2RpxrLxpkacFMI%2BZ0fivBqkwQqT0vnAh9UMvWC%2FbJ5kk6XRQws%2F4OAF6sixeRnxTuxyjC447Ki1g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f8bce0c01db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
550 B 49ms
48ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272843
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6Csa91GmSbe9RTb7T9Hk7oMLguqOJDo%2FUsFAeXWQf3UWrJmRkbAXmCMyafi2HskVEsfjrvusZSUKwqQpW%2Bki%2BcqMaw%2ByWIRwO%2FphUO%2BsvVgUtzaqtgN2n9T6ilscOu62yE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f8bce0e01db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
552 B 49ms
49ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272843
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7eBZB2y%2BQ4SdVcqJ6UgJ8DwdyoHuHCTj1o6fN3wmFPcLXDsVq7aLNE5tLM8ztP4ZesTHIT0rwRPqjqr9n5ceFJPYPXD0i3HnutJ%2By7Ru74Zk%2F%2FmXzCOFlUtA%2BwhwXlWmM%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f8bce0f01db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
548 B 48ms
47ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272843
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vT5UIiajL9HR3IvjTPYdJf2DeFF9jHaRx262q0pZQ8lxIDcuXc4OzOLUL7TmvnOsw%2F0YKS4SSWG%2BR5jIuLyBmDnm4GBBa%2BI6ejwkjYWOXnoguyNQXYqa4f1n6l11OSVg8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f8bce1001db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
616 B 51ms
51ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272843
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kS8ddfLiw8c3bLTvAL5W5hXkp%2BCm3LRxS88WzsP5G4XNpAEHglhn%2B4pXRMC4vBDu62f1PBQnn6u8x8q5tlleKF0B2%2FF7%2BZ5xBgpvLVoVCl35JePnLCKvPEuVT3QgANRRdUE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f8bce1201db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
638 B 55ms
54ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272843
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jdmh3tzGg%2BCt4csgVqb5Dw85ekQr6rAOJovB2uiz7rulMxl7wXLlYWPX%2BOYsqLnDx6iQKsYO5lBBSf7y%2Fk5TknQyNfJ9jNtQ0vqf0R78I6zbmTfGWaxi%2FnjLO77Ej%2FAULaQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f8bce1301db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
824 B 45ms
45ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272843
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2B0iazsKFivO8SNCB60PTR08apABHC6u%2BuAIq6vCNU0duiacZkcGGFrBkK4ti4hoQaZd3k8dd1N6Fy8Osuro%2Bx3VPUaWVcl4vFAfdSFWKuMvh8Aa5SlFFffVHX4jB1fsABg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f8bce1501db-ZRH

POST
H2 200 6 Show response
m.stripe.com/ Frame 3A50 156 B
670 B 608ms
198ms XHR
application/json 35.80.175.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.80.175.49 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-80-175-49.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

8c6e026b299ce855731e413068d577b8bdcaa169f624f97c2993afd5c2cd3261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 14 Nov 2023 03:54:01 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699934041437535
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699934041437345
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 container.html Show response
ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8ED1 6 KB
3 KB 205ms
78ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 03:54:01 GMT
expires: Wed, 13 Nov 2024 03:54:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 201 B
474 B 169ms
63ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5dbf49883afdf02413fd44f859601aaaf226d350a734cd5347308f81ec2f0dd9

Request headers

Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 14 Nov 2023 03:54:01 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 0189be48cf0b0adcdcab1c0676b52491
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With
content-length: 201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET esp
oajs.openx.net/ 0
0

OPTIONS
H2 204 esp
oajs.openx.net/ Frame 0
0 266ms
162ms Preflight 34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-coalias-route
Access-Control-Request-Method: GET
Origin: https://folkd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://folkd.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 14 Nov 2023 03:54:01 GMT
vary: Origin
via: 1.1 google
x-powered-by: Express

OPTIONS
H2 200 post_index_feed
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ Frame 0
0 200ms
199ms Preflight
text/html 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=2&latestDate=1699934039785

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-data-source
Access-Control-Request-Method: GET
Origin: https://folkd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 14 Nov 2023 03:54:01 GMT
expires: Sat, 16 Nov 2013 03:54:01 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

GET
H2 200 post_index_feed Show response
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ 28 KB
7 KB 221ms
221ms XHR
application/json 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=2&latestDate=1699934039785

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

5bd18057febebbb100420aa58be847fa5bee8e9912ae473b802a9402421209ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Data-Source: live
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
Authorization: Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;
x-query-cache: 1
x-app: hit
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: deny
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: *
expires: Sat, 16 Nov 2013 03:54:01 GMT

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
105 B 42ms
41ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=7ada6bc7-d831-4ccc-9c49-6a685d6852e0&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 01:42:22 GMT
age: 439899
x-guploader-uploadid: ABPtcPpCkonmBGjk2dfiQa2Hgo3mEfBmcptQk_6vFkluw7dOFBMkIE8fNVKxW9vwBa_JDINMl-T2rh3GKAzhRv97Ly1w76nqU0GE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Fri, 08 Nov 2024 01:42:22 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
23 KB 293ms
293ms XHR
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2815995020238576&correlator=4236004914800839&eid=31079630%2C44807409%2C44780989%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D09c4a9a327608928%3AT%3D1699934040%3ART%3D1699934040%3AS%3DALNI_MZd8FkfR7CegW4Mn6r3HpNzQX5V_Q&gpic=UID%3D00000cc39ae70583%3AT%3D1699934040%3ART%3D1699934040%3AS%3DALNI_Mb0nJmvqrby3TjNCksZ9NeO8qVkZA&abxe=1&dt=1699934041169&lmt=1699934041&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=132&ohw=0&ga_vid=1651993066.1699934040&ga_sid=1699934041&ga_hid=1815630392&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYo-Tb37wxSABSAghkEjsKCnB1YmNpZC5vcmcSJDQ4Y2EzMjUyLWU0YzMtNDM3My05ZWIxLWVmODdjNDkzNWY5NBjl5tvfvDFIABIdCg5lc3AuY3JpdGVvLmNvbRij5NvfvDFIAFICCGQSFwoIcnRiaG91c2UYpOTb37wxSABSAghkEhQKBW9wZW54GKPk29-8MUgAUgIIZBIZCgp1aWRhcGkuY29tGKTk29-8MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yo-Tb37wxSABSAghk&dlt=1699934037811&idt=762&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D3_BE_chrome%26browser_hour_refresh%3Dchrome_3_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26iabCategory%3D264%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=1010671418&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

aaca2ab20c14443523a208b27319cffb365dcc51268fb9eeabfd1429a0955efe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22887
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 43ms
43ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=7ada6bc7-d831-4ccc-9c49-6a685d6852e0&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.2
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 01:42:22 GMT
age: 439899
x-guploader-uploadid: ABPtcPpCkonmBGjk2dfiQa2Hgo3mEfBmcptQk_6vFkluw7dOFBMkIE8fNVKxW9vwBa_JDINMl-T2rh3GKAzhRv97Ly1w76nqU0GE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Fri, 08 Nov 2024 01:42:22 GMT

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 43ms
43ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=7ada6bc7-d831-4ccc-9c49-6a685d6852e0&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.3
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 01:42:22 GMT
age: 439899
x-guploader-uploadid: ABPtcPpCkonmBGjk2dfiQa2Hgo3mEfBmcptQk_6vFkluw7dOFBMkIE8fNVKxW9vwBa_JDINMl-T2rh3GKAzhRv97Ly1w76nqU0GE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Fri, 08 Nov 2024 01:42:22 GMT

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 43ms
42ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=7ada6bc7-d831-4ccc-9c49-6a685d6852e0&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.4
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 01:42:22 GMT
age: 439899
x-guploader-uploadid: ABPtcPpCkonmBGjk2dfiQa2Hgo3mEfBmcptQk_6vFkluw7dOFBMkIE8fNVKxW9vwBa_JDINMl-T2rh3GKAzhRv97Ly1w76nqU0GE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Fri, 08 Nov 2024 01:42:22 GMT

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 44ms
44ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=7ada6bc7-d831-4ccc-9c49-6a685d6852e0&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.5
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 01:42:22 GMT
age: 439899
x-guploader-uploadid: ABPtcPpCkonmBGjk2dfiQa2Hgo3mEfBmcptQk_6vFkluw7dOFBMkIE8fNVKxW9vwBa_JDINMl-T2rh3GKAzhRv97Ly1w76nqU0GE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Fri, 08 Nov 2024 01:42:22 GMT

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 44ms
43ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=7ada6bc7-d831-4ccc-9c49-6a685d6852e0&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.6
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 01:42:22 GMT
age: 439899
x-guploader-uploadid: ABPtcPpCkonmBGjk2dfiQa2Hgo3mEfBmcptQk_6vFkluw7dOFBMkIE8fNVKxW9vwBa_JDINMl-T2rh3GKAzhRv97Ly1w76nqU0GE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Fri, 08 Nov 2024 01:42:22 GMT

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 44ms
43ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=7ada6bc7-d831-4ccc-9c49-6a685d6852e0&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.7
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 01:42:22 GMT
age: 439899
x-guploader-uploadid: ABPtcPpCkonmBGjk2dfiQa2Hgo3mEfBmcptQk_6vFkluw7dOFBMkIE8fNVKxW9vwBa_JDINMl-T2rh3GKAzhRv97Ly1w76nqU0GE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Fri, 08 Nov 2024 01:42:22 GMT

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 45ms
45ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=7ada6bc7-d831-4ccc-9c49-6a685d6852e0&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.8
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 01:42:22 GMT
age: 439899
x-guploader-uploadid: ABPtcPpCkonmBGjk2dfiQa2Hgo3mEfBmcptQk_6vFkluw7dOFBMkIE8fNVKxW9vwBa_JDINMl-T2rh3GKAzhRv97Ly1w76nqU0GE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Fri, 08 Nov 2024 01:42:22 GMT

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 45ms
45ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=7ada6bc7-d831-4ccc-9c49-6a685d6852e0&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.9
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 01:42:22 GMT
age: 439899
x-guploader-uploadid: ABPtcPpCkonmBGjk2dfiQa2Hgo3mEfBmcptQk_6vFkluw7dOFBMkIE8fNVKxW9vwBa_JDINMl-T2rh3GKAzhRv97Ly1w76nqU0GE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Fri, 08 Nov 2024 01:42:22 GMT

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 45ms
45ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=7ada6bc7-d831-4ccc-9c49-6a685d6852e0&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.10
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 01:42:22 GMT
age: 439899
x-guploader-uploadid: ABPtcPpCkonmBGjk2dfiQa2Hgo3mEfBmcptQk_6vFkluw7dOFBMkIE8fNVKxW9vwBa_JDINMl-T2rh3GKAzhRv97Ly1w76nqU0GE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Fri, 08 Nov 2024 01:42:22 GMT

GET
H2 200 fontawesome-webfont.woff2
folkd0612.bubbleapps.io/static/fonts/ 75 KB
76 KB 50ms
50ms Font
font/woff2 104.16.203.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd0612.bubbleapps.io/static/fonts/fontawesome-webfont.woff2

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_css/569715a74d34116b109d04078ae8caebc599c2b374ae6cd41974e77a1ec5325e/folkd0612/live/index/xfalse/xfalse/run.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.203.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://folkd0612.bubbleapps.io/package/run_css/569715a74d34116b109d04078ae8caebc599c2b374ae6cd41974e77a1ec5325e/folkd0612/live/index/xfalse/xfalse/run.css
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:01 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-bubble-perf: {"total":8.4,"percents":{"top":{"bubble_cpu":22,"block":71.2,"capacity_rl":0,"other_pause":0,"pre_fiber":4.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":52.2,"fiber_queue":4.8,"capacity_wait":13.3}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":4,"fiber_queue":6,"blocks":5},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":277299}}
age: 1049626
x-powered-by: Express
x-bubble-capacity-used: 0.004 unit-seconds used
content-length: 77160
server: cloudflare
etag: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 825c4f900c7f2373-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 L0x-DF02iFML4hGCyMqrbS10ig.woff2
fonts.gstatic.com/s/urbanist/v15/ 16 KB
16 KB 46ms
46ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/urbanist/v15/L0x-DF02iFML4hGCyMqrbS10ig.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

9ac86f9bf7cddd7963a2df2dfd00d5bae17aff357eeee30a091c3160d86f4202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 17:49:08 GMT
x-content-type-options: nosniff
age: 381893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16284
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:09:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 17:49:08 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2pL7SUc.woff2
fonts.gstatic.com/s/inter/v13/ 10 KB
10 KB 56ms
55ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2pL7SUc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

15df7612b2f445f4d18846aed403d0ca0947b3f8dead95d4b167621f5faaba57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:34:39 GMT
x-content-type-options: nosniff
age: 379162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10540
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:48:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Nov 2024 18:34:39 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2
fonts.gstatic.com/s/inter/v13/ 78 KB
78 KB 55ms
55ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

a2bfd9fe607d28fd07b05046e622818b8b5b94a358d53853a0d3f03e597cdc71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 03:55:35 GMT
x-content-type-options: nosniff
age: 86306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79940
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:22:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 03:55:35 GMT

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
610 B 57ms
57ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1115804
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAqNMVeq6whiogcsTRUDIvqhlQoWY17v3g%2BKYz1hC5es2UqB5fPDru%2BLUWPI7lXhSAfG7xWxA5M1z%2B0OJssRjyilTdICruZB3Ubv%2BTOfHVF4bb%2BIjM0gAMRe0Erwq9HMxu8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f925ceb01db-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
601 B 60ms
60ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 526185
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lTkLuQlIYaEk83G112NwL2DZVUGwbhyOquXwef94wfndfSv1KAgWdH2BDLyUSI1bfIXS7Mmr%2BzPIbCNa%2FyrmXiZxVHVF3gfSMiCUCl34vNLoaaxPikZSgSl1qYtnM5XIrdg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f926d0801db-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
586 B 73ms
73ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1045555
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3lmhBdJf3fxI0XnNzjEcIQYUSi7QmEQH9z4WvwkWz576Pp4%2FAbXw3HK3CmVTPUpWlGTnh8AbdSPN8moEhjDa8Cch0i91%2FHVS6%2Fk6hvtjfAWLGe%2B%2FdAfCLWC8YpCDTpSKB4c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f928d3001db-ZRH

GET
H2

200

nhacaiyutincomco.jpg
storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/YsOU_--9IrqY-vwNvHxokrksVto/-lbP5Q../
Redirect Chain

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/YsOU_--9IrqY-vwNvHxokrksVto/-lbP5Q../nhacaiyutincomco.jpg
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/YsOU_--9IrqY-vwNvHxokrksVto/-lbP5Q../nhacaiyutincomco.jpg

8 KB
8 KB

2174ms
1691ms

Image
image/jpeg

142.250.185.251
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/YsOU_--9IrqY-vwNvHxokrksVto/-lbP5Q../nhacaiyutincomco.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Server: 142.250.185.251 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f27.1e100.net
Software: UploadServer /
Resource Hash: 440d92a5a423d16775d1ba942f9e7d9c6f5521807d1085dc30e21ad1a421fded

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
age: 0
x-guploader-uploadid: ABPtcPp_bupKiraDotsV0qNOFMbytDPi6VmgC52jOcnNT5AKPMmP7xjejqspdgI0mPlYx6CIfk07WhjtIQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8030
last-modified: Tue, 05 Sep 2023 14:43:37 GMT
server: UploadServer
etag: "15a8c07fba7050660e3e6f9fa7b95247"
x-goog-generation: 1693925017812113
x-goog-hash: crc32c=WO5lZQ==, md5=FajAf7pwUGYOPm+fp7lSRw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 8030
accept-ranges: bytes
content-type: image/jpeg
expires: Tue, 14 Nov 2023 04:54:03 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
access-control-allow-methods: GET, OPTIONS
content-type: text/html; charset=UTF-8
location: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/YsOU_--9IrqY-vwNvHxokrksVto/-lbP5Q../nhacaiyutincomco.jpg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Cache-Control, Content-Type, Content-Length, Authorization, Accept, Accept-Encoding, User-Agent, X-Requested-With
x-xss-protection: 1; mode=block
expires: Wed, 15 Nov 2023 03:54:02 GMT

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
557 B 54ms
53ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1115805
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VORHFEU1tFCQE7lzTXG9TFpH4Hl%2BQwP4jsQ1QH7ePHntDfgXpE%2BRzyoqk5t5ZqDqf6sPxbo3JIKLey32Zy2vc75417vkFEiE4jRokezBTYzGqHLFlnSRl8vRW2pJaL0x8s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f928d3201db-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
865 B 54ms
54ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 526186
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0a5aQi5XAG1%2BMREmspUDnhRI6ECIJOZdRs3P0gyNGKuyJjY%2FEs1dXhR7wdHlfLpvDZ0MNgjpl1bGOT28R%2B5JwFoskFf4MjDEscpzEqL%2B8C2YeTECQjtj7RLG0QZohgpEUQs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f928d3301db-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
509 B 63ms
63ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1045555
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssC3DTN5M6sJh9UFwaepge2O80T5tEuL37oR07pJAT5QwOEm7y2XBSK7NBOElbtU9I%2BWwUHdVtjTTyocerYpsFDzBgbL4b7i%2FuPFhMjw8WHJa5GMyl1ao6ZJT6R4XIwmcV0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f92ad5301db-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
537 B 51ms
51ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1115805
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7Bv4kRsmfsjiLbhgnRZvO2g%2F%2BZ9Wby2u1DUiH81VilHrhIj9kwXMrL4RhM9bfHr3G%2BX6NE3NGrd%2BxSYXX8RgVD9MFShpT9Ek0JI39u%2Fgs5v8zDMAT0P3H1Rvfvp4Jpz9iY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f92ad5401db-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
525 B 58ms
57ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 526186
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBZzIGKq05jTwIk8Ut394cLWZ6yA6UspdWOqprgUQ8%2FC4CiVgkg17TGJ0f%2FS1NIA0t%2Ful0E4bqRZClQMUYvCSFxOOPS3JVs5MOp%2BdF3oMg2OpauB823Xrd%2FlKgx1ZiEmUMo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f92bd6701db-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
512 B 55ms
55ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1045555
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7e88TnrBF%2F4K7qbr5PSf1Dsa3WWVPdX1O%2FGuC9ZSw0NDwVs7rERDckny07qe00vB22XioByopkLFMICapol47QMsO32QYqhrevSdGEGG%2F78mwD%2BdB%2FfRa9PopNY2aJ1ccpc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f92bd6801db-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
609 B 56ms
56ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1115805
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBBSipA8PMv0IGNofC6a5YFss63mJ2kaSq1%2F8bKi7Ekw7kfogXp1onKt6D5iMQWeSAeg9oQZBXCKJDycB4g8tIjlqc%2BbUROjeQ0Pr%2Bh%2BCkKC%2FrRvw9s5u4eXBxLDern8ARQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f92cd7f01db-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
589 B 59ms
58ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 526186
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nn5gSM6MDqpvXSF8GR0vJGprUjLdvkQ%2Fh3JN6LqBVeOdBIpSecFHC5YgmFFCovgYgBr%2B0l33AhLH5LwOmkv15Tw5PjSZqGJYjLRhMQi4RSbBGz5EfQTzz69dyqR13ToRP%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f92cd8101db-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
528 B 47ms
47ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1045555
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8RNePU8%2BztYR1upy24SMzRAOH7lKe%2F4NGZArGMDR3FU%2Fo6qMPF6gpHKzcx56dlsQBAF3mzq0rUA2%2FO8zwbHiIIO2PSNIcgLDut%2BFav%2BGkiY%2BqJqPgptKOwZQBZHaQ%2Bofyzo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f92cd8201db-ZRH

GET
H2

200

tylebongdaplus.jpg
storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/k-OFGUmzgKWnKICkpsDz1exyeSg/v93BfA../
Redirect Chain

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/k-OFGUmzgKWnKICkpsDz1exyeSg/v93BfA../tylebongdaplus.jpg
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/k-OFGUmzgKWnKICkpsDz1exyeSg/v93BfA../tylebongdaplus.jpg

49 KB
49 KB

713ms
229ms

Image
image/jpeg

142.250.185.251
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/k-OFGUmzgKWnKICkpsDz1exyeSg/v93BfA../tylebongdaplus.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Server: 142.250.185.251 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f27.1e100.net
Software: UploadServer /
Resource Hash: 2d594049dae64a9aa9831b940983149a256867419af76e35afcf824639981592

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
x-guploader-uploadid: ABPtcPosmbNgJmBJ_HPukPcxC5xKRTqvEwkdfWVXK85byRemqmm22inDjsGtWHRPtoH-s3tfpS8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49946
last-modified: Tue, 26 Sep 2023 04:38:49 GMT
server: UploadServer
etag: "4bf1e46c12ac365d9faa17f3df2541eb"
x-goog-generation: 1695703129074338
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=M7yQPw==, md5=S/HkbBKsNl2fqhfz3yVB6w==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 49946
accept-ranges: bytes
expires: Tue, 14 Nov 2023 04:54:03 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
access-control-allow-methods: GET, OPTIONS
content-type: text/html; charset=UTF-8
location: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/k-OFGUmzgKWnKICkpsDz1exyeSg/v93BfA../tylebongdaplus.jpg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Cache-Control, Content-Type, Content-Length, Authorization, Accept, Accept-Encoding, User-Agent, X-Requested-With
x-xss-protection: 1; mode=block
expires: Wed, 15 Nov 2023 03:54:02 GMT

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
870 B 86ms
86ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1115805
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2t9glfjTk05MfNw0fpH8hP165akCZk7qBhEocZ0R68%2BkG23y5f38o1ELfuLDAOHXIiM%2F35QNnP4DziOxyVC2RE3E5vTF2uYvboVPSSKDU2gmElI2%2BNLfYfyxMN%2B6S%2FZ%2F%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f92dda101db-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
532 B 85ms
84ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 526186
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xtM1jiqNN1fv%2FsYKpitSSj8uEKL66LMAKj4Evd2wvxPJL8HdhMLGuEKBU%2FCF5zJuCwCxNjpUxSZrKk6%2Fv6gR8QLwnv%2F5xHqhrhwDGjCoVs7kRVs1nsS%2BNn36YCbaZ0XWj8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f92ddaa01db-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
589 B 82ms
82ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1045555
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39fkHTR0eWeH7IEEDl7sCV%2BgEauwtnMZDC3TbBvtVLfAg9%2FT%2FdmIN9E%2FOxTYEFheYhPAtxtLC%2FDF155%2BrjVcegR0I6v6hy8trC7JNNmoLW0SI%2FCcZOibXfd108Ei%2BCJkKJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f92edb401db-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
537 B 73ms
73ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1115805
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GBIXFXWR4BOXdgqxEit1R%2FLMl5RDaKQUpvec7pRVF2WbfWYiq44aAmWLW3Z4J3jf0nnn7kbL%2BZL7iI8bBcGD%2Fw4Z2OzoBE1liJDFUXA8yTCx%2FgxBP2m6oSqoTLdSop6e%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f92edc001db-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
530 B 71ms
71ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 526186
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyvOXA7nfGydEd2o5hVpkhgxmGm0CL1wnfgmlteAUm3a2J%2B%2F6oZ0AbkE%2FmCkq9lAnIikz1o%2FP1dtppExo4rDiMch0eDTmIRykH4OXwxrqowOrbE5vmN40CM3tHKZBb6XwTw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f92fdcb01db-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
537 B 69ms
69ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1045555
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQv1LEu%2BOmrStBP1n7uJNz2fSJxA62qqFij3VXcKJ22KygXIK0A1woKTwn4Gvek3uftt%2BGb7iZU3qS3LMVlSFxQzuJjKLLyRYa5bbfEza2yZ15t7V%2BpigEY8txCau%2F69g%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f930dd501db-ZRH

GET
H2

200

gutter-logo500.jpg
storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/yr8HZKgpbVEUPIkp4IPuDx4y7MM/rvoo3Q../
Redirect Chain

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/yr8HZKgpbVEUPIkp4IPuDx4y7MM/rvoo3Q../gutter-logo500.jpg
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/yr8HZKgpbVEUPIkp4IPuDx4y7MM/rvoo3Q../gutter-logo500.jpg

18 KB
18 KB

2505ms
2022ms

Image
image/jpeg

142.250.185.251
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/yr8HZKgpbVEUPIkp4IPuDx4y7MM/rvoo3Q../gutter-logo500.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Server: 142.250.185.251 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f27.1e100.net
Software: UploadServer /
Resource Hash: 0bd0b8c4d188dafc60ef25c01e124444ccd8387a93a8092edf85857a4c04eec8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
x-guploader-uploadid: ABPtcPo4nytTRd1cOC1t1fmUJuUtLiwZDTbFqi_Do-HLwLSihNLjAW4DQ_C6IzvoTGTpzMmFylXewnC3ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18412
last-modified: Fri, 01 Sep 2023 10:12:37 GMT
server: UploadServer
etag: "717b21ba10825f56b1930e235188ec75"
x-goog-generation: 1693563157531527
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=ImREVQ==, md5=cXshuhCCX1axkw4jUYjsdQ==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 18412
accept-ranges: bytes
expires: Tue, 14 Nov 2023 04:54:03 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
access-control-allow-methods: GET, OPTIONS
content-type: text/html; charset=UTF-8
location: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/yr8HZKgpbVEUPIkp4IPuDx4y7MM/rvoo3Q../gutter-logo500.jpg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Cache-Control, Content-Type, Content-Length, Authorization, Accept, Accept-Encoding, User-Agent, X-Requested-With
x-xss-protection: 1; mode=block
expires: Wed, 15 Nov 2023 03:54:02 GMT

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
585 B 60ms
59ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1115805
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2owMeTFQc%2BkjX7fTANB%2FGMlYB0RGVjI6YRhfsHeaLXtKH9%2BmELMr5emuSu6TaeGEYJRV8XAOfhKKkGpEQxRcqKMLgRsh9WghCqhfu98Eb2dU3Qvc85T9CL1NsZRol7vgfwE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f930ddb01db-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
585 B 57ms
57ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 526186
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bv85Tz0LbaAZny8cpqUbbuP8LQNq0F8QKWObbs4pVBcuBE5IH%2B82rgWuSkKFTdC9B%2Bymz4iMdHjzU9yCj9VOb10QV56RcsPXqWBlDdU9W2pKyWEV0hlMKpBsrfs5DAoqito%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f931ddf01db-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
586 B 91ms
91ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1045555
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pT%2FfD9lkq48IZt1OVXlFmxDXCyODHfkD1lz8BMvQ6a4Wr2c8eTOS5p4K3rY%2FXby3YjykqKaOz%2FGtTo%2FSEdXWIzcoBEOjJVcQGfGwhPOIxFJCcJaYOe0amYhVObdMTRkXf1U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f935e2001db-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
524 B 80ms
80ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1115805
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUzD3ebSZojWlqR3ntbSbof3%2BxsAerl9azBEMudcHfEceW4vk9yFgllshsVqiNbdie22xFUHxBAREg91oSs1I9oksDm9%2FpAhw40i8025YEorkt86%2Br6dLaSifaMX4EuTPKs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f935e2101db-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
587 B 80ms
79ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 526186
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JP9hETQiziHYdtlkqnD%2BgjwmWQ7wElkaBaBfjzKfPJgVaCmFkTb4B2PZFXEtUF2ixL8%2FLxYmGRRhjuznmivhsaYE0KYihL2%2BOiJnc%2F3kAHah4pio1ZhthpzJl9D9P3EzR3A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f935e2201db-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
515 B 75ms
75ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1045555
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8QvsnPYZMzgN0cO%2BxYrhb21swI6gj5spZOyKFHjUNNoEfSfZ8cEcOW9ARBoSilb1yQozMS%2BDRV%2BII0UKkapWbIv04SHpVjUD%2B%2Bw5NewWhMAOxX0LsusHdbz80fGQsykuERY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f935e2401db-ZRH

GET
H2

200

thuocdantoc-dai-dien.jpg
storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/btEjYu-qXLGzUlVOZq5sBFcXa8g/xXkU5w../
Redirect Chain

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/btEjYu-qXLGzUlVOZq5sBFcXa8g/xXkU5w../thuocdantoc-dai-dien.jpg
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/btEjYu-qXLGzUlVOZq5sBFcXa8g/xXkU5w../thuocdantoc-dai-dien.jpg

27 KB
27 KB

2679ms
2196ms

Image
image/jpeg

142.250.185.251
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/btEjYu-qXLGzUlVOZq5sBFcXa8g/xXkU5w../thuocdantoc-dai-dien.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Server: 142.250.185.251 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f27.1e100.net
Software: UploadServer /
Resource Hash: 743e13bb7a1a32def7b4f123f421fa2b9f3a91ee81801a5ac7f263629482115d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
x-guploader-uploadid: ABPtcPpZtx01oYDGx8FHbSBvbl7y3iSAVYdgdjDqraOQO7Kdje_5hGaSLuBy0Rg1NfAmV0QsYCY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27532
last-modified: Mon, 28 Aug 2023 03:40:20 GMT
server: UploadServer
etag: "d906b2c8f113e09fe625f5e75c415fc6"
x-goog-generation: 1693194020264240
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=pOMglw==, md5=2QayyPET4J/mJfXnXEFfxg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 27532
accept-ranges: bytes
expires: Tue, 14 Nov 2023 04:54:03 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
access-control-allow-methods: GET, OPTIONS
content-type: text/html; charset=UTF-8
location: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/btEjYu-qXLGzUlVOZq5sBFcXa8g/xXkU5w../thuocdantoc-dai-dien.jpg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Cache-Control, Content-Type, Content-Length, Authorization, Accept, Accept-Encoding, User-Agent, X-Requested-With
x-xss-protection: 1; mode=block
expires: Wed, 15 Nov 2023 03:54:02 GMT

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
863 B 60ms
60ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1115805
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yoobNG4fD5aBlD9kfv0fwjHbv7gDYiWXlLW4kJMn7pYONf2NB5kcGx0zTn2RNKaZrxtzE3%2F%2B5nRdEe7CTbeO2uTMDUv8iUbGXkaMqa9KDjXMGeyg11O8T6olDudXIjZH6Ac%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f935e2501db-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
544 B 60ms
60ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 526186
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFYw37YRjVVlYRQS9jgDFu0CyKgNbfjigVPfKebUuV7yzKVJv%2B5bGjmX1hVDs5uV3XJapTYJifhG%2BKl40h%2BiywI3Qg91ckIVIcz5q7ZxiOoh2zcBwFNrMo5JMJSl%2BsFzMBM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f935e2601db-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
846 B 59ms
59ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1045555
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1EYAkjL33RRC4tXcti3x41z4x622%2FQCQJJmFWF0ZkmIDlksHCzypkPQJQU2s1GL5Dwsium04V3I0mUPQMeBijwNlMjSFAlq6WIgh9hJZAgkzSC6hB5jXHjHJO7Qw8Xu2fOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f935e2801db-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
608 B 50ms
50ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1115805
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aL2n0TXcbp9tY0es1ykAshiyzsf%2FnZL7CsKLqlmiXCNhnStytnxl0QClWhpNxcxJxArCMuXkByR0hGuymNPMKfVln6s8UL8MLscG9G9yfGuKEEaHSW91OtvfMcTAW53jfEM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f935e2901db-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
520 B 67ms
67ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 526186
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSu4VtgREuoxUr5UWe54X45mYtCwxcDS7Kor4kYi9g%2FkThTaH85gihLIh8pSyKOa4qr7K%2FxywVTOyQVlqwqXHqe7pSNZHxEPrtZZM9NsX6cra5c0xP0YkuvQtvgveKIoyy4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f937e4201db-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
514 B 64ms
64ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1045555
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRxThLgnm5u71lWB%2FSNenCk7xJ112rFqM4SzLPL6kxo84%2F1Q%2B33%2FkhpmOxV6aFejRZ4nwrQtfl2QhJ0Yr0ZaTdz6qU3eC0GFBwZ58%2FtiQISkbVjq6k92y8Vdp9Q7Nxxh2MU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f937e4401db-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
529 B 45ms
45ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1115805
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLz0XZVRzw1F%2FxbKP6CL1P7yZmn4VQp1TJou04vg9eRBzuK0%2Bt9Z0Qhg99rKI%2FtM5ZKYgjAXDeB8Ezb9VtSszW33ySQicdXZvHzqUfrLyMMdyBw6apOMwQs1LL58gcoJDn4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f939e6101db-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
525 B 55ms
55ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 526186
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0lOKFM5CLoN43wf0MCAaciXCYlaBxqUT0GgXMYGDhr6%2BocqMwiFM8N81azp6Y50NqvZ3%2B%2BgP5A%2Feqfn2AGhQ8ckG%2BGcpcGy8nF%2BoRjZ3b0cT22Z9xG6WwkZ3K33I5KEiZg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f93ae7001db-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
593 B 55ms
54ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1045555
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eT8HBT1Ugx2e5ATNQA48WR%2FKSjwudqPo5DSVqyELdUAkqbG9ciHSFCKuCA7l5O3Le%2FA0Qgd90%2BD3AqDGgit12EgyYdSRu6MKBQ1YyguAUnePsGZcVIzh%2BAq8dACYAupkK8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f93ae7101db-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
611 B 62ms
61ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1115805
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bqhn5W4P4UKPIvd6KE2zhp1ehJzkJoNhbZEQv7PjnVIXJxNvL9HVEb%2FOv8tqzFSfr8esebBbbs696mJ%2FhdnoN3jSH6LxBh9rqVDhbI0l5Z7eJbmJktptndKJlO05VR1Pc9w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f93be7d01db-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
597 B 62ms
62ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 526186
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XvMbrstIko4RwgsHGTbzyWvOblpydaZDHfqMYQWd1b8oMImbBeDk9mr7JkVViSBJ0ETL3hYW%2BZsXDCLWp1DYqM5%2BvhbcB%2Fy43VTp6cggNW%2FC%2FS9GQ1hQQyB0EhSxxkB88zw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f93be8001db-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
846 B 63ms
63ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1045555
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZO02ptpucocuQmsMbOUKlewtMv0uoQgstOLSvTe4AuKD7rs27Bv3T%2FYbXn7KZa9kV4ERJfymPVa3rG746h3S699GlOpEmOghPbFk%2BE7%2F8Bcy2wWhEC5lEZBYIBiPPhJV68%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f93be8101db-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
533 B 52ms
52ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1115805
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4Fd%2BxsX%2BQq%2Bxuwqp3m737ipaNL2BRS51CD6Fkb%2FrIUNRP2707sYi6GfoEblHmkm0IZnJjBq9EijzE5GnPUqEVXJbJfWh1bQawDi4uqA4DdE%2F%2BtFWsOpia31ERZ0rB9RLVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f93ce8c01db-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
526 B 53ms
53ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 526186
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5f2FZ1pZdqU70nBhnACuad24lS0aYfnnEvIhiYRDVN67NYeozObCiQKo8%2FepMhWKi8z%2Fcmd4a8R8T4yVtfvMcgSDErCV8%2FvZAFu4ppsaeL967aZNYLYk%2FD%2BG7OpCS3T%2BEI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f93ce8d01db-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
516 B 53ms
53ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1045555
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2F%2FSFOGkKha9HE3Oh8%2F4XXMgktTtzhE09Ug8YPzuJGl%2BofnQDL9BimLJiI1f55ZkNqmCaMCrGrSRRq68gH%2FW1zLwycrNPmAs1tNJAcl%2BDPx1VUe6cFcKc0JLGqPgsCWeMwI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f93ce8f01db-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
527 B 44ms
43ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1115805
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oUzexWPJg0enZuxX4ECeouwwBtgvR4XG6osoQB58tKEuQq5e9AiyRdyndUwB3bbYrlvjZx5SQaZudGCGsKcS7eULpl%2FqKanK8%2Bduu%2BP6SXzPi6t06HGt07Rt6MHxeLYCd4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f93de9b01db-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
548 B 60ms
60ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 526186
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdAmxcqUNsYwXe0on3pcrOMw8IY%2BFQMzyQ%2FPmhNbw2%2FmnQ14EpPvdceh4wBDgYRh%2BNI3oDMa2rl0RLEE1%2FV38RRyX7nZUUa2Tpp%2FMmqTX1IW17v7Szw3ezoLM5otZOt6Y3I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f93eea501db-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
593 B 57ms
56ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1045555
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPSSkX833UbUaAvBI8ffuEvdrrSXTbCgzm3k44bZfBzRVo7kHqPm1Ll4x0kTudzzNHL1Nxo00qZJO%2B%2BiUc5ePwbYvo%2BnfBkq9qvELMQeMo6u69%2B37I6cealIZmFv782WAeU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f93eea601db-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
927 B 57ms
57ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1115805
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zDSmUamH9Oxqx3zCsLgBpF22EmayuiB1xIYNXXmmrnjAwjI5swGrmXBvHNIyQaKxJTO%2B1XFa2MScnXLV%2BD3qYDlklQRLQkSxupVkmSKOjIm6vKgmB8TYZ8vnuTk2El4aOkI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f93feb901db-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
595 B 58ms
58ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 526186
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2Bh3UQGGIIb81%2Flp0vqNNBIoHaIX2P66MZEEBB8QhYvC2rLeu6gMMAGgE%2FQhRU1ubmFJci5RmvaKr9055DLgdmivPrnKxC242c1NMjf9SbX%2Bv%2B6RqWA9CpO5cWKIJRUgVbM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f93febc01db-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
509 B 53ms
53ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1045555
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNtyp20PsvEOEWw8gzHWcqfhgIul6hrSR2WkWR3oetiWG9pVdYveOEtj8eB2%2FsGntdabb190%2BGL3gVJqwT4i01DzUpqBpQrtx0ohfXW6Bl1jjDHXhmNR9QohJozO0%2F8SVus%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f93febd01db-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
528 B 50ms
50ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1115805
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fi%2F8Nd%2FLl5DJN%2BoVZ8kRMWbXN7aez1ayQo2dKiswrDKlKAyd6litBgmJBfKi9sMyEfswLP92Izo%2B3pgbvegcc9ma3e3Abt9HtXNUBW30gXkB2BCgCuwFCzBCmSz5S4I2M48%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f940edd01db-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
521 B 57ms
56ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 526186
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MB7kO6oB9ycC1mXjsUZjaAfhg268AXufY5T0klMb5qhZUm9%2BHgfhAyzgLOXmUyyfEWbANKjqtDonlHzXqrUIKDz5GNs1HD3VrsplQ6E5NJKQbxwoKwXOXKtyL2J0gIpT%2FHY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f940ede01db-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
512 B 46ms
46ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1045555
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OH5yc4L316cwaJLwO3EV86Cfa5fJz3ZxVh4XZUP7demTkqtSElx2R8t3BakopthpNeGDw%2BpdMXa745qcNaNKES%2BxYeRaRY9e3PFy896xrZ%2BQj43BT%2F12Te1oCcZKdnwJhiA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f940edf01db-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
530 B 49ms
48ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1115805
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2FYC%2BfPX%2FH3s8lJkFASDUZlcKXgQwpNhNF%2BEAFfJBL6EhamJxfQppjFv0hlRHD67KjshaZm6fT6jFSuIm21yfSreS8R9l5vfenpIslomzLOOxjhQYoKaB5gSllS2r0pcgYo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f944f1b01db-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
559 B 49ms
49ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 526186
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQWHH6hKKMfCBIkFIi7FK0A7h6Sf5dwHaYBt6HPQt1yHITwEf0AwQC%2BrmGkNdZNySn%2F8k5aD%2FZ7T9s2NSHFwMu1NiGGIkvHsk81TJrmD6%2F29jQsLUixDQhQiU%2BLyJT7t7Ok%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f944f1d01db-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
586 B 68ms
67ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1045555
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBThxn3IEjkuy9jliUHoGR39kr5I9VOpLreufF4ZiIzS9HwrBsaFSiSu8Qk%2BX%2FCZuMEOfX8%2B53jpMhayQPSU7RVae62PsYj3aPETdx7EQ306esc%2FQadIQoXFbGsqoY%2BdCkI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f945f3901db-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
925 B 58ms
56ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1115805
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dWowkzOEK21AstYm%2B3jivQ7cICcFeQnt1N%2B0sJ9WcCPOD22%2BqdDBlFS4TRj6W7qG8pDqqDmhTY0vtBGq0CEGBe6vcxyxjv1kiVZ3HlA0pXzbDFGA6G2f0pqlFMwjGdm6bm0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f947f5101db-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
594 B 58ms
57ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 526186
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=16dvVbfw9ID8VIq5ktNbsMSoboXr7BzSZi2755y1kgKuq1K%2BctcjtD%2BcsgWOG%2F6C0FkkN7Z0wSe7m7Zj30%2BNe8z4jC5naTWwSWc2UDGIFebpPG0EFv4yWweThLLlBrk%2Br54%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f947f5201db-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
513 B 59ms
57ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1045555
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TjPtZaqFyc38oHlivgQS4YmSutELcV%2B2mg%2FD6PkzCSx5Tl6i3zwXuBR4w1PUL4FZTwMlGid7Y6ykCZVRzdm0lqmaQwb4tkUcOFIWovLkyWW2Ua1goTX%2B%2BfYzIC2SosuNF5Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f947f5301db-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
534 B 55ms
55ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1115805
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tg0BjJ2WVUuZn8ikapUSbc9GBY7qHw57zkXNJzrUk4%2BmOqoVd23xi%2BsSYv%2Bmpwvmdai%2Bq%2FOHZuv79tqtdSVVM0Gx%2BXZxgyBbUv3dGZeNc2IW6BYyk4uYNuNCbYmYUOX8Iko%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f948f5f01db-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
526 B 55ms
55ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 526186
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=unaaEarI0ICQQerpWiGmycZnPuCc%2BEH7r%2FHEUbVDVXVDH3F5%2F66Cj4rdSqxBZn3VAso7gzVKp6QDUcVuY1%2BUL7Y0aOWTqgWSmkwL%2F68OzrA4i5RU7t6vLaHfDvThk4Rt%2BNk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f948f6001db-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
547 B 55ms
55ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1045555
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPYgDFxjE1PZWzx7bT08%2FrA8UOhnB4uW5Hyc1hl9cJez%2FcIOvvHlfCKYSiX5Cf%2BSb0d71SZnzaZhsCDiTLZz08ZZEZYLQPjgzLGAA9YODw5MdDGqDDSO33jh9%2BvkckIu4q8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f948f6101db-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
532 B 43ms
42ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1115805
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WLXSwpLLlMMfRAeGgF6x7JT8teXIbsY%2BnOG0%2BSvIiVtzKMadFMTOcxUijmlZVPPLh2SrsniSgCdBnCbDleVQQ%2BVX%2F8s7%2FteKC9lMl3HcTsr2qNRCCCIEYEP8TEU0dfESM0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f949f6b01db-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
520 B 44ms
43ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 526186
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6mkuzKa6opujVbOvwTGjh15yZbsTS6AbzsvODTIBuma3Y409t%2B1GSZzxOqjoF4r4iYr9Mc8F%2BbLNX7h2UkHVgbxuVmbt1GNR7KGZGw7ybpBicucvo4eBFs7KJeYXWlFwoY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f949f6e01db-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
921 B 45ms
45ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1045555
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtSueGEgpsp3HHlTvmEhdoJsbRHhJVOh%2FpIgka2zwbAMLuHtZQWGB1QEK6EhMGMNh%2BFaHuKtPbVEjvOL%2B1zD6bZnQmHGTDYOBTNjFn3TlGyMGyf1ZOmixJM%2F10shfv6zHrM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f949f6f01db-ZRH

GET
H2 200 kich-thuoc-bon-cau.jpg
thietbivesinhtoto.vn/wp-content/uploads/2023/07/ 42 KB
42 KB 2260ms
703ms Image
image/jpeg 103.28.36.168
NHANHOA-AS-VN Nha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thietbivesinhtoto.vn/wp-content/uploads/2023/07/kich-thuoc-bon-cau.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.28.36.168 , Viet Nam, ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN),
Reverse DNS: wordpress-hosting09.nhanhoa.com
Software: LiteSpeed /
Resource Hash: 2ca721372a9f18090f544b439ec8e281d12a9ac1d38ef0fb8c0f831c1c592949

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
last-modified: Thu, 06 Jul 2023 01:06:48 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 43197
expires: Tue, 21 Nov 2023 03:54:03 GMT

GET
H2 200 bluff-trong-poker-la-gi.jpg
mleqzsi8gjmm.i.optimole.com/w:auto/h:auto/q:mauto/f:avif/https://nhacaiuytin.com.co/wp-content/uploads/2023/06/ 17 KB
18 KB 596ms
66ms Image
image/avif 13.32.27.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mleqzsi8gjmm.i.optimole.com/w:auto/h:auto/q:mauto/f:avif/https://nhacaiuytin.com.co/wp-content/uploads/2023/06/bluff-trong-poker-la-gi.jpg

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-66.fra56.r.cloudfront.net

Software

Optimole /

Resource Hash

6aa8ddfb0537664c2e5fd55bb65253ee011291c109ee5801533d57a09fc00e09

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:49:38 GMT
content-security-policy: script-src 'none'
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 264
x-cache: Hit from cloudfront
content-disposition: inline; filename="bluff-trong-poker-la-gi.avif"
alt-svc: h3=":443"; ma=86400
content-length: 17348
x-request-id: rrYUQV_0lA6AcTlJENm60
server: Optimole
accept-ch: ECT
etag: "WYADNeiJ8VBhD7l0V7bmOzcnzAITgnDbuIGmq-m7l30/RIjBkMjgzZDk1NjhmOWM5ZmUwYjUzODU4NzdhMmFhN2JkIg"
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-id: 3tUpBP1hnCdxqNjXzpsOduQZm78gar8nasRgKpQtrBcZwtGUsXFTaw==
expires: Wed, 13 Nov 2024 03:49:38 GMT

GET
H2 200 jasa-sertifikasi-iso-27001.webp
ssicertify.com/wp-content/uploads/2023/08/ 26 KB
26 KB 1298ms
411ms Image
image/webp 103.247.8.134
CRI-AS-AP CV. Rum...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssicertify.com/wp-content/uploads/2023/08/jasa-sertifikasi-iso-27001.webp
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.247.8.134 , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS: sanggau.dua.rumahweb.net
Software: Apache /
Resource Hash: eaa5100bb799a5d116baf8c3deec425873ad9d3410f17eb4cd33aaeb1772e547

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
content-encoding: br
last-modified: Thu, 24 Aug 2023 07:15:25 GMT
server: Apache
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 26622
expires: max-age=A10368000, public

GET
H2 200 cropped-%E6%9C%AA%E6%A0%87%E9%A2%98-1-1.jpg
ledcoms.com/wp-content/uploads/2022/12/ 5 KB
5 KB 843ms
312ms Image
image/webp 47.246.50.75
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ledcoms.com/wp-content/uploads/2022/12/cropped-%E6%9C%AA%E6%A0%87%E9%A2%98-1-1.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.50.75 Paris, France, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 60e1b13cfec9e429c094a59d71bb4cfbda9b80a01b1fcb130ab62b2ecb7eaf5c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
via: cache2.us13[167,0], cache3.fr1[263,0]
last-modified: Sat, 04 Mar 2023 06:35:44 GMT
server: Tengine
etag: "6402e6c0-122a"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 4650
eagleid: 2ff6329716999340428625019e, 2ff6329716999340428625019e
expires: Wed, 13 Nov 2024 03:54:03 GMT

GET
H2 200 ngoai-hang-anh.jpg
static.tylebongdaplus.com/resources/og_images/leagues/ 75 KB
75 KB 1000ms
340ms Image
image/jpeg 210.211.99.108
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tylebongdaplus.com/resources/og_images/leagues/ngoai-hang-anh.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.99.108 Thu Dau Mot, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx /
Resource Hash: 2c957ef219037d5f790a542172674a137be55808ed4f7188c4cf465febb7f605

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:45:28 GMT
last-modified: Sun, 24 Sep 2023 18:31:20 GMT
server: nginx
etag: "65108078-12a6d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 76397
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 khi-hau-viet-nam-co-phu-hop-lap-cua-luoi-chong-muoi-sm.jpg
cuahoangminh.com/4725809B000934FB/15516BAB82E100EC47258967000BE398/$File/ 32 KB
32 KB 622ms
79ms Image
image/jpeg 104.21.61.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cuahoangminh.com/4725809B000934FB/15516BAB82E100EC47258967000BE398/$File/khi-hau-viet-nam-co-phu-hop-lap-cua-luoi-chong-muoi-sm.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.61.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bf11654f0ba99080488eaf18caf4510ebd34c7ac955dcffdd84bcc13827831c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 589
alt-svc: h3=":443"; ma=86400
content-length: 32282
last-modified: Tue, 14 Nov 2023 02:12:04 GMT
server: cloudflare
etag: W/"MTAtODA4Ny00NzI1OEE2MjAwMEYxRkU4LTQ3MjU4QTY3MDAwQkQ2RUItMTU1MTZCQUI4MkUxMDBFQzQ3MjU4OTY3MDAwQkUzOTg="
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULHmEg2jtIM99pLDRNoT%2BtRrMjJ2WSF1IjPVzYMeeIMh%2FCfSm6dOkMV%2FAdxFXzr2mBhs89uMju0tWInVhy%2FFiZp0CwTKV2v7OgVUHm7npLtmBplkCW6LF9UeILEa84dnhA3l"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 825c4f983a070e2f-AMS
expires: Tue, 14 Nov 2023 23:59:59 GMT

GET
H2 200 6938c53a82351aac977ccdd27e815afa
www.gravatar.com/avatar/ 62 KB
63 KB 737ms
214ms Image
image/png 192.0.73.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gravatar.com/avatar/6938c53a82351aac977ccdd27e815afa?s=400
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f60d7d9e2d49c3a8e76570a7e481c7df1a240e1061a43d50ad619fc7af2a138

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS hhn 1
date: Tue, 14 Nov 2023 03:54:03 GMT
last-modified: Thu, 20 Jul 2023 05:20:54 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="6938c53a82351aac977ccdd27e815afa.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/6938c53a82351aac977ccdd27e815afa?s=400>; rel="canonical"
content-length: 63851
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 Nov 2023 03:59:03 GMT

GET
H2 200 ogp_image.jpg
prd.storage.lit.link/images/creators/0a45fe9d-bd1c-46c1-82f7-99d1989b8956/ogp/ 354 KB
355 KB 2984ms
1673ms Image
image/jpeg 34.149.134.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.storage.lit.link/images/creators/0a45fe9d-bd1c-46c1-82f7-99d1989b8956/ogp/ogp_image.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.134.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 227.134.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 01bda2fd749ac411f07d9706f4e3a1eb3e3230a258075d859d240503550481fb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:04 GMT
x-guploader-uploadid: ABPtcPq6yrLbJGPH9J5ywZ7IlnlYBPeb4qDprSbmb8DnlisvjvdU8YoSbfLXQGP71EAaWkzlJil5M3Fsv2p6tZbGfDIHH78u_aIP
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 362312
last-modified: Mon, 23 Oct 2023 12:07:43 GMT
server: UploadServer
etag: "03987a26b4d3cbc60f57fa8cacbf2cd4"
vary: Origin
x-goog-generation: 1698062863868116
content-type: image/jpeg
x-goog-hash: crc32c=uyoDRA==, md5=A5h6JrTTy8YPV/qMrL8s1A==
cache-control: public,no-cache,max-age=0
x-goog-stored-content-length: 362312
x-goog-meta-firebasestoragedownloadtokens: 50d849ee-fe1e-4047-8577-317896d0600b
accept-ranges: bytes

GET
H/1.1 200
OK tri-hac-lao-bang-cu-rieng-1.jpg
www.thuocdantoc.org/wp-content/uploads/2019/05/ 96 KB
97 KB 962ms
419ms Image
image/jpeg 116.118.49.56
SPT-AS-VN Sai gon...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thuocdantoc.org/wp-content/uploads/2019/05/tri-hac-lao-bang-cu-rieng-1.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.118.49.56 Ho Chi Minh City, Viet Nam, ASN7602 (SPT-AS-VN Sai gon Postel Corporation, VN),
Reverse DNS
Software: nginx /
Resource Hash: f5778561ef1b5e28b0339618991e6e77a10bc2542d6b028d71dfc98ed2195df0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 14 Nov 2023 03:54:02 GMT
Last-Modified: Tue, 10 Sep 2019 00:13:12 GMT
Server: nginx
ETag: "5d76ea98-180c1"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 98497
Expires: Thu, 14 Dec 2023 03:54:02 GMT

GET
H2 200 Thumbnail.png
cdn.dnse.com.vn/dnse-home/images/ 49 KB
49 KB 1496ms
988ms Image
image/png 34.120.245.111
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.dnse.com.vn/dnse-home/images/Thumbnail.png
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.245.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 111.245.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b4e1d5fc3c32c3142db3d3c96bd3330600b824b5b5db33b22ace7b127992211b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
x-guploader-uploadid: ABPtcPolzQxZ0AJtwss8lxrZAMoFtXUXXh0sTKSaI9Hl2BtYncLO6tkAqHdW_gpNwkmCpLxWQGwer86cFMiL2nDsh9VIIeiAWomA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49750
last-modified: Thu, 09 Nov 2023 13:11:12 GMT
server: UploadServer
etag: "82188ab3f27d23f3d1bc7b6b267e41f0"
x-goog-generation: 1699535472613992
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=7fGrhw==, md5=ghiKs/J9I/PRvHtrJn5B8A==
access-control-expose-headers: *
cache-control: public,no-transform,max-age=2592000
x-goog-stored-content-length: 49750
accept-ranges: bytes

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
607 B 46ms
46ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272845
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ir3%2FyMs34RdZlcu7EcmACtSbSS4H9IC0Clnhr8RnpId2EOXonA2GqOKJpXcoAYsopqIISrvop%2F5stRt0Yu%2BAXYuRr8pTzCM16jm5tTfKCjAzritvg9G3j6menKNHMIqJgtU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f94bf9401db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
543 B 50ms
50ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272845
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2k9Sjg01IFqIGkowCzAroCexxs5hJHuXXSSx2DojbYvJT0YRnn6%2Bv8BrhG7e6STY11iyKvjIjvJepaiR84Lo4IQR67IjiXoxTN2duZfga58QcrALVxnZ5deMh7RQSbM6fQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f94dfbb01db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
551 B 47ms
47ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272845
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yUkIHcZtshs00ZmzC37u%2B3BuZXNPzfMCbknvAPO7eVDn1xaIODPBIyajfHKjiCq9kOWr0e%2B%2BB1TrHTGAmruH5%2F3yahoK%2BsTjmXOAwGFOUCf45ZQ05byqYEHQgrTV6LqDuZA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f94dfbc01db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
546 B 54ms
53ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272845
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMdNHqX8MbHv0bLb%2FRZGh9M9WcRN00Chy4MtofsKDa2iUHW1Z4TqfSpP17coAG2C1tN98jwMuviuDGsxVgPG4Z30rJK0pHLSfHJ2%2BQBJiW8pBndSmE5H4pvH6q%2FT4T7M57w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f94efd101db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
573 B 51ms
51ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272845
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctHnKHQl8b59vNeDL5lcbX6bqNFNETh%2Bq87pV%2FexkvobaNymEeXMZYtTfIyefl%2BhkQDNGVyjQ2wK2%2F2hVZr6Ldi7tFF2%2Bwp%2F9QiezN1pZq0ad4ugusMJiUS8gC7YE6CHlxo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f94efd301db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
546 B 48ms
48ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272845
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OpatP2tlF92VCuIR%2B%2BtiISmEkoUFoQ3wiCyxgstNff5Yc56%2B3r3yi70BJ%2BmoQ5a5BeG7mV2y4Kajv0pJa4ZSY2RDpf09HPnqXIDU2Q0Sp%2FbfJga2t0IoitswmL7wSStaBz4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f94efd501db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
619 B 57ms
57ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272845
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4l2YHdD4VMQ8WiqdvWS2TWHKv1SkjOO1cOrmmXP9R02DQ6Ouq7hNbk1jqSl%2BOxf62eX2v2weafH75vJflJWHaBascCGvvl3wrdevKBHsS8ZcItt8vX8P1jJ9OPKfb6sY1I4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f94ffe101db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
659 B 54ms
53ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272845
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FlOSsJ6caGKgo5Qoc5qtMOeiwDt6xegf70vG3XHrhFlQq6PMfK0zO6jlBsCSWbFiVlVWolca1tY%2FmYqMn2KTXHeHG07gmf2FwwYalGwDVNhrnhzswosjfRUVUGzmiTHnDLM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f94ffe201db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
553 B 49ms
49ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272845
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rmFZIBMl3Jk9XhJqoQPDa2%2FX%2FCM4NiqI9XwKjHGpg8SM6KVfeciT5xefRjq%2FhxP%2FVIEyyZj7ZbD%2FRCjmx4m71dMKKKag0oLQWnv3gejGAEtagp60Cv1hfwmAMh%2F4j0%2FR2E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f94ffe301db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
767 B 47ms
47ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272845
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BKpm9MXdbSYEP8UH%2F3ZbqkTdxBfSr31YRaQA%2FoGlFLpdh0QFvjLE2gjFOaOrfDbdr%2FYOoTmztKS2YmDJqaNvaHs6O4q2FtBb23b4mz35GH6jKccOOdO4Ru2cJEf4R9Lv3g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f94ffe501db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
550 B 46ms
45ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272845
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ts8%2FEmbVhJT7wDjIdk0egNZwDoCUOqskc55FBNWKjXwqldDXFD%2B4Eo6yL%2BOr2G38fEWuv32Pc20a5Jj7XzaeSAB5HQ%2Fd4Hf07JS%2FWfBuSUti18okycPCGi3XKhTf4mt%2B6U0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f94ffef01db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
550 B 359ms
359ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272845
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u97hpUci%2FxEp90XJtAbnaGLbpK1bddpcTLY71lo%2Byqj2rMx5BNeKnvdPExkGEbvOYz4A08kuR7V7m%2FmI3KDc%2F6vr37dN9SF3Ak25pgA%2FG8kHs7L3wVU%2Bwx7kmzFZgwfCchU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f950ffc01db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
546 B 362ms
361ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272845
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n3lk3sdOkvtQ6R9K%2BVZ86QqHHDFxr%2B%2Bb6B9HInfBebruhZ6fo4sc37CWiHEk2LNkD4emOJClFRGj1YRkaw7yJAbwbzCMqsioWszg41GYO2yqZ9Vi0ak5bJCpxrrngqhMIPU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f950ffe01db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
539 B 358ms
358ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272845
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edvmjyA44an0839hGMCjX62iN6zUVeBy551dnI9I2VegNBostrt5QutlE8rttHLfNddIi1oP1ulj6algz8mgqF5XA7ldlUcHV6E1gQctlbSwb8R8NqEVqAEDJkd91LuzCh8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f950fff01db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
571 B 358ms
358ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272845
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHgZbOKShwGIBSy%2FJClt6BFxlz8qCWH2cFlXrQl%2Ft8SzWrxDNFZcmV7KFJ92t3iGMGFByxsyEbcf%2BsTrFbS4iAOt7J%2FbpRYBpsumxqhJ2mS8e0esZ87jZijBLqhk1jz7tz8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f95080101db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
545 B 358ms
358ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272845
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hxkd2u1%2Fw5YN5t%2FoYEfrzvtcY4lttt09F6ow0vAYnacjFj1Z7f82gUuAisKtEx9e476nzg7RdPK4o07n63NEQChYR5UbLVu3HEUPkBxy5Yt%2Bmx0vSCIrDeVN2JXv3mEjk4I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f95080301db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
619 B 359ms
359ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272845
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4mybKDGXF7w6228RHpqfZstbJUAzWtAdAZpfGwNkkpsA4HAC78PO9z98dtv6wnskGcqKBkmn%2Fq7h3mVlpxtKU4nn6nfqZKaMTpH1bxdJh93462wsxVvbUMygovWqDWPlcI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f95180d01db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
548 B 359ms
359ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272845
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17Dii1prXnxHi1sGDmD63rHUsXSfdqvLN33RxMNI%2B9mgJokmeXanhpPAlHgslPgz6yGFqRRHDizFQUsEKX%2BkZjGpyMwVW2f%2BYvHcH8Au5%2BZwkgaape00FQj6KjTvjWitcU0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f95180f01db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
764 B 356ms
356ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272845
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=goJnlgV1tF4GqgEd3Sv0QudVsDwT9ur7eV0RbXVmkFdwf2cJFpkBtw07qZ3qj9Ig2wSKIe5s98MMOWvvUe8LASNM3UH%2B12Vd%2B3dEai3rvhnHD3BPt63IhG%2F36aEihny8y0s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f95181001db-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
665 B 356ms
356ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 272845
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHoXcLaVKfiuHTBwltc8eanWmSVN3YAcOrAtgWVZed%2FGTMFsoI85y2O%2F2TNMSSLEobFC3QnXrJ0SVjpnvQY8iCbmjTUIGYFAMUf5IZoIISe1NvObu0p%2Bbhn6gBmV9sPN4%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4f95181101db-ZRH

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 391 B
234 B 673ms
669ms XHR
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2815995020238576&correlator=3391891921474137&eid=31079630%2C44807409%2C44780989%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D09c4a9a327608928%3AT%3D1699934040%3ART%3D1699934040%3AS%3DALNI_MZd8FkfR7CegW4Mn6r3HpNzQX5V_Q&gpic=UID%3D00000cc39ae70583%3AT%3D1699934040%3ART%3D1699934040%3AS%3DALNI_Mb0nJmvqrby3TjNCksZ9NeO8qVkZA&abxe=1&dt=1699934042420&lmt=1699934042&adxs=386&adys=1835&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1651993066.1699934040&ga_sid=1699934041&ga_hid=1815630392&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYo-Tb37wxSABSAghkEjsKCnB1YmNpZC5vcmcSJDQ4Y2EzMjUyLWU0YzMtNDM3My05ZWIxLWVmODdjNDkzNWY5NBjl5tvfvDFIABIdCg5lc3AuY3JpdGVvLmNvbRij5NvfvDFIAFICCGQSFwoIcnRiaG91c2UYpOTb37wxSABSAghkEhQKBW9wZW54GKPk29-8MUgAUgIIZBIZCgp1aWRhcGkuY29tGKTk29-8MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yo-Tb37wxSABSAghk&dlt=1699934037811&idt=762&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D3_BE_chrome%26browser_hour_refresh%3Dchrome_3_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26iabCategory%3D264%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=3986541890&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

574d92a2bcd338b2c9d8fce1981986bcdd9e54ee7569c73adada33ecba3c1c17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 599ms
595ms XHR
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2815995020238576&correlator=1685131147446475&eid=31079630%2C44807409%2C44780989%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D09c4a9a327608928%3AT%3D1699934040%3ART%3D1699934040%3AS%3DALNI_MZd8FkfR7CegW4Mn6r3HpNzQX5V_Q&gpic=UID%3D00000cc39ae70583%3AT%3D1699934040%3ART%3D1699934040%3AS%3DALNI_Mb0nJmvqrby3TjNCksZ9NeO8qVkZA&abxe=1&dt=1699934042425&lmt=1699934042&adxs=386&adys=2701&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1651993066.1699934040&ga_sid=1699934041&ga_hid=1815630392&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYo-Tb37wxSABSAghkEjsKCnB1YmNpZC5vcmcSJDQ4Y2EzMjUyLWU0YzMtNDM3My05ZWIxLWVmODdjNDkzNWY5NBjl5tvfvDFIABIdCg5lc3AuY3JpdGVvLmNvbRij5NvfvDFIAFICCGQSFwoIcnRiaG91c2UYpOTb37wxSABSAghkEhQKBW9wZW54GKPk29-8MUgAUgIIZBIZCgp1aWRhcGkuY29tGKTk29-8MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yo-Tb37wxSABSAghk&dlt=1699934037811&idt=762&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D3_BE_chrome%26browser_hour_refresh%3Dchrome_3_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26iabCategory%3D264%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=3847355023&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

285b1b9e068d265a58a13f21cf6a79767a5e818fd84ae73230d4943b9fc3f4f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22983
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
22 KB 682ms
678ms XHR
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2815995020238576&correlator=2081904080100494&eid=31079630%2C44807409%2C44780989%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D09c4a9a327608928%3AT%3D1699934040%3ART%3D1699934040%3AS%3DALNI_MZd8FkfR7CegW4Mn6r3HpNzQX5V_Q&gpic=UID%3D00000cc39ae70583%3AT%3D1699934040%3ART%3D1699934040%3AS%3DALNI_Mb0nJmvqrby3TjNCksZ9NeO8qVkZA&abxe=1&dt=1699934042432&lmt=1699934042&adxs=386&adys=3586&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1651993066.1699934040&ga_sid=1699934041&ga_hid=1815630392&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYo-Tb37wxSABSAghkEjsKCnB1YmNpZC5vcmcSJDQ4Y2EzMjUyLWU0YzMtNDM3My05ZWIxLWVmODdjNDkzNWY5NBjl5tvfvDFIABIdCg5lc3AuY3JpdGVvLmNvbRij5NvfvDFIAFICCGQSFwoIcnRiaG91c2UYpOTb37wxSABSAghkEhQKBW9wZW54GKPk29-8MUgAUgIIZBIZCgp1aWRhcGkuY29tGKTk29-8MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yo-Tb37wxSABSAghk&dlt=1699934037811&idt=762&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D3_BE_chrome%26browser_hour_refresh%3Dchrome_3_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26iabCategory%3D264%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=1577968766&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

83381dcb078fcc2ece28736451760652a4e572f8d1b17a0f4e7ac59d019b5e4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22870
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 676ms
672ms XHR
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2815995020238576&correlator=3027188583833244&eid=31079630%2C44807409%2C44780989%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D09c4a9a327608928%3AT%3D1699934040%3ART%3D1699934040%3AS%3DALNI_MZd8FkfR7CegW4Mn6r3HpNzQX5V_Q&gpic=UID%3D00000cc39ae70583%3AT%3D1699934040%3ART%3D1699934040%3AS%3DALNI_Mb0nJmvqrby3TjNCksZ9NeO8qVkZA&abxe=1&dt=1699934042436&lmt=1699934042&adxs=386&adys=4429&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1651993066.1699934040&ga_sid=1699934041&ga_hid=1815630392&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYo-Tb37wxSABSAghkEjsKCnB1YmNpZC5vcmcSJDQ4Y2EzMjUyLWU0YzMtNDM3My05ZWIxLWVmODdjNDkzNWY5NBjl5tvfvDFIABIdCg5lc3AuY3JpdGVvLmNvbRij5NvfvDFIAFICCGQSFwoIcnRiaG91c2UYpOTb37wxSABSAghkEhQKBW9wZW54GKPk29-8MUgAUgIIZBIZCgp1aWRhcGkuY29tGKTk29-8MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yo-Tb37wxSABSAghk&dlt=1699934037811&idt=762&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D3_BE_chrome%26browser_hour_refresh%3Dchrome_3_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26iabCategory%3D264%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2031985588&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

50c2ee9f0874340c6f0a5608634e90fd8db10181c98467ba51ebe8dc1f7a9b50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23251
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 680ms
677ms XHR
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2815995020238576&correlator=4341115431267861&eid=31079630%2C44807409%2C44780989%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D09c4a9a327608928%3AT%3D1699934040%3ART%3D1699934040%3AS%3DALNI_MZd8FkfR7CegW4Mn6r3HpNzQX5V_Q&gpic=UID%3D00000cc39ae70583%3AT%3D1699934040%3ART%3D1699934040%3AS%3DALNI_Mb0nJmvqrby3TjNCksZ9NeO8qVkZA&abxe=1&dt=1699934042439&lmt=1699934042&adxs=386&adys=5358&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1651993066.1699934040&ga_sid=1699934041&ga_hid=1815630392&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYo-Tb37wxSABSAghkEjsKCnB1YmNpZC5vcmcSJDQ4Y2EzMjUyLWU0YzMtNDM3My05ZWIxLWVmODdjNDkzNWY5NBjl5tvfvDFIABIdCg5lc3AuY3JpdGVvLmNvbRij5NvfvDFIAFICCGQSFwoIcnRiaG91c2UYpOTb37wxSABSAghkEhQKBW9wZW54GKPk29-8MUgAUgIIZBIZCgp1aWRhcGkuY29tGKTk29-8MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yo-Tb37wxSABSAghk&dlt=1699934037811&idt=762&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D3_BE_chrome%26browser_hour_refresh%3Dchrome_3_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26iabCategory%3D264%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=1876406810&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

92374399ef787717fc95af9a8bb4ff91978478377a8be07205206d6423a0a62c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23174
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 672ms
669ms XHR
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2815995020238576&correlator=3212720285037568&eid=31079630%2C44807409%2C44780989%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=8&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D09c4a9a327608928%3AT%3D1699934040%3ART%3D1699934040%3AS%3DALNI_MZd8FkfR7CegW4Mn6r3HpNzQX5V_Q&gpic=UID%3D00000cc39ae70583%3AT%3D1699934040%3ART%3D1699934040%3AS%3DALNI_Mb0nJmvqrby3TjNCksZ9NeO8qVkZA&abxe=1&dt=1699934042443&lmt=1699934042&adxs=386&adys=6243&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1651993066.1699934040&ga_sid=1699934041&ga_hid=1815630392&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYo-Tb37wxSABSAghkEjsKCnB1YmNpZC5vcmcSJDQ4Y2EzMjUyLWU0YzMtNDM3My05ZWIxLWVmODdjNDkzNWY5NBjl5tvfvDFIABIdCg5lc3AuY3JpdGVvLmNvbRij5NvfvDFIAFICCGQSFwoIcnRiaG91c2UYpOTb37wxSABSAghkEhQKBW9wZW54GKPk29-8MUgAUgIIZBIZCgp1aWRhcGkuY29tGKTk29-8MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yo-Tb37wxSABSAghk&dlt=1699934037811&idt=762&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D3_BE_chrome%26browser_hour_refresh%3Dchrome_3_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26iabCategory%3D264%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2971132554&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

cd779c50646cccabacfbbfb91af76704707e1d02bd0e388bbed539e4d8284255

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23213
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
23 KB 704ms
701ms XHR
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2815995020238576&correlator=640853859306583&eid=31079630%2C44807409%2C44780989%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=9&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D09c4a9a327608928%3AT%3D1699934040%3ART%3D1699934040%3AS%3DALNI_MZd8FkfR7CegW4Mn6r3HpNzQX5V_Q&gpic=UID%3D00000cc39ae70583%3AT%3D1699934040%3ART%3D1699934040%3AS%3DALNI_Mb0nJmvqrby3TjNCksZ9NeO8qVkZA&abxe=1&dt=1699934042446&lmt=1699934042&adxs=386&adys=7086&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=7&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1651993066.1699934040&ga_sid=1699934041&ga_hid=1815630392&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYo-Tb37wxSABSAghkEjsKCnB1YmNpZC5vcmcSJDQ4Y2EzMjUyLWU0YzMtNDM3My05ZWIxLWVmODdjNDkzNWY5NBjl5tvfvDFIABIdCg5lc3AuY3JpdGVvLmNvbRij5NvfvDFIAFICCGQSFwoIcnRiaG91c2UYpOTb37wxSABSAghkEhQKBW9wZW54GKPk29-8MUgAUgIIZBIZCgp1aWRhcGkuY29tGKTk29-8MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yo-Tb37wxSABSAghk&dlt=1699934037811&idt=762&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D3_BE_chrome%26browser_hour_refresh%3Dchrome_3_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26iabCategory%3D264%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=352790384&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

dd70df94316bbe24e19a15650456d8ffe1eaa5d5c3eeca8836b40630cd6b1b61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22971
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 674ms
671ms XHR
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2815995020238576&correlator=2043609083393246&eid=31079630%2C44807409%2C44780989%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=10&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D09c4a9a327608928%3AT%3D1699934040%3ART%3D1699934040%3AS%3DALNI_MZd8FkfR7CegW4Mn6r3HpNzQX5V_Q&gpic=UID%3D00000cc39ae70583%3AT%3D1699934040%3ART%3D1699934040%3AS%3DALNI_Mb0nJmvqrby3TjNCksZ9NeO8qVkZA&abxe=1&dt=1699934042449&lmt=1699934042&adxs=386&adys=7971&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=8&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1651993066.1699934040&ga_sid=1699934041&ga_hid=1815630392&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYo-Tb37wxSABSAghkEjsKCnB1YmNpZC5vcmcSJDQ4Y2EzMjUyLWU0YzMtNDM3My05ZWIxLWVmODdjNDkzNWY5NBjl5tvfvDFIABIdCg5lc3AuY3JpdGVvLmNvbRij5NvfvDFIAFICCGQSFwoIcnRiaG91c2UYpOTb37wxSABSAghkEhQKBW9wZW54GKPk29-8MUgAUgIIZBIZCgp1aWRhcGkuY29tGKTk29-8MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yo-Tb37wxSABSAghk&dlt=1699934037811&idt=762&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D3_BE_chrome%26browser_hour_refresh%3Dchrome_3_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26iabCategory%3D264%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=3218107066&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

5f427fcc2499510391753f9d19089a531ff585b0e0ffff8d4ac51cb1a69af4a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23204
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
22 KB 672ms
670ms XHR
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2815995020238576&correlator=4140708081582491&eid=31079630%2C44807409%2C44780989%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=11&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D09c4a9a327608928%3AT%3D1699934040%3ART%3D1699934040%3AS%3DALNI_MZd8FkfR7CegW4Mn6r3HpNzQX5V_Q&gpic=UID%3D00000cc39ae70583%3AT%3D1699934040%3ART%3D1699934040%3AS%3DALNI_Mb0nJmvqrby3TjNCksZ9NeO8qVkZA&abxe=1&dt=1699934042452&lmt=1699934042&adxs=386&adys=8814&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=9&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1651993066.1699934040&ga_sid=1699934041&ga_hid=1815630392&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYo-Tb37wxSABSAghkEjsKCnB1YmNpZC5vcmcSJDQ4Y2EzMjUyLWU0YzMtNDM3My05ZWIxLWVmODdjNDkzNWY5NBjl5tvfvDFIABIdCg5lc3AuY3JpdGVvLmNvbRij5NvfvDFIAFICCGQSFwoIcnRiaG91c2UYpOTb37wxSABSAghkEhQKBW9wZW54GKPk29-8MUgAUgIIZBIZCgp1aWRhcGkuY29tGKTk29-8MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yo-Tb37wxSABSAghk&dlt=1699934037811&idt=762&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D3_BE_chrome%26browser_hour_refresh%3Dchrome_3_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26iabCategory%3D264%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=3269151347&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

8a3a8a7d5b8b6380de7c5b71eb6fc76ec70f45c5f578ac8f0df5b173bd9870b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22886
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
688 B 532ms
123ms XHR
application/json 54.73.167.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.167.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-167-29.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: c2227dc87c387d754cc1bb374a6ec9a11748e8049c8e844906aa2fd6bf39ca04

Request headers

Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:02 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://folkd.com
cache-control: no-cache
x-server: 10.45.6.167
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
14 KB 540ms
540ms XHR
text/plain 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2815995020238576&correlator=1323609605474290&eid=31079630%2C44807409%2C44780989%2C31079527%2C31078660&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDS.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&ifi=12&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D09c4a9a327608928%3AT%3D1699934040%3ART%3D1699934040%3AS%3DALNI_MZd8FkfR7CegW4Mn6r3HpNzQX5V_Q&gpic=UID%3D00000cc39ae70583%3AT%3D1699934040%3ART%3D1699934040%3AS%3DALNI_Mb0nJmvqrby3TjNCksZ9NeO8qVkZA&abxe=1&dt=1699934042603&lmt=1699934042&adxs=1140&adys=459&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=300&ga_vid=1651993066.1699934040&ga_sid=1699934041&ga_hid=1815630392&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYo-Tb37wxSABSAghkEjsKCnB1YmNpZC5vcmcSJDQ4Y2EzMjUyLWU0YzMtNDM3My05ZWIxLWVmODdjNDkzNWY5NBjl5tvfvDFIABIdCg5lc3AuY3JpdGVvLmNvbRij5NvfvDFIAFICCGQSFwoIcnRiaG91c2UYpOTb37wxSABSAghkEhQKBW9wZW54GKPk29-8MUgAUgIIZBIZCgp1aWRhcGkuY29tGKTk29-8MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yo-Tb37wxSABSAghk&dlt=1699934037811&idt=762&prev_scp=pos%3D2%26monu%3D300x250-160x600-300x600_B2%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D3_BE_chrome%26browser_hour_refresh%3Dchrome_3_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26iabCategory%3D264%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=4068447172&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

6ba38ec9ce5d4e847dc910d167aa749b21472c8ac7e65ff4b011dbc50355cc91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14414
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

nhacaiyutincomco.jpg
storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/YsOU_--9IrqY-vwNvHxokrksVto/-lbP5Q../
Redirect Chain

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/YsOU_--9IrqY-vwNvHxokrksVto/-lbP5Q../nhacaiyutincomco.jpg
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/YsOU_--9IrqY-vwNvHxokrksVto/-lbP5Q../nhacaiyutincomco.jpg

8 KB
8 KB

1100ms
769ms

Image
image/jpeg

142.250.185.251
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/YsOU_--9IrqY-vwNvHxokrksVto/-lbP5Q../nhacaiyutincomco.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Server: 142.250.185.251 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f27.1e100.net
Software: UploadServer /
Resource Hash: 440d92a5a423d16775d1ba942f9e7d9c6f5521807d1085dc30e21ad1a421fded

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
x-guploader-uploadid: ABPtcPp_bupKiraDotsV0qNOFMbytDPi6VmgC52jOcnNT5AKPMmP7xjejqspdgI0mPlYx6CIfk07WhjtIQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8030
last-modified: Tue, 05 Sep 2023 14:43:37 GMT
server: UploadServer
etag: "15a8c07fba7050660e3e6f9fa7b95247"
x-goog-generation: 1693925017812113
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=WO5lZQ==, md5=FajAf7pwUGYOPm+fp7lSRw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 8030
accept-ranges: bytes
expires: Tue, 14 Nov 2023 04:54:03 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
access-control-allow-methods: GET, OPTIONS
content-type: text/html; charset=UTF-8
location: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/YsOU_--9IrqY-vwNvHxokrksVto/-lbP5Q../nhacaiyutincomco.jpg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Cache-Control, Content-Type, Content-Length, Authorization, Accept, Accept-Encoding, User-Agent, X-Requested-With
x-xss-protection: 1; mode=block
expires: Wed, 15 Nov 2023 03:54:02 GMT

GET
H2

200

tylebongdaplus.jpg
storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/k-OFGUmzgKWnKICkpsDz1exyeSg/v93BfA../
Redirect Chain

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/k-OFGUmzgKWnKICkpsDz1exyeSg/v93BfA../tylebongdaplus.jpg
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/k-OFGUmzgKWnKICkpsDz1exyeSg/v93BfA../tylebongdaplus.jpg

49 KB
49 KB

718ms
388ms

Image
image/jpeg

142.250.185.251
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/k-OFGUmzgKWnKICkpsDz1exyeSg/v93BfA../tylebongdaplus.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Server: 142.250.185.251 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f27.1e100.net
Software: UploadServer /
Resource Hash: 2d594049dae64a9aa9831b940983149a256867419af76e35afcf824639981592

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
age: 0
x-guploader-uploadid: ABPtcPosmbNgJmBJ_HPukPcxC5xKRTqvEwkdfWVXK85byRemqmm22inDjsGtWHRPtoH-s3tfpS8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49946
last-modified: Tue, 26 Sep 2023 04:38:49 GMT
server: UploadServer
etag: "4bf1e46c12ac365d9faa17f3df2541eb"
x-goog-generation: 1695703129074338
x-goog-hash: crc32c=M7yQPw==, md5=S/HkbBKsNl2fqhfz3yVB6w==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 49946
accept-ranges: bytes
content-type: image/jpeg
expires: Tue, 14 Nov 2023 04:54:03 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
access-control-allow-methods: GET, OPTIONS
content-type: text/html; charset=UTF-8
location: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/k-OFGUmzgKWnKICkpsDz1exyeSg/v93BfA../tylebongdaplus.jpg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Cache-Control, Content-Type, Content-Length, Authorization, Accept, Accept-Encoding, User-Agent, X-Requested-With
x-xss-protection: 1; mode=block
expires: Wed, 15 Nov 2023 03:54:02 GMT

GET
H2

200

gutter-logo500.jpg
storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/yr8HZKgpbVEUPIkp4IPuDx4y7MM/rvoo3Q../
Redirect Chain

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/yr8HZKgpbVEUPIkp4IPuDx4y7MM/rvoo3Q../gutter-logo500.jpg
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/yr8HZKgpbVEUPIkp4IPuDx4y7MM/rvoo3Q../gutter-logo500.jpg

18 KB
18 KB

2773ms
2443ms

Image
image/jpeg

142.250.185.251
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/yr8HZKgpbVEUPIkp4IPuDx4y7MM/rvoo3Q../gutter-logo500.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Server: 142.250.185.251 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f27.1e100.net
Software: UploadServer /
Resource Hash: 0bd0b8c4d188dafc60ef25c01e124444ccd8387a93a8092edf85857a4c04eec8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
age: 0
x-guploader-uploadid: ABPtcPo4nytTRd1cOC1t1fmUJuUtLiwZDTbFqi_Do-HLwLSihNLjAW4DQ_C6IzvoTGTpzMmFylXewnC3ig
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18412
last-modified: Fri, 01 Sep 2023 10:12:37 GMT
server: UploadServer
etag: "717b21ba10825f56b1930e235188ec75"
x-goog-generation: 1693563157531527
x-goog-hash: crc32c=ImREVQ==, md5=cXshuhCCX1axkw4jUYjsdQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 18412
accept-ranges: bytes
content-type: image/jpeg
expires: Tue, 14 Nov 2023 04:54:03 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
access-control-allow-methods: GET, OPTIONS
content-type: text/html; charset=UTF-8
location: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/yr8HZKgpbVEUPIkp4IPuDx4y7MM/rvoo3Q../gutter-logo500.jpg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Cache-Control, Content-Type, Content-Length, Authorization, Accept, Accept-Encoding, User-Agent, X-Requested-With
x-xss-protection: 1; mode=block
expires: Wed, 15 Nov 2023 03:54:02 GMT

GET
H2

200

thuocdantoc-dai-dien.jpg
storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/btEjYu-qXLGzUlVOZq5sBFcXa8g/xXkU5w../
Redirect Chain

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/btEjYu-qXLGzUlVOZq5sBFcXa8g/xXkU5w../thuocdantoc-dai-dien.jpg
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/btEjYu-qXLGzUlVOZq5sBFcXa8g/xXkU5w../thuocdantoc-dai-dien.jpg

27 KB
27 KB

2910ms
2580ms

Image
image/jpeg

142.250.185.251
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/btEjYu-qXLGzUlVOZq5sBFcXa8g/xXkU5w../thuocdantoc-dai-dien.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Server: 142.250.185.251 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f27.1e100.net
Software: UploadServer /
Resource Hash: 743e13bb7a1a32def7b4f123f421fa2b9f3a91ee81801a5ac7f263629482115d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
age: 1
x-guploader-uploadid: ABPtcPpZtx01oYDGx8FHbSBvbl7y3iSAVYdgdjDqraOQO7Kdje_5hGaSLuBy0Rg1NfAmV0QsYCY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27532
last-modified: Mon, 28 Aug 2023 03:40:20 GMT
server: UploadServer
etag: "d906b2c8f113e09fe625f5e75c415fc6"
x-goog-generation: 1693194020264240
x-goog-hash: crc32c=pOMglw==, md5=2QayyPET4J/mJfXnXEFfxg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 27532
accept-ranges: bytes
content-type: image/jpeg
expires: Tue, 14 Nov 2023 04:54:03 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
access-control-allow-methods: GET, OPTIONS
content-type: text/html; charset=UTF-8
location: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/btEjYu-qXLGzUlVOZq5sBFcXa8g/xXkU5w../thuocdantoc-dai-dien.jpg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Cache-Control, Content-Type, Content-Length, Authorization, Accept, Accept-Encoding, User-Agent, X-Requested-With
x-xss-protection: 1; mode=block
expires: Wed, 15 Nov 2023 03:54:02 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 8ED1 4 KB
767 B 174ms
173ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 14 Nov 2023 03:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 02:09:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Nov 2023 03:54:02 GMT

GET
H2 200 widget.js Show response
widgets.outbrain.com/n2d/widget/ Frame F37D 46 KB
12 KB 282ms
58ms Script
application/x-javascript 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/n2d/widget/widget.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Tue, 14 Nov 2023 03:54:02 GMT
content-encoding: gzip
content-length: 11833
last-modified: Tue, 22 Aug 2023 10:30:48 GMT
server: AkamaiNetStorage
etag: "6a7ff93f96fd30914785c7c30706bf6a:1692700788.526954"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Tue, 14 Nov 2023 07:54:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame F37D 3 KB
1 KB 492ms
63ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/window_focus_fy2021.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 10:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62633
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 10:30:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/ Frame F37D 20 KB
8 KB 502ms
73ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 03:55:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8543
x-xss-protection: 0
server: cafe
etag: 18034338113832500900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 03:55:32 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F37D 24 KB
7 KB 490ms
62ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 352737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Nov 2024 01:55:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F37D 192 KB
61 KB 499ms
68ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

679387c2f15182819b17e9f3aec3cb611bbf474b3797f72a96a4f9bb439508ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61843
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699570296391874"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 03:54:03 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231108/r20110914/elements/html/ Frame 8ED1 21 KB
9 KB 499ms
72ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231108/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:51:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32560
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8785
x-xss-protection: 0
server: cafe
etag: 17726888854999048520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 18:51:23 GMT

GET
H2

200

pd Show response
google-bidout-d.openx.net/w/1.0/ Frame B924
Redirect Chain

https://google-bidout-d.openx.net/w/1.0/pd?plm=5
https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

572 B
709 B

62ms
61ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: f74d4451245a797f1210b4121aa3d0e1b2d3dd59f3fb0d4f112483615094040c

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 376
content-type: text/html
date: Tue, 14 Nov 2023 03:54:02 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 14 Nov 2023 03:54:02 GMT
location: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H2 200 container.html Show response
ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D493 6 KB
3 KB 81ms
80ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 03:54:01 GMT
expires: Wed, 13 Nov 2024 03:54:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 78ms
78ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=7ada6bc7-d831-4ccc-9c49-6a685d6852e0&a=p.f.i&u=JYM01M&d=%7B%22b%22%3A%22chrome%22%2C%22c%22%3A%22CH%22%2C%22r%22%3A%22BE%22%2C%22p%22%3A%22%2F%22%7D
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 01:42:22 GMT
age: 439900
x-guploader-uploadid: ABPtcPpCkonmBGjk2dfiQa2Hgo3mEfBmcptQk_6vFkluw7dOFBMkIE8fNVKxW9vwBa_JDINMl-T2rh3GKAzhRv97Ly1w76nqU0GE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Fri, 08 Nov 2024 01:42:22 GMT

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
225 B 157ms
48ms XHR
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://folkd.com
date: Tue, 14 Nov 2023 03:54:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8463 15 KB
6 KB 504ms
58ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=folkd.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 03:54:02 GMT
server: Kestrel
server-processing-duration-in-ticks: 283263
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 kich-thuoc-bon-cau.jpg
thietbivesinhtoto.vn/wp-content/uploads/2023/07/ 42 KB
42 KB 2157ms
1276ms Image
image/jpeg 103.28.36.168
NHANHOA-AS-VN Nha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thietbivesinhtoto.vn/wp-content/uploads/2023/07/kich-thuoc-bon-cau.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.28.36.168 , Viet Nam, ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN),
Reverse DNS: wordpress-hosting09.nhanhoa.com
Software: LiteSpeed /
Resource Hash: 2ca721372a9f18090f544b439ec8e281d12a9ac1d38ef0fb8c0f831c1c592949

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:53:24 GMT
last-modified: Thu, 06 Jul 2023 01:06:48 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 43197
expires: Tue, 21 Nov 2023 03:53:24 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mleqzsi8gjmm.i.optimole.com/w:auto/h:auto/q:mauto/f:avif/https://nhacaiuytin.com.co/wp-content/uploads/2023/06/bluff-trong-poker-la-gi.jpg

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-66.fra56.r.cloudfront.net

Software

Optimole /

Resource Hash

6aa8ddfb0537664c2e5fd55bb65253ee011291c109ee5801533d57a09fc00e09

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:49:38 GMT
content-security-policy: script-src 'none'
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 265
x-cache: Hit from cloudfront
content-disposition: inline; filename="bluff-trong-poker-la-gi.avif"
alt-svc: h3=":443"; ma=86400
content-length: 17348
x-request-id: rrYUQV_0lA6AcTlJENm60
server: Optimole
accept-ch: ECT
etag: "WYADNeiJ8VBhD7l0V7bmOzcnzAITgnDbuIGmq-m7l30/RIjBkMjgzZDk1NjhmOWM5ZmUwYjUzODU4NzdhMmFhN2JkIg"
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-id: tKho4PMsRTnOACxEP5SYhYtIhalytm4ENUrL6BjXTUXFzG7LLjVT3w==
expires: Wed, 13 Nov 2024 03:49:38 GMT

GET
H2 200 jasa-sertifikasi-iso-27001.webp
ssicertify.com/wp-content/uploads/2023/08/ 26 KB
26 KB 782ms
572ms Image
image/webp 103.247.8.134
CRI-AS-AP CV. Rum...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssicertify.com/wp-content/uploads/2023/08/jasa-sertifikasi-iso-27001.webp
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.247.8.134 , Indonesia, ASN58487 (CRI-AS-AP CV. Rumahweb Indonesia, ID),
Reverse DNS: sanggau.dua.rumahweb.net
Software: Apache /
Resource Hash: eaa5100bb799a5d116baf8c3deec425873ad9d3410f17eb4cd33aaeb1772e547

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
content-encoding: br
last-modified: Thu, 24 Aug 2023 07:15:25 GMT
server: Apache
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 26622
expires: max-age=A10368000, public

GET
H2 200 cropped-%E6%9C%AA%E6%A0%87%E9%A2%98-1-1.jpg
ledcoms.com/wp-content/uploads/2022/12/ 5 KB
5 KB 316ms
314ms Image
image/webp 47.246.50.75
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ledcoms.com/wp-content/uploads/2022/12/cropped-%E6%9C%AA%E6%A0%87%E9%A2%98-1-1.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.50.75 Paris, France, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 60e1b13cfec9e429c094a59d71bb4cfbda9b80a01b1fcb130ab62b2ecb7eaf5c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
via: cache2.us13[164,0], cache3.fr1[255,0]
last-modified: Sat, 04 Mar 2023 06:35:44 GMT
server: Tengine
etag: "6402e6c0-122a"
x-proxy-cache-info: DT:1
content-type: image/webp
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 4650
eagleid: 2ff6329716999340430145211e, 2ff6329716999340430145211e
expires: Wed, 13 Nov 2024 03:54:03 GMT

GET
H2 200 ngoai-hang-anh.jpg
static.tylebongdaplus.com/resources/og_images/leagues/ 75 KB
75 KB 941ms
939ms Image
image/jpeg 210.211.99.108
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tylebongdaplus.com/resources/og_images/leagues/ngoai-hang-anh.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.99.108 Thu Dau Mot, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx /
Resource Hash: 2c957ef219037d5f790a542172674a137be55808ed4f7188c4cf465febb7f605

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:45:28 GMT
last-modified: Sun, 24 Sep 2023 18:31:20 GMT
server: nginx
etag: "65108078-12a6d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 76397
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 khi-hau-viet-nam-co-phu-hop-lap-cua-luoi-chong-muoi-sm.jpg
cuahoangminh.com/4725809B000934FB/15516BAB82E100EC47258967000BE398/$File/ 32 KB
32 KB 68ms
67ms Image
image/jpeg 104.21.61.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cuahoangminh.com/4725809B000934FB/15516BAB82E100EC47258967000BE398/$File/khi-hau-viet-nam-co-phu-hop-lap-cua-luoi-chong-muoi-sm.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.61.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bf11654f0ba99080488eaf18caf4510ebd34c7ac955dcffdd84bcc13827831c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 590
alt-svc: h3=":443"; ma=86400
content-length: 32282
last-modified: Tue, 14 Nov 2023 02:12:04 GMT
server: cloudflare
etag: W/"MTAtODA4Ny00NzI1OEE2MjAwMEYxRkU4LTQ3MjU4QTY3MDAwQkQ2RUItMTU1MTZCQUI4MkUxMDBFQzQ3MjU4OTY3MDAwQkUzOTg="
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LGFM%2Fp%2B4m74uhUe40tnz%2F3VTdbT95M2Mba2naF948NcKi%2FlKYmNhD79fd5hWo5zVUKvDxlJ4EBwhKq5PMF%2FScaVEgXtAv5k2WjPTMBOUeye%2Bgzizzl6tDLijZLBtml4XZJa"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 825c4f98fa670e2f-AMS
expires: Tue, 14 Nov 2023 23:59:59 GMT

GET
H2 200 6938c53a82351aac977ccdd27e815afa
www.gravatar.com/avatar/ 62 KB
63 KB 555ms
554ms Image
image/png 192.0.73.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gravatar.com/avatar/6938c53a82351aac977ccdd27e815afa?s=400
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f60d7d9e2d49c3a8e76570a7e481c7df1a240e1061a43d50ad619fc7af2a138

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 14 Nov 2023 03:54:03 GMT
last-modified: Thu, 20 Jul 2023 05:20:54 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="6938c53a82351aac977ccdd27e815afa.png"
accept-ranges: bytes
link: <https://gravatar.com/avatar/6938c53a82351aac977ccdd27e815afa?s=400>; rel="canonical"
content-length: 63851
alt-svc: h3=":443"; ma=86400
expires: Tue, 14 Nov 2023 03:59:03 GMT

GET
H2 200 ogp_image.jpg
prd.storage.lit.link/images/creators/0a45fe9d-bd1c-46c1-82f7-99d1989b8956/ogp/ 354 KB
354 KB 3617ms
3109ms Image
image/jpeg 34.149.134.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prd.storage.lit.link/images/creators/0a45fe9d-bd1c-46c1-82f7-99d1989b8956/ogp/ogp_image.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.134.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 227.134.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 01bda2fd749ac411f07d9706f4e3a1eb3e3230a258075d859d240503550481fb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:06 GMT
age: 0
x-guploader-uploadid: ABPtcPq6yrLbJGPH9J5ywZ7IlnlYBPeb4qDprSbmb8DnlisvjvdU8YoSbfLXQGP71EAaWkzlJil5M3Fsv2p6tZbGfDIHH78u_aIP
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 362312
last-modified: Mon, 23 Oct 2023 12:07:43 GMT
server: UploadServer
etag: "03987a26b4d3cbc60f57fa8cacbf2cd4"
vary: Origin
x-goog-generation: 1698062863868116
x-goog-hash: crc32c=uyoDRA==, md5=A5h6JrTTy8YPV/qMrL8s1A==
content-type: image/jpeg
cache-control: public,no-cache,max-age=0
x-goog-stored-content-length: 362312
x-goog-meta-firebasestoragedownloadtokens: 50d849ee-fe1e-4047-8577-317896d0600b
accept-ranges: bytes

GET
H/1.1 200
OK tri-hac-lao-bang-cu-rieng-1.jpg
www.thuocdantoc.org/wp-content/uploads/2019/05/ 96 KB
97 KB 511ms
235ms Image
image/jpeg 116.118.49.56
SPT-AS-VN Sai gon...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thuocdantoc.org/wp-content/uploads/2019/05/tri-hac-lao-bang-cu-rieng-1.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.118.49.56 Ho Chi Minh City, Viet Nam, ASN7602 (SPT-AS-VN Sai gon Postel Corporation, VN),
Reverse DNS
Software: nginx /
Resource Hash: f5778561ef1b5e28b0339618991e6e77a10bc2542d6b028d71dfc98ed2195df0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Tue, 14 Nov 2023 03:54:03 GMT
Last-Modified: Tue, 10 Sep 2019 00:13:12 GMT
Server: nginx
ETag: "5d76ea98-180c1"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 98497
Expires: Thu, 14 Dec 2023 03:54:03 GMT

GET
H2 200 Thumbnail.png
cdn.dnse.com.vn/dnse-home/images/ 49 KB
49 KB 832ms
831ms Image
image/png 34.120.245.111
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.dnse.com.vn/dnse-home/images/Thumbnail.png
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.245.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 111.245.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b4e1d5fc3c32c3142db3d3c96bd3330600b824b5b5db33b22ace7b127992211b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
age: 0
x-guploader-uploadid: ABPtcPolzQxZ0AJtwss8lxrZAMoFtXUXXh0sTKSaI9Hl2BtYncLO6tkAqHdW_gpNwkmCpLxWQGwer86cFMiL2nDsh9VIIeiAWomA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49750
last-modified: Thu, 09 Nov 2023 13:11:12 GMT
server: UploadServer
etag: "82188ab3f27d23f3d1bc7b6b267e41f0"
x-goog-generation: 1699535472613992
x-goog-hash: crc32c=7fGrhw==, md5=ghiKs/J9I/PRvHtrJn5B8A==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public,no-transform,max-age=2592000
x-goog-stored-content-length: 49750
accept-ranges: bytes
content-type: image/png

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame B924
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5759223980947758559

43 B
106 B

64ms
56ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5759223980947758559
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:03 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5759223980947758559
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame B924
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fffc442b-d60c-8812-87c7-e98285ffe11e
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fffc442b-d60c-8812-87c7-e98285ffe11e&dcc=t

43 B
855 B

230ms
229ms

Image
image/gif

67.220.228.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fffc442b-d60c-8812-87c7-e98285ffe11e&dcc=t

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

Protocol

HTTP/1.1

Server

67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Nov 2023 03:54:03 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SN48W57PVJVYMA1CZ26W
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Nov 2023 03:54:03 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WWTRVBNN1GBRCKPHW3T9
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=fffc442b-d60c-8812-87c7-e98285ffe11e&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame B924 70 B
149 B 268ms
101ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=a72a3856-caa6-33e8-47c9-6b15edcc2afe&gdpr=0
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame B924 170 B
243 B 195ms
71ms Image
image/png 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGI0NWViOWMtMDNkMS02ZDRjLTUyMjktMzFhYzI3MmVlNDll

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B924
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFaNM03ia5vzkjn3_J1iS-o&google_cver=1

43 B
180 B

70ms
62ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFaNM03ia5vzkjn3_J1iS-o&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:03 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFaNM03ia5vzkjn3_J1iS-o&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ym.1.js Show response
static.yieldmo.com/ Frame D493 471 KB
123 KB 497ms
60ms Script
application/javascript 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.1.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NbkkeiEKbyQy0u3FDjr4KUZdjNHSllZV
content-encoding: br
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 10:41:54 GMT
x-amz-cf-pop: FRA60-P5
age: 61930
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: Qu1KzJOpHWY_BKpwRQga1olGTsb4qbgXK5OJ5TqSl-vgvwSozw4iJA==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D493 3 KB
1 KB 53ms
53ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 04:31:36 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BD3D 1 KB
1001 B 487ms
66ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 41526
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 16:21:57 GMT
etag: 48472445140208031
expires: Tue, 14 Nov 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D493 20 KB
8 KB 51ms
51ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43354
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:51:29 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame D493 43 B
494 B 355ms
94ms Image
image/gif 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3406412728534012548&pvt=1699934041285&plid=2521236318193655889&imp=3705549153950893210&rep_meta=_3aTv21hvbrUUcP6Lpzv1Pbwcj5UuT0GObj0pYazrOmo74N07AP58yOXZES83sh6The4sEcQcKRnWuK1s7bklHtxwOT_e7zxD0mNNmfeUXL94z-HTv_tm_LUFXIp8U5XXM7StP2ClCA14rq27YVhnN_ya3VOWDClnvxL_W_wthRY5lZHmjRvoiMbRkMCooPqlHC4kR9ah9mp3A17qHNLHXlqGpH6vtWKj9ZvUhDNJExTELC7SSw5j_gI1o_QtdbX5D-Yj8SOvs1AANCqD8Uo3UknrRtjRq19sbXWwdQcgjWhtTZT4iiHHefs73QX0ZGw0QaROTYXH6O4GXnL_Ok0ZdOsSfYyOJlARRzmGxUj7xF_BXInbroYzPOu899vBkZEoR4XRvWTGm3MahQukNhjBg8sW29Wrgr17qkpY1v7oCQ
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:03 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2 204 l
www.google.com/ads/measurement/ Frame D493 0
0 91ms
85ms Image
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQnObqe0-ujXufM0PMnYcNpoM-pWV8ndyNW8bucKqpmram2MtI7Z9SqWH6LdmtSHgDz-dXCW-uvCHNLxDYzrRbkIdXcmw
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D493 24 KB
6 KB 87ms
82ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 352737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Nov 2024 01:55:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D493 192 KB
61 KB 99ms
93ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

679387c2f15182819b17e9f3aec3cb611bbf474b3797f72a96a4f9bb439508ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61843
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699570296391874"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 03:54:03 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame D493 68 B
244 B 283ms
100ms Image
image/png 13.48.169.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hf5vduvf&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi1hZCJ9fQ%3D%3D&cb=816084&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.48.169.31 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-48-169-31.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:03 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 creative__300x600_previous_gen_widget.css
widgets.outbrain.com/n2d/widget/100063/customCss/LEGACY/ Frame F37D 482 B
810 B 77ms
74ms Stylesheet
text/css 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/n2d/widget/100063/customCss/LEGACY/creative__300x600_previous_gen_widget.css
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a7d95017fa2379a4bf437aff9c95977004ffa0f3f4ab9544a685afa3120a0e6b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Tue, 14 Nov 2023 07:54:03 GMT
date: Tue, 14 Nov 2023 03:54:03 GMT
last-modified: Tue, 22 Aug 2023 10:30:49 GMT
server: AkamaiNetStorage
etag: "9d8b870db69e4f578fee693ff233fc33:1692700772.366871"
access-control-allow-methods: GET,POST
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 482
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame F37D 990 B
1 KB 77ms
75ms Image
image/svg+xml 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Thu, 14 Dec 2023 03:54:03 GMT
date: Tue, 14 Nov 2023 03:54:03 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/6G46FPUNME7TJEJ7WKFFZ7XA3L623LK5DEQ55KVQTDJGWNH42QVQIFXAVNRYXXV2QWOC5JS4SOI5KUY7DE5N46NHARXJVPOAT6DWTCAKDTXDGAX5BYBPP3VOSUOQJPOUQQERJSXJQHMLSBAIX56NNXVTSZ6HOV... Frame F37D 26 B
151 B 207ms
71ms Image
image/gif 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/6G46FPUNME7TJEJ7WKFFZ7XA3L623LK5DEQ55KVQTDJGWNH42QVQIFXAVNRYXXV2QWOC5JS4SOI5KUY7DE5N46NHARXJVPOAT6DWTCAKDTXDGAX5BYBPP3VOSUOQJPOUQQERJSXJQHMLSBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NA3QLF2EN4A5LVJXYV7WVOY3RNKUZR2MRJZTRA5AYAAZCZEC53SLRFUYTQM4Y6KNZ55TSKETCCOSHI5G5U4SQYE4JS7UD4FBEBSP6VCRV4MG3OS77U2NWDE5XKSD5W3XMQUUSYG66VEQN7VG7UZZUZZZ74VKL6KAWLUTNJIHTJEZ2IZAFKWDA/?
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 03:54:03 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 container.html Show response
ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A918 6 KB
3 KB 84ms
83ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 03:54:01 GMT
expires: Wed, 13 Nov 2024 03:54:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5D04 6 KB
3 KB 56ms
54ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 03:54:01 GMT
expires: Wed, 13 Nov 2024 03:54:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8B42 6 KB
3 KB 56ms
45ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 03:54:01 GMT
expires: Wed, 13 Nov 2024 03:54:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C6D0 6 KB
3 KB 58ms
56ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 03:54:01 GMT
expires: Wed, 13 Nov 2024 03:54:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CF2F 6 KB
3 KB 49ms
46ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 03:54:01 GMT
expires: Wed, 13 Nov 2024 03:54:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 070E 6 KB
3 KB 49ms
45ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 03:54:01 GMT
expires: Wed, 13 Nov 2024 03:54:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 64F8 6 KB
3 KB 48ms
46ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 03:54:01 GMT
expires: Wed, 13 Nov 2024 03:54:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame C8B5 196 KB
56 KB 971ms
389ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 10 Nov 2023 02:37:57 GMT
age: 350167
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Nov 2024 02:37:57 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C8B5 15 KB
5 KB 1221ms
640ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 10 Nov 2023 04:12:48 GMT
age: 344476
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Nov 2024 04:12:48 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C8B5 95 KB
29 KB 1224ms
643ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 10 Nov 2023 03:53:12 GMT
age: 345652
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Nov 2024 03:53:12 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C8B5 5 KB
2 KB 1057ms
641ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 10 Nov 2023 01:14:32 GMT
age: 355172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Nov 2024 01:14:32 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame C8B5 40 KB
13 KB 1017ms
642ms Script
text/javascript 172.217.18.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f1.1e100.net

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Nov 2023 14:54:32 GMT
age: 392372
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 08 Nov 2024 14:54:32 GMT

GET
H2 200 15525824734954291156
tpc.googlesyndication.com/daca_images/simgad/ Frame C8B5 30 KB
30 KB 52ms
50ms Image
image/jpeg 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15525824734954291156?w=360&h=720&tw=1&q=75

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

27aa40da44c0868221806541a9f4a7b3fd09837e94058734ca4dcba9facdb053

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 22:12:39 GMT
x-content-type-options: nosniff
age: 20484
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30848
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 16:45:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 20 Nov 2023 22:12:39 GMT

GET
DATA 200
OK truncated
/ Frame C8B5 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae968ee76fcf8bf167ac9448bfa474d865ecaf6b0e0585ef90fc6aa8a18ec240

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel
protected-by.clarium.io/ 68 B
243 B 74ms
72ms Image
image/png 13.48.169.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzAweDYwMA==&v=5&s=v31hf5vdvfj&h=folkd.com&cb=866981&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekF3ZURZd01BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMzAwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERTLkIiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTI4ZjgxOTY4LTc2MzctNGU1OS1iMjc2LTY0ZmU4NTI1YzFkYy1hZCJ9fQ%3D%3D
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.48.169.31 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-48-169-31.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:03 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C8B5 2 KB
3 KB 65ms
63ms Image
image/png 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:30:12 GMT
x-content-type-options: nosniff
server: cafe
age: 15831
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 14 Nov 2023 23:30:12 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C8B5 295 B
423 B 64ms
62ms Image
image/png 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:23:34 GMT
x-content-type-options: nosniff
server: cafe
age: 1829
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 15 Nov 2023 03:23:34 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C8B5 0
0 3974ms
3973ms Image
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR-ztGMXJXn3XQRBHGmEm49m4w-LR8EUPWhOZN5xka-LfYfXwdlHXy_7eJeFGTf4-jd00pFeCn-Y_vpiC1HbBeQZW7hEQ
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html Show response
ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CD56 6 KB
3 KB 51ms
47ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 03:54:01 GMT
expires: Wed, 13 Nov 2024 03:54:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
289 B 319ms
318ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://folkd.com
Date: Tue, 14 Nov 2023 03:54:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 ym.1.js Show response
static.yieldmo.com/ Frame A918 471 KB
123 KB 283ms
280ms Script
application/javascript 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.1.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NbkkeiEKbyQy0u3FDjr4KUZdjNHSllZV
content-encoding: br
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 10:41:54 GMT
x-amz-cf-pop: FRA60-P5
age: 61931
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: KnDxjkw1NE6TL61occfiSePxyn4zOw8n7JvWg4oZ65bu8GBlxovu6g==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A918 3 KB
1 KB 178ms
176ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 04:31:36 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 09CD 1 KB
682 B 230ms
229ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 41527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 16:21:57 GMT
etag: 48472445140208031
expires: Tue, 14 Nov 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A918 20 KB
8 KB 175ms
175ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:51:29 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame A918 43 B
493 B 224ms
222ms Image
image/gif 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3406412741595725383&pvt=1699934042842&plid=2521236318193655889&imp=7449121635122684926&rep_meta=2YAhzdbgSY7X-FscykyMqoPEaWN8g0Gf1e6Luk6jCCC2WT2aMYVO0baNymzJSHBplkaRuexOGrjr7SOiSKa8NtD8WOxzdjJdeROwsy5VRwLg5uv0qDvHDHff161XkNwnqYg2dvSxGowjMnK8GHpxLqb45qEp5rimlTKtnvHPlxFc4hTj2lvJ7PXA0tG6kn8JMdJcCD7X-zqWtSKwfjMO3vB4NM8OMAyMNTgLnAzqXYDvYBlVjW1_WvKCQQWXp31Sv1I0jnXDcuaED2fOkWzye1bnp5q5mHll3IpvquPr1c5LOwrNbpOmW63_SsD19al1w725K8-4wAhlzeCaUX7Yvngb9dw2xcpg3FK_VMxuoSHDz01PhmgSLEugIFKKedyrseljyRI1sjynvoeS0iqFj7gBNvZNF6BNZHdoIN4E8Y4
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:04 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2 204 l
www.google.com/ads/measurement/ Frame A918 0
0 129ms
127ms Image
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS4OEHRBccSisoil2I49Pv0oBJ-LYKupD3qlevFy2CCNY689hEgS4Vj2dRVXWyqElV3iZCvtvemIJamZK5UG5kudbnGBA
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A918 24 KB
6 KB 357ms
355ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 352738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Nov 2024 01:55:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A918 192 KB
61 KB 216ms
215ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

679387c2f15182819b17e9f3aec3cb611bbf474b3797f72a96a4f9bb439508ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61843
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699570296391874"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 03:54:04 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame A918 68 B
243 B 222ms
221ms Image
image/png 13.48.169.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hf5vdvu7&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi4zLWFkIn19&cb=9898606&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.48.169.31 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-48-169-31.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:04 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ym.0.js Show response
static.yieldmo.com/ Frame 5D04 471 KB
131 KB 487ms
487ms Script
application/javascript 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.0.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Xck034tCEhxPRJeQDbLy1jkP4sAxLMlx
content-encoding: gzip
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 04:39:06 GMT
x-amz-cf-pop: FRA60-P5
age: 83699
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: -eKocq0KXFRLIPvhPwX9KHPslWqgsJ5I52BAvlNdKp7b06oe_K_Iyw==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5D04 3 KB
1 KB 425ms
424ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 04:31:36 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7121 1 KB
677 B 320ms
320ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 41527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 16:21:57 GMT
etag: 48472445140208031
expires: Tue, 14 Nov 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5D04 20 KB
8 KB 423ms
422ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:51:29 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame 5D04 43 B
493 B 314ms
312ms Image
image/gif 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3406412741847641488&pvt=1699934042872&plid=2521236318193655889&imp=5109049471736973731&rep_meta=BXHpP4x5NLaykCo3iUTmwGE9ffb3U-neaKPG9HM3A-YQ5PRrr5KGq7_otCW_e0jL-D4gmwcc1PrVCe-lWV-M1HwrbB1zfx64QXz3KpdjCIEE95QqP3SrS-1Mc0aRJyK1ErQNbdbJl1g2PXLmMJvYkM9Z6gti_bIFWj98zEiYREX47CXMTAjqodNUaNGM0-ux5rrDOOVtj8uGcFmO5tBXp8hpnB06Y9vyxytVix5dzvqtsRaygkbk7EHbQCpo9qHOQ2qXTelnLBtfpBMzBCWMNeveQ8D3uqd6hHHN9q1Y8Gg1CPnfjaZaSQ56ch9CWehoSNO-kWud1Jgi6_F8KlI-jukPg24sH0vZwFTo1mVBL05NFbqI6EepG2EVUrkviGEJCWULNcB7ODe4g4EnU37D9lxOvuS0t0-YLFVo5VcHcKk
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:04 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5D04 0
0 256ms
255ms Image
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRpJjhvAQEs7z_Y6umJK-4j9vlUtHpmutqfAjt2JgqgW7AcGAk5BgmaRT-gEMGtJszAUCJxuSmGQPmCtUVNGhbmUttoVA
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5D04 24 KB
6 KB 496ms
494ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 352738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Nov 2024 01:55:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D04 192 KB
61 KB 312ms
311ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

679387c2f15182819b17e9f3aec3cb611bbf474b3797f72a96a4f9bb439508ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61843
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699570296391874"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 03:54:04 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 5D04 68 B
243 B 313ms
312ms Image
image/png 13.48.169.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hf5ve018&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi43LWFkIn19&cb=4962064&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.48.169.31 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-48-169-31.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:04 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 8463 412 B
549 B 98ms
97ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=folkd.com&sn=ChromeSyncframe&so=0&topUrl=folkd.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=folkd.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

43682454252b3b77206ff3343a46c626faa9d69abad4f1409c06ec74b4f85c4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=folkd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1560170
expires: 0

GET
H2 200 ym.0.js Show response
static.yieldmo.com/ Frame 8B42 471 KB
131 KB 671ms
670ms Script
application/javascript 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.0.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Xck034tCEhxPRJeQDbLy1jkP4sAxLMlx
content-encoding: gzip
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 04:39:06 GMT
x-amz-cf-pop: FRA60-P5
age: 83699
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: qmT_m8eeMVuUcrv-AH0yGCPhboYICR5PPb_-CMAyK-rR2561uU5Zqg==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8B42 3 KB
1 KB 561ms
561ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 04:31:36 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9EEB 1 KB
677 B 315ms
315ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 41527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 16:21:57 GMT
etag: 48472445140208031
expires: Tue, 14 Nov 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8B42 20 KB
8 KB 559ms
559ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:51:29 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame 8B42 43 B
493 B 311ms
309ms Image
image/gif 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3406412741864163421&pvt=1699934042874&plid=2521236318193655889&imp=3521666358786417234&rep_meta=E5yEWkMLpoI7GD40uPfQBEjQ78pNJFWkfISuI1Tn8Pt16WNZnl4w3B3X2o79w_F9MR-EMCUR3ruC7QYKn-2j8UzpiFa_0lRc-ahqN6mhMxLWuAzdK_DQWAKokImK9Tnd-Ff9OjYJCjf-hlWSz8HMzbteDAEgwk8_1sL-c98VPDWr8dVxDOWPt-36aOBcNTW1jOLTDV0a4Om_PtCHDoqlRHLdua9iWJ41m7PiAStxTnyU_sVgglzm74U9mge04iLrmsS1Lz3W5AWzx0-aZJBKPh5YR9EBQRKmxy_isqIPe62rmEqQI8V_UMlcdoqveiWeSEBvhBoJEqCGNyawgZnzSWEnK_zG0qxwDR3TABNdujhwHVIyJEsUPBVX50KfDTZqkiNwcy6iUEefR-fH2yc6qmjVpGwpL723wXPBwRyImbw
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:04 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8B42 0
0 292ms
291ms Image
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQZA1iwe6JYEOqwbM8b6CRR_eiVnOq2WIjNP1hhS0TLPe08DdQ1EmPvYauazQVgvLZIECXRMmam3psbGHbQ7Fsx4ZGbhQ
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8B42 24 KB
6 KB 555ms
554ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 352738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Nov 2024 01:55:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8B42 192 KB
61 KB 308ms
307ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

679387c2f15182819b17e9f3aec3cb611bbf474b3797f72a96a4f9bb439508ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61843
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699570296391874"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 03:54:04 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 8B42 68 B
243 B 309ms
309ms Image
image/png 13.48.169.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hf5ve04t&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi4xMC1hZCJ9fQ%3D%3D&cb=3258990&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.48.169.31 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-48-169-31.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:04 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ym.2.js Show response
static.yieldmo.com/ Frame C6D0 471 KB
123 KB 912ms
912ms Script
application/javascript 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.2.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NmPizok8zt2Bk2_G.9mKxQVulI9oNAbX
content-encoding: br
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 05:16:44 GMT
x-amz-cf-pop: FRA60-P5
age: 81441
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: bc7yEBYVb0lTk7F0PobSNEBhzA1Zwa3dRiWTWn-ZhrihryB7nRnubg==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C6D0 3 KB
1 KB 474ms
473ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 04:31:36 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EF6E 1 KB
677 B 527ms
526ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 41527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 16:21:57 GMT
etag: 48472445140208031
expires: Tue, 14 Nov 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C6D0 20 KB
8 KB 473ms
473ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:51:29 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame C6D0 43 B
493 B 337ms
333ms Image
image/gif 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3406412741813180597&pvt=1699934042868&plid=2521236318193655889&imp=7315198811636959066&rep_meta=5TCwfQdl80qfhyzIzyDV-aREiJKJHvCVr19lkp99pjLQDY2-0zQ-ZZa5_PAVekyMoEJzXEAqTbhsxQOf0SmursSYAAbMEBfdjQkNkLVXphTbdqmnw1DWwhKA1kl_H3TSIQKNNohl4TVNzM5RUh372iuZcTXMLrEyRMLV94Dkmhqu_RdCa2k__iLjEOY5Tr5noX_Ftf-scaQxzmsFw1-HJZsD6iTeet0IyaIB7FJkyjQ-pJ3Awj0arpDg_kESf3OBUGQNqVjnwhYQIv358EtYLy47G0Wr-vmSS4O0nNL6OTqlo91bso7tUp2Ov1_vo7mpGWydhaq2gfgcGA2BsdqNNfcIqlLchWCdq7vMfFxlG5NuxC0VRdPCrQ87To5xW6qn4w5qjdL5Jz79CFBseVKyQ2cZEp9y1u4ABEwpbRUdEXw
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:04 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2 204 l
www.google.com/ads/measurement/ Frame C6D0 0
0 286ms
283ms Image
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTpnFf7wKmFCP8eUeRYLEcZRbrNHt-sNzLraRVNfgVO99e1KgE966nAtJAPRbRpB6r1LPIrY_CeuXPbzlXhMztbGHbraQ
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C6D0 24 KB
6 KB 640ms
638ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 352738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Nov 2024 01:55:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6D0 192 KB
61 KB 514ms
512ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

679387c2f15182819b17e9f3aec3cb611bbf474b3797f72a96a4f9bb439508ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61843
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699570296391874"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 03:54:04 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame C6D0 68 B
243 B 333ms
332ms Image
image/png 13.48.169.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hf5ve07l&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi45LWFkIn19&cb=392923&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.48.169.31 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-48-169-31.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:04 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ym.2.js Show response
static.yieldmo.com/ Frame CF2F 471 KB
123 KB 1133ms
1133ms Script
application/javascript 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.2.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NmPizok8zt2Bk2_G.9mKxQVulI9oNAbX
content-encoding: br
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 05:16:44 GMT
x-amz-cf-pop: FRA60-P5
age: 81441
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: Vo9jv9-n13rgJQNn0d_kQdQf5r4BIcyEjxivyg2hL4rkPeG2Bi-jfQ==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame CF2F 3 KB
1 KB 541ms
541ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 04:31:36 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4770 1 KB
677 B 607ms
606ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 41527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 16:21:57 GMT
etag: 48472445140208031
expires: Tue, 14 Nov 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame CF2F 20 KB
8 KB 541ms
541ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:51:29 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame CF2F 43 B
493 B 602ms
597ms Image
image/gif 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3406412741679615071&pvt=1699934042852&plid=2521236318193655889&imp=3304920979415637544&rep_meta=7Iili4cFJVbkoGBgA_6454BzOq6o9VZhvtUvPBf5Fp67L7MHMPNDLfxbnBr2etglS_IWcIpcE_Dj3hP45kJP-2S29-tdBFmcNdsajVS-cRlMx9rdWiRFbl7WXANwodIpwntU5ijAjRHdGO5tmlIpRJ-KKRu37qwt02XjsOcPpRmF-kVyn1VHa2lFFO1n0CxyksOziT8NMVmyrn4Sv65JBb-VlPCARcIyWYduyUvBr8_PbBfqiqopj97qmS7Q2Krh733ipMWtCd5ojSchPE64jLaMLXq9FFj9HqzoT9cN89EVKvZqwk64AzezrIAvJr88Mr2W_P3a9mVOL76Z8ShnZiT6ZFc3b7o1jmlKYHeMXfX95VJhFrd4eNZVDdgVMsYyRjIp1KNAeiHBJh1UjXS6TdXUusUs2USpQtIK3kMVXDA
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:04 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2 204 l
www.google.com/ads/measurement/ Frame CF2F 0
0 337ms
332ms Image
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmgosBdX7F2fRVLdJuinsvBhz1inRGy0AirmzKhuhtRAlLyoroSNfNzdWSoPpP8WtTiutUjSK3Q5gb9Sr-oofqo3j1XQ
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CF2F 24 KB
6 KB 536ms
532ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 352738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Nov 2024 01:55:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF2F 192 KB
61 KB 599ms
595ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

679387c2f15182819b17e9f3aec3cb611bbf474b3797f72a96a4f9bb439508ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61843
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699570296391874"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 03:54:04 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame CF2F 68 B
243 B 413ms
409ms Image
image/png 13.48.169.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hf5ve0b1&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi41LWFkIn19&cb=1200635&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.48.169.31 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-48-169-31.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:04 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ym.2.js Show response
static.yieldmo.com/ Frame 070E 471 KB
123 KB 1265ms
1264ms Script
application/javascript 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.2.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NmPizok8zt2Bk2_G.9mKxQVulI9oNAbX
content-encoding: br
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 05:16:44 GMT
x-amz-cf-pop: FRA60-P5
age: 81441
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: 6WAP6j4xziQp4w79TOWnybR0DMcoV6t1bBDK4G2HwgVWRjwe6KXobA==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 070E 3 KB
1 KB 450ms
450ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 04:31:36 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CFBF 1 KB
677 B 657ms
656ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 41527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 16:21:57 GMT
etag: 48472445140208031
expires: Tue, 14 Nov 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 070E 20 KB
8 KB 449ms
448ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:51:29 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame 070E 43 B
493 B 652ms
649ms Image
image/gif 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3406412741603456321&pvt=1699934042843&plid=2521236318193655889&imp=3037460314043235416&rep_meta=20IhmogU2xdiegwD_TNR_RnHs2FMS9tis8Fs7wi16gtcZaqnW4gj_6SiPqvUnQSD9CJlpHmJ395hxvjyPgIiye2L3UWpduPqGeH3H86AHggib15LkyX1B0jZ5Pg2TCt9ytseXipuCjX75wdBPNuQuPK5pKfyOYjPTjQ0MyLYeJUx8rzk6xXP-6YR27GeoETeTIfwqobUcE4OmrLd0QHro7S8kqUvoApCjXZ6WA7YG-L5ckndCtFtECU0fr0v-6mWB9GOzsLrkMnRMp30XVgEsk3fQaFTCQcrHOu63O-pKOKGrtlKxzgce4cfS6LosV4PvzWLpm2Sc7mEJRQWP4SqQC9ZI-AZ8yZFCBCtLBOM28zjw-WqftJOhbId-ys_alB17n8w8PKGPOHj7_7WQY2rJjTDxTXvr2p4HbLaXAcIFgQ
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:04 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2 204 l
www.google.com/ads/measurement/ Frame 070E 0
0 411ms
409ms Image
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZtkbNSdN4NNpFbCHSOY_4OsvXSZRJfwNjPcytf9IzJA8v_0SZH6X8hMmLSihna-D5x8-pyOJq0lQdns4j4q2ZEBlkDA
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 070E 24 KB
6 KB 444ms
442ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 352738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Nov 2024 01:55:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 070E 192 KB
61 KB 508ms
506ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

679387c2f15182819b17e9f3aec3cb611bbf474b3797f72a96a4f9bb439508ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61843
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699570296391874"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 03:54:04 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 070E 68 B
243 B 506ms
504ms Image
image/png 13.48.169.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hf5ve0du&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi42LWFkIn19&cb=2223381&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.48.169.31 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-48-169-31.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:04 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ym.0.js Show response
static.yieldmo.com/ Frame 64F8 471 KB
131 KB 1324ms
1323ms Script
application/javascript 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.0.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Xck034tCEhxPRJeQDbLy1jkP4sAxLMlx
content-encoding: gzip
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 04:39:06 GMT
x-amz-cf-pop: FRA60-P5
age: 83699
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: 5Mzs7657g0X6yvovBb696wHjnAmuqu1vg7tWyIFZfc8SSiZp3o0Jrw==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 64F8 3 KB
1 KB 502ms
501ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 04:31:36 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B61E 1 KB
677 B 738ms
737ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 41527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 16:21:57 GMT
etag: 48472445140208031
expires: Tue, 14 Nov 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 64F8 20 KB
8 KB 499ms
499ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:51:29 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame 64F8 43 B
493 B 732ms
731ms Image
image/gif 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3406412741603455307&pvt=1699934042843&plid=2521236318193655889&imp=3255630530178913474&rep_meta=mN4WpyQsj7QNnF5O9Zy6Oj0FzSPVSYKjUUcH82C6TiTLC0ARUQ92vz9qDljYG_BfDiBpk3dESN3bATx5SSHWsK_HGRdApQTaQUWxwz_cr1oK-vJxPgV7jQEzbuMACotdFrB9so4pw1u4isMljlf0yULPKtcK42N51jwXMN_F0h_k9p-OtsDyB_cIbtk9yXiDB3-TO21fKI64_V7OHuPWObwpgLl_MXOrIC4jX4plNn3SiENCCW4dQgm8Hjm9bOBoruceZZK01OZnX5PLc0MOeYt6KNZZA67aXsp_mhk0Mi6DI9Bk1Q2rNJCTlw6L7duxijibeAvLJH73DhgBQaYoDlneVL_7QazbLLa9_ZzqB3RgngtnoK5bv_exouIUQNBhb18tgtBC1xThbeTpJxxe67oaVsy_OLD37L7dXqxmzrc
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:04 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2 204 l
www.google.com/ads/measurement/ Frame 64F8 0
0 669ms
667ms Image
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQW1KWOVqCaTgocR83js_X90xNqGfrRJ6In0FGdzovGcrrzZZjZ296tLf3FvX6CDcZ9rLKmiKEoZWoTOgPCE4XErUoGKA
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 64F8 24 KB
6 KB 495ms
494ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 352738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Nov 2024 01:55:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 64F8 192 KB
60 KB 546ms
545ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

679387c2f15182819b17e9f3aec3cb611bbf474b3797f72a96a4f9bb439508ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61843
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699570296391874"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 03:54:04 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 64F8 68 B
243 B 558ms
557ms Image
image/png 13.48.169.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hf5ve0gr&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi40LWFkIn19&cb=3650359&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.48.169.31 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-48-169-31.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:04 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ym.1.js Show response
static.yieldmo.com/ Frame CD56 471 KB
123 KB 1406ms
1405ms Script
application/javascript 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.1.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NbkkeiEKbyQy0u3FDjr4KUZdjNHSllZV
content-encoding: br
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 10:41:54 GMT
x-amz-cf-pop: FRA60-P5
age: 61931
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: iXF9z4jM2iwtPoiiJnrm66rkHVTpu_xTasTiX1leHRHIdCB3Cid63w==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame CD56 3 KB
1 KB 386ms
386ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 04:31:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 04:31:36 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D598 1 KB
677 B 774ms
774ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 41527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 16:21:57 GMT
etag: 48472445140208031
expires: Tue, 14 Nov 2023 16:21:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame CD56 20 KB
8 KB 384ms
384ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:51:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 15:51:29 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame CD56 43 B
493 B 768ms
767ms Image
image/gif 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3406412741804773331&pvt=1699934042867&plid=2521236318193655889&imp=1882986022487144822&rep_meta=NI3qr8CBzr2-zLdUkGcINYKKs8w51PK0vgfffFOIiq7L9JlGT0dVpzxp0gOgEuNv-VQv9Gjtv26zgmHn5OSA_N6m5v5Wm9VKSaYbMJGCVpbY93nFnpcFQG6H60zHACd_RlQ4N2ijaOBrnnemqV0Mu7hKnmqiawD07z15K6w37cLKDS5ce6yMbF0wlgHcd8IlWoVoC2UeUz047JqN8Y_yl0obD-tx85TgBk-4Hnc9YOPn35WmAp3qM8R9cfOwBML-AoMfDsMY1i-dOSJDZvDoNW38eLVisGUJVGD4gN4SSenH9-aRsCxe04m19UpGP7dszfd8fS3wL3r5WYfMuy_ZNHotbAAg8YL8X6eXJu1rhcVSNtLNX_Ms_NLiX3DtiS6vJphNaE541ifKe8YwNEYq6flsPyHK4i5nTAy2bzrML_4
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:04 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2 204 l
www.google.com/ads/measurement/ Frame CD56 0
0 718ms
717ms Image
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTl1HCARH3Kar7mGSLS0kYqgIDauWSY_u-aDe23By2my9HT2N8_l4lnY69YDAgq6cYo8r4mfHkqMHdCcylsZJXk9A_KwA
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CD56 24 KB
6 KB 380ms
379ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 01:55:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 352738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Nov 2024 01:55:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CD56 192 KB
61 KB 606ms
606ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

679387c2f15182819b17e9f3aec3cb611bbf474b3797f72a96a4f9bb439508ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61843
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1699570296391874"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 03:54:04 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame CD56 68 B
243 B 767ms
766ms Image
image/png 13.48.169.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hf5ve0ki&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi44LWFkIn19&cb=3936202&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.48.169.31 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-48-169-31.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:04 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BD3D
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEBlCw0ukpN28wSl6SKtsluE&c_param1=AXcoOmTAmMxHiYlkTbq_0RR-MC8YyQ3MbDw5Bb_9wapHNAerFxPwQzUZwRskvE3y4kYHBIsoW-yPwsiHnOrLnKrWZis0ViNkGeFB&gdpr=%%GDPR%%&...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTAmMxHiYlkTbq_0RR-MC8YyQ3MbDw5Bb_9wapHNAerFxPwQzUZwRskvE3y4kYHBIsoW-yPwsiHnOrLnKrWZis0ViNkGeFB

170 B
232 B

432ms
430ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTAmMxHiYlkTbq_0RR-MC8YyQ3MbDw5Bb_9wapHNAerFxPwQzUZwRskvE3y4kYHBIsoW-yPwsiHnOrLnKrWZis0ViNkGeFB

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmTAmMxHiYlkTbq_0RR-MC8YyQ3MbDw5Bb_9wapHNAerFxPwQzUZwRskvE3y4kYHBIsoW-yPwsiHnOrLnKrWZis0ViNkGeFB
date: Tue, 14 Nov 2023 03:54:05 GMT
server: nginx/1.23.2
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BD3D
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESED2s02GFu3oPcTVEI1filBU&google_cver=1&google_push=AXcoOmR_XxFLAqRNHrfAZb_7WRjNyHcbAC2_ncM_7aBOLAy8Ve1kTlHzan-PmRei0E2tHDMjJalKaVnC...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTc1OTIyMzk4MDk0Nzc1ODU1OQ&google_push=AXcoOmR_XxFLAqRNHrfAZb_7WRjNyHcbAC2_ncM_7aBOLAy8Ve1kTlHzan-PmRei0E2tHDMjJalKaV...

170 B
232 B

158ms
158ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTc1OTIyMzk4MDk0Nzc1ODU1OQ&google_push=AXcoOmR_XxFLAqRNHrfAZb_7WRjNyHcbAC2_ncM_7aBOLAy8Ve1kTlHzan-PmRei0E2tHDMjJalKaVnC3BTz25iSRHDAWwoR0Ces4Q

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTc1OTIyMzk4MDk0Nzc1ODU1OQ&google_push=AXcoOmR_XxFLAqRNHrfAZb_7WRjNyHcbAC2_ncM_7aBOLAy8Ve1kTlHzan-PmRei0E2tHDMjJalKaVnC3BTz25iSRHDAWwoR0Ces4Q
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET

pixel
cm.g.doubleclick.net/ Frame BD3D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_hm=ZVLvXdOQZHukhhGRsBecegAABLcAAAAB&google_nid=index&google_push=AXcoOmQrvHTORZquKMIdmrlKbaGuorNzqC5yE...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame BD3D
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQ6j5YP_Y4mNtvLzFH2QT3lgi_EdQFn_goXFqcdYzRMyZ-KyV61pUKg15Fphxxqo020s_GuGoerB4...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQ6j5YP_Y4mNtvLzFH2QT3lgi_EdQFn_goXFqcdYzRMyZ-KyV61pUKg15Fphxxqo020s_GuGoerB4rxFnRrFeK4UFmo5Ih1mw&google_hm=3bb026b2-0a9f-4413-...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame BD3D
Redirect Chain

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEAZ2565kR2qfG1gUnW9deqs&google_cver=1&google_push=AXcoOmRdbh3VZtKlabYol3F7kC8ehAJcxv5vUOVdd6mcKLGS9PdS-RagDuHPHhxsskewICs_dTAOp...
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEAZ2565kR2qfG1gUnW9deqs&google_push=AXcoOmRdbh3VZtKlabYol3F7kC8ehAJcxv5vUOVdd6mcKLGS9PdS-RagDuHPHhxsskewICs_dTAOp...
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRdbh3VZtKlabYol3F7kC8ehAJcxv5vUOVdd6mcKLGS9PdS-RagDuHPHhxsskewICs_dTAOpCgSGssOcXf9uruO29f-PF7Iog&google_hm=NGRSY2FnOUowWk...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame BD3D
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEHqUPaYG2mFgT2kISeD0xSM&google_cver=1&google_push=AXcoOmQVvLGQt-1mwm6-O_0W9JZvMTiKCm_T2fnNyUKjU6ja8SDki1GL703GZbVvDsv1yTSZU7ntx7au92cTPAX9sr5TcJ9I5...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQVvLGQt-1mwm6-O_0W9JZvMTiKCm_T2fnNyUKjU6ja8SDki1GL703GZbVvDsv1yTSZU7ntx7au92cTPAX9sr5TcJ9I5t1ADdc&google_hm=f34e9699a6b...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame BD3D
Redirect Chain

https://sync.gonet-ads.com/match/google?google_gid=CAESEHjLwtZLJf0LEm1lhx6PE8E&google_cver=1&google_push=AXcoOmR6SNw94mqKesn7s6gBXaoDv5VnD15kfetqTd8Ux6xrRrVP_lEhVWoMdRtUecq4knx-92aDHiKL0ZbjnG7hui_x...
https://sync.gonet-ads.com/match/google?google_gid=CAESEHjLwtZLJf0LEm1lhx6PE8E&google_cver=1&google_push=AXcoOmR6SNw94mqKesn7s6gBXaoDv5VnD15kfetqTd8Ux6xrRrVP_lEhVWoMdRtUecq4knx-92aDHiKL0ZbjnG7hui_x...
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=N2VhMTNlMTEzY2MyMWQ3MA&google_push=AXcoOmR6SNw94mqKesn7s6gBXaoDv5VnD15kfetqTd8Ux6xrRrVP_lEhVWoMdRtUecq4knx-92aDHiKL0ZbjnG7hui_xkV3...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame BD3D 0
50 B 82ms
80ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KDZFwnfYVkkn0aty4bbdWLy2D9CIafu-2AiaHSbVztgPV1z2SkbMO1DL0XRp5P13O78SERVBjQ

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:04 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame D493 49 B
493 B 1064ms
293ms XHR
application/json 18.66.122.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-80.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:06 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: T-InrwvqFfTQTgBSpyu-cTUrqkUFQTsvAT7W-l26FBQQ4p_j4aPAUA==

GET
DATA 200
OK truncated
/ Frame D493 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 584879b0a17cd18983d264112020bf56288a4bc419d806f4b5a9b535657b8a6c

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 1009ms
293ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:05 GMT
x-amzn-RequestId: cdb1d7aa-c755-dc52-907d-26378045b9b9

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame D493 133 B
569 B 432ms
230ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: 6706e260b51739c085a4565b073295de0e32a09f58776f329162902c44c4aa98

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=4abd85832a2b8b3f6b890a486ee3e3f02d2edad490ca979a398524ce6b54456d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: c98de2999d664f780d23bb3315c7211d6e68e0ccb7b86f4207d41c98ee779c0e
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035404Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: fce3df66-379b-26a7-a12f-2ef855c2c276
Content-Length: 133
x-amz-id-2: 4agKWnQ+OUKM20PGePNvhF+WDkivDKkGcOQ2tHzwuJzi1OfDit7ECFz0qnB0A0E2KByP5O+ZOOp+5A8B0WbgwyGQx+Z6XyhJ
Content-Type: application/x-amz-json-1.1

GET
H2 200 ymcas Show response
ads.yieldmo.com/ Frame 7003 5 KB
2 KB 730ms
730ms Document
text/html 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3d7c31ee0e4b0ba645fe55e508e4552c1bef8a47cdcc91cdd165c58d99d5f9f

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 14 Nov 2023 03:54:04 GMT
pragma: no-cache
vary: accept-encoding

GET
H2 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js/desktop/ Frame D493 208 KB
64 KB 1198ms
272ms XHR
application/javascript 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding: gzip
via: 1.1 ed149c4696419c0643fab13e9539b16c.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 10:23:12 GMT
x-amz-cf-pop: FRA60-P5
age: 70760
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:36 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: b8uR4EGCIQdzBAZ5sYigszfJVYlfNZ15bwTUYwzlLDJb3lgGPot0AA==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 09CD
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEB27WBbC6lD_LKQ6J07Zt_s&google_cver=1&google_push=AXcoOmSV8P4DBRWUAmkWcgO0kqWGGm01_1rMxxWXj9G1_NB1cmbZd_3xPve9CYREfPhKaaUXTWOLj8ltwfwF1e91HVFxVgBUjmtf
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=04B56E68EEFA4867A23538639895A5F4&google_push=AXcoOmSV8P4DBRWUAmkWcgO0kqWGGm01_1rMxxWXj9G1_NB1cmbZd_3xPve9CYREfPhKaaUXTWOLj8ltwfwF1e9...

170 B
232 B

840ms
837ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=04B56E68EEFA4867A23538639895A5F4&google_push=AXcoOmSV8P4DBRWUAmkWcgO0kqWGGm01_1rMxxWXj9G1_NB1cmbZd_3xPve9CYREfPhKaaUXTWOLj8ltwfwF1e91HVFxVgBUjmtf

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 14 Nov 2023 03:54:05 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=04B56E68EEFA4867A23538639895A5F4&google_push=AXcoOmSV8P4DBRWUAmkWcgO0kqWGGm01_1rMxxWXj9G1_NB1cmbZd_3xPve9CYREfPhKaaUXTWOLj8ltwfwF1e91HVFxVgBUjmtf
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 13 Nov 2023 03:54:05 GMT

GET

pixel
cm.g.doubleclick.net/ Frame 09CD
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENW2LuUOeLtri2cfG748aJQ&google_cver=1&google_push=AXcoOmRANOboi5Iv2fhRu7njtoDBoxmKCJk3dAAfNiYZGbec8RkBhOn9rY2FW076THrbkHBtn00dU_HSpdQROVUjU9Nj...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENW2LuUOeLtri2cfG748aJQ&google_cver=1&google_push=AXcoOmRANOboi5Iv2fhRu7njtoDBoxmKCJk3dAAfNiYZGbec8RkBhOn9rY2FW076THrbkHBtn00dU_HSpdQROV...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRANOboi5Iv2fhRu7njtoDBoxmKCJk3dAAfNiYZGbec8RkBhOn9rY2FW076THrbkHBtn00dU_HSpdQROVUjU9Nj2Ac0EJ8&google_hm=ECZOh3ijRmmSvGkQe9W54w==

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 09CD
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEMh3RrLUjzU9Dxh0JkREAQk&google_cver=1&google_push=AXcoOmQioxFIVWefCdBE6Tjj91CNbjL3W3if3Y7r24J_sXFfOJ_WU9Qdvd7m4ByYmJugDsi5WKJQLahs6qm19IcEZ4mCQUM...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMh3RrLUjzU9Dxh0JkREAQk&google_cver=1&google_push=AXcoOmQioxFIVWefCdBE6Tjj91CNbjL3W3if3Y7r24J_sXFfOJ_WU9Qdvd7m4ByYmJugDsi5WKJQLahs6qm19IcEZ4mCQ...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQioxFIVWefCdBE6Tjj91CNbjL3W3if3Y7r24J_sXFfOJ_WU9Qdvd7m4ByYmJugDsi5WKJQLahs6qm19IcEZ4mCQUMkgmXI

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 09CD
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aOGwZNJ8S_Wi-QudT_iWDw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 09CD
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_hm=ZVLvXdOQZHukhhGRsBecegAABLcAAAAB&google_nid=index&google_push=AXcoOmTMFVHudmZV2NQR3HncWTS4LY1Xutr7P...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 09CD
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmT6ED_vDMP-50sT2Mi6P4Fz_30hh1EglpicNUyO-0y3K06jPX1JRhZOQWpfcglFhfJoU3d2bT6oeP...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmT6ED_vDMP-50sT2Mi6P4Fz_30hh1EglpicNUyO-0y3K06jPX1JRhZOQWpfcglFhfJoU3d2bT6oeP_98DF9ZmgeGv6mNXY&google_hm=d11c3103-dc29-4b6d-9c0...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 09CD
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGKjrsYcU5y2zsXq78KwJXw&google_cver=1&google_push=AXcoOmTtbGr3EQ5ytBPymc6lpqOfNGDGh1_FL3GLovBQK-M4qvwMyA7MvYM4st9jYhIhaC874oSONdIWEg7mIHgZ1DvRwMxfpwsb
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTtbGr3EQ5ytBPymc6lpqOfNGDGh1_FL3GLovBQK-M4qvwMyA7MvYM4st9jYhIhaC874oSONdIWEg7mIHgZ1DvRwMxfpws...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkzMzAwMDk5ODE2MTc0Nzg5NzM2OA%3D%3D&google_push=AXcoOmTtbGr3EQ5ytBPymc6lpqOfNGDGh1_FL3GLovBQK-M4qvwMyA7M...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 09CD 0
40 B 255ms
255ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KFSXCyk6fc_QOQZq053W8Hq2PikPoWQDOaFCZnjaKY5KvRm1cXMG9hfVg4zu7NRTIEglk9

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET

pixel
cm.g.doubleclick.net/ Frame 7121
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENW2LuUOeLtri2cfG748aJQ&google_cver=1&google_push=AXcoOmTaV9txLM6UDdH5ywcibD9rbsXoxgNDa9um_4O9AkE9wUdk9fs4KlDyv0Rjq13_lshucvhE1zQ0EKKU3ffJ9XLw...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENW2LuUOeLtri2cfG748aJQ&google_cver=1&google_push=AXcoOmTaV9txLM6UDdH5ywcibD9rbsXoxgNDa9um_4O9AkE9wUdk9fs4KlDyv0Rjq13_lshucvhE1zQ0EKKU3f...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTaV9txLM6UDdH5ywcibD9rbsXoxgNDa9um_4O9AkE9wUdk9fs4KlDyv0Rjq13_lshucvhE1zQ0EKKU3ffJ9XLwLDMabYqR&google_hm=Pn3WGXYWRfaW3LQkbKJEWA==

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7121
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTXFJ...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-lqVQ_WdwpTYEUw9FpYyhdFOgK0awIDkhKA70hQ&google_push=AXcoOmTXFJsrwz5T0NKI0q_5eqR1grMBmHwsiFuY-YwA40zhTqzmXKBu4EWG0hEKA56s-JgDDH7SL-IvtgP9...

170 B
188 B

653ms
651ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-lqVQ_WdwpTYEUw9FpYyhdFOgK0awIDkhKA70hQ&google_push=AXcoOmTXFJsrwz5T0NKI0q_5eqR1grMBmHwsiFuY-YwA40zhTqzmXKBu4EWG0hEKA56s-JgDDH7SL-IvtgP9S2roD3Fqn89OTs4

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:04 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-lqVQ_WdwpTYEUw9FpYyhdFOgK0awIDkhKA70hQ&google_push=AXcoOmTXFJsrwz5T0NKI0q_5eqR1grMBmHwsiFuY-YwA40zhTqzmXKBu4EWG0hEKA56s-JgDDH7SL-IvtgP9S2roD3Fqn89OTs4
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 720607
content-length: 0
expires: Tue, 14 Nov 2023 00:00:00 GMT

GET

pixel
cm.g.doubleclick.net/ Frame 7121
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nbRp9Ch7SaCCfLfzk1i_WA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 7121
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_hm=ZVLvXf6gEsRT6ZwT9PMEHwAAFJ8AAAIB&google_nid=index&google_push=AXcoOmRuvktECRJdmFBebY4z0_na5Wnf7AtwZ...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 7121
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEOru4RPDbZ2M2wlmPrXjEWk&google_cver=1&google_push=AXcoOmTtiUquCQnJqEYbTZklj7O9TigYBHqz_zhIABuLrf6vfL0RJDp6Vk-a-rFB588kUot2Ci3OXs-Fo-hu59wKcB0TwJTkGZBl
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTtiUquCQnJqEYbTZklj7O9TigYBHqz_zhIABuLrf6vfL0RJDp6Vk-a-rFB588kUot2Ci3OXs-Fo-hu59wKcB0TwJTkGZBl&google_hm=M0ZpWjRwcGpqTHBVSnl1...

0
0

GET

RX-f48bb6d9-94ab-4124-9dd7-d07e497ee5cf-003
sync.targeting.unrulymedia.com/csync/ Frame 7121
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRvdRhWP8HjQoTvbE3Wi6yFEs9Nb68EG59o2z7TuFT0-irD6cTD56woaQnn7AggkkaDXM_uUIeaWBapaNgkE5zs79daxUM&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-f48bb6d9-94ab-4124-9dd7-d07e497ee5cf-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRvdRhWP8HjQoTvbE3Wi...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 7121
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGKjrsYcU5y2zsXq78KwJXw&google_cver=1&google_push=AXcoOmS62OehRLCIvkttKP2WO3yBq5Y6Tj2AOqTaZX8wMsW0ejM-S4kV5UTq72LOclgbwax80a9okaEP3N1N4A2EMif3pzUkIUQg
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmS62OehRLCIvkttKP2WO3yBq5Y6Tj2AOqTaZX8wMsW0ejM-S4kV5UTq72LOclgbwax80a9okaEP3N1N4A2EMif3pzUkIUQ...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk1OTU0NzU2ODM3MjA4ODIyMjUy&google_push=AXcoOmS62OehRLCIvkttKP2WO3yBq5Y6Tj2AOqTaZX8wMsW0ejM-S4kV5UTq72LO...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7121 0
40 B 425ms
425ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13INYUlcVJu2Ga5Cv4zec7_dzpnToyK3HEN67nTXL0hiG_V-_-26gJ_M63mBBOsi3jjIsxXs

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET

pixel
cm.g.doubleclick.net/ Frame 9EEB
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENW2LuUOeLtri2cfG748aJQ&google_cver=1&google_push=AXcoOmSdAqRjpRkCsK7Qe5SMoZoKuwJvjyR3QrpE-7xKLGLhXr833fAsuJ55QcMAYEwo0aAFYtfkSZote601T0P-jg2p...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENW2LuUOeLtri2cfG748aJQ&google_cver=1&google_push=AXcoOmSdAqRjpRkCsK7Qe5SMoZoKuwJvjyR3QrpE-7xKLGLhXr833fAsuJ55QcMAYEwo0aAFYtfkSZote601T0...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSdAqRjpRkCsK7Qe5SMoZoKuwJvjyR3QrpE-7xKLGLhXr833fAsuJ55QcMAYEwo0aAFYtfkSZote601T0P-jg2pNYAPIJaIAg&google_hm=S-Ho14mrTNqSiEQb47a2rA==

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 9EEB
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEMh3RrLUjzU9Dxh0JkREAQk&google_cver=1&google_push=AXcoOmTdnGJp_TZzLDHOK_rwTPJcrbyVyaG4our_AAGxeXTeFNUgha3mUPwhuhCi1uyXBSOkd30P1bJ3u9ykzDIPhfdPRUS...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMh3RrLUjzU9Dxh0JkREAQk&google_cver=1&google_push=AXcoOmTdnGJp_TZzLDHOK_rwTPJcrbyVyaG4our_AAGxeXTeFNUgha3mUPwhuhCi1uyXBSOkd30P1bJ3u9ykzDIPhfdPR...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTdnGJp_TZzLDHOK_rwTPJcrbyVyaG4our_AAGxeXTeFNUgha3mUPwhuhCi1uyXBSOkd30P1bJ3u9ykzDIPhfdPRUSAC8RxeA

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 9EEB
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEOru4RPDbZ2M2wlmPrXjEWk&google_cver=1&google_push=AXcoOmTgGtmHM6DJZpY523WuC9Io4WX42krNmBLKyYOdPodVdoKDqEjnczB6FEelVo6fNqhEvyW1FAbMlsmWAld1lqLhx5dyoG-X6A
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTgGtmHM6DJZpY523WuC9Io4WX42krNmBLKyYOdPodVdoKDqEjnczB6FEelVo6fNqhEvyW1FAbMlsmWAld1lqLhx5dyoG-X6A&google_hm=M0ZpWjRwcGpqTHBVSn...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 9EEB
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQU37Y9fshYQNgZ476__O489BUYPwo2Wlq2l4zqTjh5TEfDkN71ZNo0nWSPGgS9RDfnLzlkBUP0qkFCpronIoxA_Ym1iPr3Xw&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-49f0d173-dc87-44c4-9c95-b0a58e0c5e16-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQU37Y9fshYQNgZ476__...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQU37Y9fshYQNgZ476__O489BUYPwo2Wlq2l4zqTjh5TEfDkN71ZNo0nWSPGgS9RDfnLzlkBUP0qkFCpronIoxA_Ym1iPr3Xw&google_hm=A0nw0XPch0TEnJWwpY4MXhY

0
0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9EEB
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESENDVyt-jr9Jo1erqLbHAGck&google_cver=1&google_push=AXcoOmRRd47Rd70Qi5I1WyKfSqU1s3lr4SAUBJUzSOulnR17b3styihmCBHsuE9BUlQooBNw_rYD1fLH2Q7MeS9Hx6SxzeZewc9d
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyOTM1NjQ1Njg2MjkwNTAwMFYxMA%3d%3d&mn_hm=MzQyOTM1NjQ1Njg2MjkwNTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRRd47Rd70Qi5I1WyKfSqU1s3l...

170 B
232 B

839ms
838ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyOTM1NjQ1Njg2MjkwNTAwMFYxMA%3d%3d&mn_hm=MzQyOTM1NjQ1Njg2MjkwNTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRRd47Rd70Qi5I1WyKfSqU1s3lr4SAUBJUzSOulnR17b3styihmCBHsuE9BUlQooBNw_rYD1fLH2Q7MeS9Hx6SxzeZewc9d&gdpr=&gdpr_consent=

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Nov 2023 03:54:05 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyOTM1NjQ1Njg2MjkwNTAwMFYxMA%3d%3d&mn_hm=MzQyOTM1NjQ1Njg2MjkwNTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRRd47Rd70Qi5I1WyKfSqU1s3lr4SAUBJUzSOulnR17b3styihmCBHsuE9BUlQooBNw_rYD1fLH2Q7MeS9Hx6SxzeZewc9d&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Tue, 14 Nov 2023 03:54:05 GMT

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 9EEB 0
35 B 741ms
237ms Image
text/plain 52.58.37.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESELa5RAYWWNDi8qXFBppqpu8&google_cver=1&google_push=AXcoOmRUzC6B29Itw2nwb6tB1ZP7uT1dbpWrTWj7oUdACycCCBqzRHyNeJRbEoy4IH0jmUof68_cTvi9CO5coubQSaXzBods0TqAXjk
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.37.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-37-65.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:05 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 9EEB
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEH4Wrk9vFcJ_s4bE-L7lejc&google_cver=1&google_push=AXcoOmRU7ciqy9avUh7EFB6SCVbOQVZhB315Royb75pBqQqlbFASq-rLcT3d3fbTZee415VM4wf4VUl2OXH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi8v3BNETZfOPkMGbNClPof-nF2Ul09D4iQ&google_push=AXcoOmRU7ciqy9avUh7EFB6SCVbOQVZhB315Royb75pBqQqlbFASq-rLcT3d3fbTZee415VM4wf4VUl2OX...
https://onetag-sys.com/match/?int_id=19&google_error=5

0
340 B

180ms
179ms

Image
text/plain

51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9EEB 0
49 B 575ms
574ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IMyQtJod843GAedmmA5NoRJT6BnxVVl-bZrvSSX0UMfL6XQ-eFVy--Mookeg9t5FMYNYHkh3c

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame A918 49 B
492 B 1126ms
474ms XHR
application/json 18.66.122.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-80.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:06 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: 0I4knHWJvXS8N3VDQP8c12WeaLSLcC1GfcK_PuSdN8bVANzpT6hEag==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 932ms
293ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:05 GMT
x-amzn-RequestId: c9c99891-9a92-3661-9405-690c58c525cb

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame A918 133 B
569 B 434ms
234ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: ecd52e353cbf7ec6de80cd2c9c42c3b9a6518d9b743eb74e9de25d30063b2ba7

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=fa9c63548b2355abccba354093449e766ca758a11a200e54945e0cdd1a9406e6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 2a55e0e065283a8b0318b9d9012583b244c30d44db8b38cac711e05297f8fc37
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035405Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: c3b9638f-f647-9b30-9e75-9211c65d54fa
Content-Length: 133
x-amz-id-2: rfrv2eKHleB+ESSK4HYIuRle5XozrNUdSif6cynxLRFU13RSo30Zg/HxiQAj22v4kU2CftuSHKaDi8QI6hXc93Sq5D12scpS
Content-Type: application/x-amz-json-1.1

GET
H2 200 ymcas Show response
ads.yieldmo.com/ Frame 9543 5 KB
2 KB 861ms
861ms Document
text/html 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 743b203748c04045215d60f68d8c477f05b8000f320766001a2f3081fc5609be

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 14 Nov 2023 03:54:05 GMT
pragma: no-cache
vary: accept-encoding

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 918ms
294ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:05 GMT
x-amzn-RequestId: fbca1ad9-4b28-94c9-a606-eb4429717018

GET
H2 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js/desktop/ Frame A918 208 KB
64 KB 1108ms
261ms XHR
application/javascript 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding: gzip
via: 1.1 ed149c4696419c0643fab13e9539b16c.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 10:23:12 GMT
x-amz-cf-pop: FRA60-P5
age: 70760
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:36 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: UwCqWED1hOqF5GEAJycITyOTWtGXi0nCqOk6prBXqxnD3bI6FivsFw==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame A918 133 B
569 B 432ms
230ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: 8e3f722ac8fa27dca358e50a71ed3d36b2956fd319b0c917fae24c9bdbd5a558

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=62392f8d32a3cc757950fcf1e3e7774adaa59af2bfa35f602f7bad8cf230ab65
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: dcc62f86a715f422400aaa8a62e85854fdb3d4757808df628e803cfc4ae790ad
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035405Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: ddbdf0e0-cf3f-8332-8071-017e7beba139
Content-Length: 133
x-amz-id-2: NXRZnBuaqrhRPegb8RcpQaTZROuGc2baBagWuVltZKHtmeCbmJ6bCLcgs2PBhuuukiJm7tCfozEfGGEVT1qQfZw0VQagt1bg
Content-Type: application/x-amz-json-1.1

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D493 0
0 100ms
100ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHxdkWe9SZditDdSbgAeG6KKoAof0kpBc6Oum6fUEwI23ARABIABg9eWzgYgEggEXY2EtcHViLTM5NDQ5NTQ4NjIzMTYyODPIAQngAgCoAwHIAwKqBOIBT9Bx4J1hD9c65o1dVuclqszOP3JFIpPKaQcntvvEYdg4GzFeRkYnP1mSnLbgNYMOhkyXBB4K-YxRdCTbYj8SDRSO8-owvBsI6AhFNS73QGeA3FL6oWQ6DJJHCfjk5O7sJIjYwhb2MtCE2cIMYdPlHYAccfglfNueJ8WCXzMIYH2A6v0qd5geg4QKYJn7PLKQJnK-884-68TR10UDSGVmjFoOUN0y5iT446N8Yk980GJeT2zEn5jm7RUoJ3HbMlk39xQctqzFfXr7ymQfKuigxRGwctZyl3WMC-FltDZQfFFmO-AEAYAGp86V78vvzr6fAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgP6CwIIAYAMAeINEwjzxavly8KCAxXUDeAKHQa0CCXQFQGAFwGyFxwKGhIUcHViLTM5NDQ5NTQ4NjIzMTYyODMYmNsQ&sigh=axnorafrc_0&uach_m=[UACH]&cid=CAQSOwDICaaN3qBuLuH1h7jzHtIqjXPOfNN4mLYvxPsqCTdOpQv4OgpsqgKxJu2UCr4INtJTC8Z9Q3QhUyvUGAE&tpd=AGWhJmuP39OZBRvRpauJbwydI1YBhx_RMS8thXzFmLyuRdyzy7qaz-xnVQg3ifMNNnwHEK_FjnIx1tnKyg1cHhltjg-gooGMLU2nax4vL6Agdb4UtBPLK-RGOHDh546T5NdGbwVxxsVNSrrFc7nmC0DLGAjX3vdUUU1IE605zLfyg-THDfaNkIN1Mb5ogiFQAa7PtYrqq75B71gUKMxQAAflmuoo8XlTTdWkAI59cnDp9VtfrDu_TBnDkg6CfNCqO1gbum3z20e6J-9q-0QTlc8fu6AwFn-nof5EG00XJlXvOXNYCd_8kH4rorp0ZtuXWqD6rzV1eKlSJVhy9loxV7mTbb38LzWRD4YaPdQaq13kW6LpIIOk5WLz2OuFMPDVCNdtucTp9bNVN16WIesbSL0kk9_5N88zawugpVNWMo5ANrK-zpeAZleZpAZKDGquR1fX4PBw8RC2KKz2Ms-fWgadbXNoC0-TF4Kot2HA5VNPPbEgs0eE6RE00nUPmSFJvcMp_xMPzwp1rjw6k6izAa_6k4QYkcGyM5BIeAY7YVvIVcNe-vX7YeODAKAFVXf_66DksQm-UAd-SMYXJzYfMpm1x0ReNr2d3wTfqy3cp0q0Z-GQCRtnsM-jSOblR2qRrjcJ5jmLncd6nlsIb4PwYPYI2M6eveS6qajkhqHk9LMfS1Nr_kBVQIrbxrTJXWCGIsiDgrFzHScFy28Fg6eRD2yF3upE6r6znmoukVM6MJI-Jx10Ua8zf6rCFpqvdOnAL1bom_P2_oMmfIIn9MN_jLA4XdJIjWjV36sgprNl4NWgR3CnkLKZnJkHs5B3&cbvp=2&vis=1
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lcfraa-aa-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame 5D04 49 B
491 B 1047ms
485ms XHR
application/json 18.66.122.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-80.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:06 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: o-bUK9BQeys_qqmcnIKuLmm_d9oRVxw-bnc6urioZxz5-Tc3ULV7kQ==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 1008ms
272ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: fb445524-967c-d8b8-a688-a4ba22a8fab3

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 5D04 133 B
569 B 519ms
146ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: d6dbe2254b88fd64ccfb78c02420ca38b1d33cf395ea539f463bc40d614399f0

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=68d64f08ec49febea485fa7243ac9f435382a20ad971dc124a58db312251b428
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 8a585036fb77792d92bb49730811ea9af3a8b509b3956b5c477f4e7487852c5a
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035405Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: e6256eb4-4f10-8e0e-bbe9-9f2a1353cda2
Content-Length: 133
x-amz-id-2: Ita/iTNJaGY5q3FRh5Nj5Ij8r+m1bt/eiZLoZDUETFzZIXb5N7lhZyGsgItavLcGow7SZr3QbsJZHhEy1Rmcbc2XK7AVdYHw
Content-Type: application/x-amz-json-1.1

GET
H2 200 ymcas Show response
ads.yieldmo.com/ Frame 4375 5 KB
2 KB 812ms
812ms Document
text/html 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 77b6a3fdec16d972cfad3073c0b75069447fd76f9fd55e2c867a289e6d7f156d

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 14 Nov 2023 03:54:05 GMT
pragma: no-cache
vary: accept-encoding

GET
H2 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js/desktop/ Frame 5D04 208 KB
64 KB 1247ms
520ms XHR
application/javascript 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding: gzip
via: 1.1 ed149c4696419c0643fab13e9539b16c.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 10:23:12 GMT
x-amz-cf-pop: FRA60-P5
age: 70760
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:36 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: ldt19ByHjZxDYXnyd-cglkF3-JJUI3Wg4j8c2ZpmcB5gpoDA27qW2A==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 5D04 133 B
569 B 471ms
188ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: c0db6a52aeb047a95acba920ff4ee2f98d956cdd75589cf17b5472d9884599c8

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=f8045207600c0ab909671b3e52f810c79dab61d8f3eb15036a3fe329254b1c62
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 61d8f84d0ebaa73b30d366c098d400a1f84663ef0d4d2644bf1c3aabcd949adf
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035405Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: eccf39ec-2e9a-7f54-b103-c8721e80b09e
Content-Length: 133
x-amz-id-2: SeHlkQXraybDt11s1lT+ozYeyXoPOwxpTrUzDbx59A30m5yvIK9xal7K6GbS1PZvFCAPKsPrqd3djREqGqy/K1qxuSgHkeW8
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 979ms
261ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:05 GMT
x-amzn-RequestId: f6e386a4-ac79-8584-ab2f-77399c634a4e

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EF6E
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEB27WBbC6lD_LKQ6J07Zt_s&google_cver=1&google_push=AXcoOmTQIRVv--sYT78AaL0ZyGlznKS8tlsbeSEjR9CD_h_1ogtBIgeTHPxHcFiT-oPr2h-YpWYanLOA5amr0otazvK3bJtYl83miQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7981F128CF754E1F90A6E0B7231F5862&google_push=AXcoOmTQIRVv--sYT78AaL0ZyGlznKS8tlsbeSEjR9CD_h_1ogtBIgeTHPxHcFiT-oPr2h-YpWYanLOA5amr0ot...

170 B
232 B

840ms
838ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7981F128CF754E1F90A6E0B7231F5862&google_push=AXcoOmTQIRVv--sYT78AaL0ZyGlznKS8tlsbeSEjR9CD_h_1ogtBIgeTHPxHcFiT-oPr2h-YpWYanLOA5amr0otazvK3bJtYl83miQ

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 14 Nov 2023 03:54:05 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7981F128CF754E1F90A6E0B7231F5862&google_push=AXcoOmTQIRVv--sYT78AaL0ZyGlznKS8tlsbeSEjR9CD_h_1ogtBIgeTHPxHcFiT-oPr2h-YpWYanLOA5amr0otazvK3bJtYl83miQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 13 Nov 2023 03:54:05 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EF6E
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRj3N...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-lqVQ_WdwpTYEUw9FpYyhdFOgK0awIDkhKA70hQ&google_push=AXcoOmRj3NQ215m4jNnkZCuaoKKsrqHXDuYEnZu7rxdtnfw0Hit7zMNCafTm4xxjUvFYY3oriDRAGqMTMeZ0...

170 B
232 B

682ms
679ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-lqVQ_WdwpTYEUw9FpYyhdFOgK0awIDkhKA70hQ&google_push=AXcoOmRj3NQ215m4jNnkZCuaoKKsrqHXDuYEnZu7rxdtnfw0Hit7zMNCafTm4xxjUvFYY3oriDRAGqMTMeZ0EQSDS6Ey9eVyqMTJkA

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:04 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-lqVQ_WdwpTYEUw9FpYyhdFOgK0awIDkhKA70hQ&google_push=AXcoOmRj3NQ215m4jNnkZCuaoKKsrqHXDuYEnZu7rxdtnfw0Hit7zMNCafTm4xxjUvFYY3oriDRAGqMTMeZ0EQSDS6Ey9eVyqMTJkA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 744719
content-length: 0
expires: Tue, 14 Nov 2023 00:00:00 GMT

GET

pixel
cm.g.doubleclick.net/ Frame EF6E
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Lc8Yitm_Rxaeo-UZKdoTHw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame EF6E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_hm=ZVLvXdhlxa_jmfJ1_BzSSgAACF4AAAIB&google_nid=index&google_push=AXcoOmQzvFzEpl441bgqUAabtcwVDZ7crEPps...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame EF6E
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRqdL1_dzzqVXtM5Zp5Iv2WSgOJtqMofKvFlrlaTKgnAMZYNQIp6ouPTDSzaB7WdZ7TJ7TrStRaHO2KhTyPC_6E-_uvQZLL&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-49f0d173-dc87-44c4-9c95-b0a58e0c5e16-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRqdL1_dzzqVXtM5Zp5I...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRqdL1_dzzqVXtM5Zp5Iv2WSgOJtqMofKvFlrlaTKgnAMZYNQIp6ouPTDSzaB7WdZ7TJ7TrStRaHO2KhTyPC_6E-_uvQZLL&google_hm=A0nw0XPch0TEnJWwpY4MXhY

0
0

GET

pixel
cm.g.doubleclick.net/ Frame EF6E
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGKjrsYcU5y2zsXq78KwJXw&google_cver=1&google_push=AXcoOmTI3W2xpe3uEc25ezKvhBAQyz62pdGLJX5LlMSfLMvLYp0Wcy9QVnmXaMBvfgCvqENqWFueVWd2TtxrLKTZ-mVZof4wym_M
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTI3W2xpe3uEc25ezKvhBAQyz62pdGLJX5LlMSfLMvLYp0Wcy9QVnmXaMBvfgCvqENqWFueVWd2TtxrLKTZ-mVZof4wym_...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ1NDMxNDI0MDEzNTQ1NDcxNDI5Mw%3D%3D&google_push=AXcoOmTI3W2xpe3uEc25ezKvhBAQyz62pdGLJX5LlMSfLMvLYp0Wcy9Q...

0
0

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame EF6E 0
34 B 634ms
359ms Image
text/plain 52.58.37.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESELa5RAYWWNDi8qXFBppqpu8&google_cver=1&google_push=AXcoOmQVi0XISEJcdJV3iuoJh3vmJVSkzkp9FBSKGmEbJfnANvIUohKqXhBK5mt-d51eGJwmwgMhZ6GZXHGbOUhhIa1zq_upi76_vCk
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.37.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-37-65.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:05 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame EF6E 0
49 B 440ms
440ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KKWmWJ8KomwC6rK0YvOywXN22p8LZ1onIM6O0sjOH5yLdiFk2n3vXWdbk7ywH-z_2m-WPzMA

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 8B42 205 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 078d4610223b6813e0f9c323a026f8716a9d90a1c5a3419ce18a4351e606f4b5

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 717ms
170ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: e0dda568-2f1f-c836-bd11-54f6680faddd

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame D493 133 B
569 B 470ms
194ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: 2d770a19d3523614c3f5642d3465a68410d08f83bafc6aa34e56a63f5a27d4e5

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=11c8a5ea8aecb83edc26eaffe3901123da797294a858d4f3438a52493fb25766
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 898fd656ccc5536e003b627a50e79fd8a32630fc51f5f47508f863e6fbea4998
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035405Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: f299002f-b1f2-ea4e-af55-f1b173a5f9e4
Content-Length: 133
x-amz-id-2: rjdmC8RwST+bccrn0wFAl6GyRl+lVf5/1EEJb7h3fWTWruSu5j7gjjPTesPAwBC55Lj9tBWZJDAXgotMtVDdDvCYvxyuNKrj
Content-Type: application/x-amz-json-1.1

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A918 0
0 115ms
114ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVLX_Wu9SZY3DL7mL1PIPtreKmA-H9JKQXOjrpun1BMCNtwEQASAAYPXls4GIBIIBF2NhLXB1Yi0zOTQ0OTU0ODYyMzE2MjgzyAEJ4AIAqAMByAMCqgTiAU_Q2uh9B74st2w2oAetgMGJXqhuqNQpfNSjoonloJlHyN1vp9ctFGJBo1ZXJZFmrqzVrBmwWI1-NsUgIPbMs4ahK8srne3SUMDAuZB0wPgxjIouSUimAmwhVJxnoVp-AstdaWb8gr7eWArvcCpQpLb-3y9v5JsxEfPP2ROrtj1UIhlQUtRUJXJMi10YC_8kVqgJNFIofJIkjKyNqy3Sxsg3zE9NDKBbrYJiBvFhv9czs6EwQh62eTHqxbn9LA1QaZOULH3cg_5RIBy746TLJQMB3hGHDRQKmbmp_CrJLR8tUl3gBAGABt3XybuzsKe-1wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoD-gsCCAGADAHiDRMIseCK5svCggMVuQVVCB22mwLz0BUBgBcBshccChoSFHB1Yi0zOTQ0OTU0ODYyMzE2MjgzGJjbEA&sigh=KwIn16C0Pjc&uach_m=[UACH]&cid=CAQSOwDICaaNhsKWZx6VV6AO1YzHQ6efdjPXPjFtQvg-4Al9dpAjvaBzOWmp-LLXADJIe6Q3BynTWc7hqzuFGAE&tpd=AGWhJmvyHrYkZQlUoS3xjdf3LryyOgvSuiRgYyzgdgzeLwsJP3FLPrW9OcQjFf9hApTov1c41ibLqFMZsxJa0g6UblA6fuoYRmBruM9dINjFU-Xii05UQ3468H4iXSSv-iQIHXU84OIUUs8UuU77iQT0Y1wqh1h6tkfOqqRjF5EhhnGhhkKdFnePNYrdiDcVc86XHLf0qDYSyDLCJi4YK28D2Xu09cLOexY-BAHImqJZaQLCwGpTZUOLoU3GBp4j1eaLWPCi7MRZJ3mWF4z4kjmwb2WAQcQU3Xg6b9BQ5BtobzbN0TIFnTYvGVb7FCs0vesaWunxGXtFUyrz4O3BRke1RSj0zG_Gk0xjSjNl0FTvO5V_sIW-uUEGmMJdeELAOs_deS1PN1foahQLj90-VZwLJL81eCHWHPfbeLHlQ7hjGCBGgLxGWsO4596tkgWwyvUYnDMdsUc_bwdYdOKQkp6xp4gXDehcB5FAdVGd8jyVnkH4VPl84avhCyL38DaATZB-nS3hgC6xiBZLY-vg0K1wzl9iIZYMcg6dr-GuPp_-VCYWz4nxmK1YQpcriX4xNY14We2rD2Lg4WKGx2Jue-JXH5eKBRB9diASOZWnQAR9ZhFqpPa8zlMV-FOpO500Zvgc9FZpA14qa3p4vsqN-6RCPJhJzZewoLi-RZ_1wVIWP98gERF_FKwoGN7TPWqVGISU8HVXo7vIF6Kkrzq0aYFzPhRRxrEoQkzvC0GNeIGjUEaKg_OvKm61Rm0G7ZxNvdV-UOnq67kzfDGYld7CNjqb2lBtSBoBFIoSprLxljakybggHjvfKZ1aR-ke&cbvp=2&vis=1
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lcfraa-aa-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame A918 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a768ff46e14c6dd54cae5393488a39750f3850f95b7f6870c090e48631db502

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5D04 0
0 245ms
245ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CnuXgWu9SZYeEMcnXgAewhbW4AYf0kpBc6Oum6fUEwI23ARABIABg9eWzgYgEggEXY2EtcHViLTM5NDQ5NTQ4NjIzMTYyODPIAQngAgCoAwHIAwKqBOIBT9APGHtaZfh3NXZqscUy59d_WurQu29-lh6eljwCAd1gA7hj_fyrDATuWrG3dwBsuD9dv6V_EBBFLO9iXiFKYeUA4yaiE4bvIUZupTwzfYIiqYi2XJ0ncYB_rFX9qKD2Y5NU1caCHDCpaLPFa9P8HMHyPJCGED-FOcr39OsFolfJChByYtDFN8Bna1Vw_tVIcdbcNJIWIQS9LEI51lolqMFjfQsIUQvHk7lJRXZa1gJMg-cj9nLDX2L7iXG8cAgO9TVllN56mrv79Vjc_mlgNgEaUxxD7dbuXzX7Al10d6r3GOAEAYAG3dfJu7Owp77XAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgP6CwIIAYAMAeINEwjlmozmy8KCAxXJK-AKHbBCDRfQFQGAFwGyFxwKGhIUcHViLTM5NDQ5NTQ4NjIzMTYyODMYmNsQ&sigh=EnUYBRj7OaQ&uach_m=[UACH]&cid=CAQSOwDICaaNwQp7_Z9AS6pyNWA-MWrYsFBjCb0i72_12PF8jmSZuwIIZR3kqZcxCREHxQ2EWk9H-ZLRB1F3GAE&tpd=AGWhJmtXix377aLW68pP9uBw5F_GSQghLkSDgyasaJEr_ANGAdVzYnviHWjEEwZjzBPVfU5pNEu9R_VGbCHQkcmtIcDvQFTztaZT9kLYhUYGcWVIF3kJLUJPFIioob2HQbxpyr2rb7g_9Fm_Xy_oykO_7L4d0JrmONTZykN3VnhiHmEDnI5pEXbAh5lr8n6L6IZoxAPM_mX_ZOkHubqA4lOiEUcWXVUTLeef2iO1l8IVeLklIfduRSe7WACVrwqLqoaxcApPdakTCg0xqQ41NMC7yNqELYmLwy1ErpHOH-Oy0h2_lqw15Wbv3vM7B84XNRIMAibF-VxY4PXVJwm1Z1FTqH1g5dESxFqjncg0GoEjEYVgG7-4clPOxrcQt31PcASXmW06lH86JV0s_Gc8-Qb9D47KaRV80-0-wAqlma1Te9JF3jGvT97D2rMUdBZe7IkihZ2VQ6M-bokKpzjkzyN-3wXmInrm0ZVGH8eYyQQqOx7p2IMsS3aCoG7LkANMW-mnWR9XNJn7XoFqeoh3CqGq_ioBrUih3QxnKAiUTXeLTMaXpkuTSSReE8mIbKR4D5qQV5b4t1v2e0kGn9e2vpZWndZNYKLO0COJp9exSXdmxJjHg-WXFPuVopUSpLBjwimcAV33JT7qkqYPAqkQBgf7uBLDpftf_b2l0qRz7fTPJgBFTnDbBqpsE4JBWf9R3M0Gf00JU1ldLTus4pyLOqMdXUEWLU1ZoXvjsiuUmgAoRuNLbvLq3Tlx8WA7bTIorvVI0M-xZHEo_JypxoYjHEcCbt-6QBdyLpVwkxpR8pC0FLnNX8518Vqdugmu&cbvp=2&vis=1
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lcfraa-aa-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 5D04 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b785deb1ff7d1bd60aa424b5938973a34fff3ee540532cd2fe39eb806347784

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CF2F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07dc6fe01be1107d8b1be4900c68cfda7f4b5c1afcc1eea9a56870aefeecf35f

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 070E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1e5e70f7579a338da060720b98881e4df9ed0bcf300651ce3dce736c6850d17

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4770
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEB27WBbC6lD_LKQ6J07Zt_s&google_cver=1&google_push=AXcoOmS3kfLj_IoTc2wK0S1DQvdm0mk57g-ccRJgiMLhzqxd2e6DkD4BHopEoQZdH-0ZPdBKJSzuffiF2_tmNFo3qVH2NSOJXtc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=17D08A2DF7414A398BBFF17AB51FD74A&google_push=AXcoOmS3kfLj_IoTc2wK0S1DQvdm0mk57g-ccRJgiMLhzqxd2e6DkD4BHopEoQZdH-0ZPdBKJSzuffiF2_tmNFo...

170 B
188 B

1251ms
1249ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=17D08A2DF7414A398BBFF17AB51FD74A&google_push=AXcoOmS3kfLj_IoTc2wK0S1DQvdm0mk57g-ccRJgiMLhzqxd2e6DkD4BHopEoQZdH-0ZPdBKJSzuffiF2_tmNFo3qVH2NSOJXtc

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 14 Nov 2023 03:54:05 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=17D08A2DF7414A398BBFF17AB51FD74A&google_push=AXcoOmS3kfLj_IoTc2wK0S1DQvdm0mk57g-ccRJgiMLhzqxd2e6DkD4BHopEoQZdH-0ZPdBKJSzuffiF2_tmNFo3qVH2NSOJXtc
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 13 Nov 2023 03:54:05 GMT

GET

pixel
cm.g.doubleclick.net/ Frame 4770
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEMh3RrLUjzU9Dxh0JkREAQk&google_cver=1&google_push=AXcoOmS3HveI-26vjKcR3OEWLiiLdYv91GNEc6otHBbqOjOKpHwaH-apEaKW2hGJvrAtPa8rbsJdfysbABJrz3V1ciYn7j-...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMh3RrLUjzU9Dxh0JkREAQk&google_cver=1&google_push=AXcoOmS3HveI-26vjKcR3OEWLiiLdYv91GNEc6otHBbqOjOKpHwaH-apEaKW2hGJvrAtPa8rbsJdfysbABJrz3V1ciYn7...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmS3HveI-26vjKcR3OEWLiiLdYv91GNEc6otHBbqOjOKpHwaH-apEaKW2hGJvrAtPa8rbsJdfysbABJrz3V1ciYn7j-exVg

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 4770
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SgVmX0MOS0eMZrMlYOCJlw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 4770
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_hm=ZVLvXcWoY9-Lfjjl8kRqowAAFKYAAAIB&google_nid=index&google_push=AXcoOmR5lOrNWShJtoqb4bsmrh0GWG5mGCp2v...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 4770
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEOru4RPDbZ2M2wlmPrXjEWk&google_cver=1&google_push=AXcoOmSmmc-wk9AqSqfdIsTFwPuOZ1YgzC18Ssx-dbhm9SoDl2G9yU5XCB3RgMnZpQbfrhKeDBpRsBRkg3pBWDWTvUlRLralaj4
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSmmc-wk9AqSqfdIsTFwPuOZ1YgzC18Ssx-dbhm9SoDl2G9yU5XCB3RgMnZpQbfrhKeDBpRsBRkg3pBWDWTvUlRLralaj4&google_hm=M0ZpWjRwcGpqTHBVSnl1N...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 4770
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESENDVyt-jr9Jo1erqLbHAGck&google_cver=1&google_push=AXcoOmRysJpiZYmm8vuUjPN3p2-EEz0MmPh6X5noUc-vJBU5SpfsU66ggUE3xaB5Ew8hhG8rQ2mhMS61d8mHtRJ_3JsXINvP0eeH
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyOTM1NjQ1Njg2MjkyNDAwMFYxMA%3d%3d&mn_hm=MzQyOTM1NjQ1Njg2MjkyNDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRysJpiZYmm8vuUjPN3p2-EEz0...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 4770
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEH4Wrk9vFcJ_s4bE-L7lejc&google_cver=1&google_push=AXcoOmSjA-NLHQewqS1aaCcjK-kMHVKj1eAiPIJEBuMUTr99OwvCdDfKBDHZ0vtGqhnzFH67wSGMCoZCxFL...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi8v3BTJRt9zD8Xb9gjRY80nVQ3UPVnDeAA&google_push=AXcoOmSjA-NLHQewqS1aaCcjK-kMHVKj1eAiPIJEBuMUTr99OwvCdDfKBDHZ0vtGqhnzFH67wSGMCoZCxF...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4770 0
40 B 351ms
351ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J8zzak0Pfv1cTRD6ClKDgAPHWv_FbEsELf9Y1nKvXNAoVlFlOeMn0h9bU05p8-R4AZ7Grbfg

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame 8B42 49 B
492 B 485ms
292ms XHR
application/json 18.66.122.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-80.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:06 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: 1cs9TCV_kAfRohbb7cIdvc-257n2apReE8a6SZUMstp4MkXdOQvImg==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 651ms
171ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: f1b7a23b-b4a4-33bc-ac7b-53a576f32016

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 8B42 133 B
569 B 470ms
190ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: 0d44664400782938c8c275989fa328d0a266bc98557c6f58709895ae20b13a73

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=e764ef0b8fed3d4820b2321f8eeead9c21dd9d413eb3b09ed754116703cc8166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: e8720d3f374e66f2af092f187592765994aca7ddf167f0e4a591c81411ce8374
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035405Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: febe143c-e05b-ffd1-a372-e5a282021b00
Content-Length: 133
x-amz-id-2: W5lCo/tIxoxc6NWbl3fDMWNGgPkJp+xuPpzj6GlO9IzRwCr+yApDn+RnbAU1mMA1mW5rrabmMUBZUmS5RuIWXrZqFndJJ9/w
Content-Type: application/x-amz-json-1.1

GET
H2 200 ymcas Show response
ads.yieldmo.com/ Frame 950C 5 KB
2 KB 654ms
654ms Document
text/html 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1c3df57f5cb65449bf9f1059a58d62d52b79d79f3b9e988d9bef8fac92b63087

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 14 Nov 2023 03:54:05 GMT
pragma: no-cache
vary: accept-encoding

GET
H2 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js_b/desktop/ Frame 8B42 208 KB
64 KB 1028ms
647ms XHR
application/javascript 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js_b/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: YQ_PAHjHhR2k9ZZbM2TmYlKb5Z2N6Pg_
content-encoding: gzip
via: 1.1 ed149c4696419c0643fab13e9539b16c.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 15:29:37 GMT
x-amz-cf-pop: FRA60-P5
age: 44670
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:37 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: 2uRaq0DX_7sMwgU9VFAnksPiH1ATyyMqNCqURfR2Y4aaWMQH9VD6cw==

GET
DATA 200
OK truncated
/ Frame C6D0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0ca3935fd2f15231808c0e0f9e0eb97cb0b790ad84bb5341e7df38f8008c262

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame CFBF
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEA_c0SWOhZW1xoTmQkJNfRE&google_cver=1&google_push=AXcoOmR7SQTZ9WhvKqEVEIsMzDE_N-eMG3R8wGOwkm07DIHItQafwneMbunC3IkqJCw-0or4Xclt6IEAB8lDx2mDTFKb0vVvGQjk&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEA_c0SWOhZW1xoTmQkJNfRE&google_cver=1&google_push=AXcoOmR7SQTZ9WhvKqEVEIsMzDE_N-eMG3R8wGOwkm07DIHItQafwneMbunC3IkqJCw-0or4Xclt6IEAB8lDx2mDTFKb0vVvGQj...

43 B
416 B

247ms
246ms

Image
image/gif

104.18.24.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEA_c0SWOhZW1xoTmQkJNfRE&google_cver=1&google_push=AXcoOmR7SQTZ9WhvKqEVEIsMzDE_N-eMG3R8wGOwkm07DIHItQafwneMbunC3IkqJCw-0or4Xclt6IEAB8lDx2mDTFKb0vVvGQjk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR7SQTZ9WhvKqEVEIsMzDE_N-eMG3R8wGOwkm07DIHItQafwneMbunC3IkqJCw-0or4Xclt6IEAB8lDx2mDTFKb0vVvGQjk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:06 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 825c4fad69fa24c2-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:06 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 6222
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEA_c0SWOhZW1xoTmQkJNfRE&google_cver=1&google_push=AXcoOmR7SQTZ9WhvKqEVEIsMzDE_N-eMG3R8wGOwkm07DIHItQafwneMbunC3IkqJCw-0or4Xclt6IEAB8lDx2mDTFKb0vVvGQjk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR7SQTZ9WhvKqEVEIsMzDE_N-eMG3R8wGOwkm07DIHItQafwneMbunC3IkqJCw-0or4Xclt6IEAB8lDx2mDTFKb0vVvGQjk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 825c4fabfff024c2-ZRH
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET

pixel
cm.g.doubleclick.net/ Frame CFBF
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEMh3RrLUjzU9Dxh0JkREAQk&google_cver=1&google_push=AXcoOmST6AZ7L8zuj_m0azuuJ7QubLXjm_z5rh4Tta1M_czhucJlQn8D8kmuHYdJZzju5uC7JSXmNimZHTApn9sr-kpuO99...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEMh3RrLUjzU9Dxh0JkREAQk&google_cver=1&google_push=AXcoOmST6AZ7L8zuj_m0azuuJ7QubLXjm_z5rh4Tta1M_czhucJlQn8D8kmuHYdJZzju5uC7JSXmNimZHTApn9sr-kpuO...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmST6AZ7L8zuj_m0azuuJ7QubLXjm_z5rh4Tta1M_czhucJlQn8D8kmuHYdJZzju5uC7JSXmNimZHTApn9sr-kpuO99NSXGV

0
0

GET

pixel
cm.g.doubleclick.net/ Frame CFBF
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQWty...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-lqVQ_WdwpTYEUw9FpYyhdFOgK0awIDkhKA70hQ&google_push=AXcoOmQWtyprwiVNi105LOBTebLvWgkTnzErw0nJOUfdz7nKaFoXVcdiSDIIEbah1z4NW4dGbQZwwd-rLuuH...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame CFBF
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQdG1SW0Mm4RrzBkFil3CogzUksASE1U8W6-21ZWRUcJZsGfLHcK7jcqyfyEeFps6Owuh9S2guD7S...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQdG1SW0Mm4RrzBkFil3CogzUksASE1U8W6-21ZWRUcJZsGfLHcK7jcqyfyEeFps6Owuh9S2guD7SiS856SSZYV9QeqBeo&google_hm=45e33816-6768-4934-802...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame CFBF
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQgDJvXL_R944rZLGis8JI8upr7jQUYEloDHtkM1uyza6K6NUh2zt2reR5dSiuvMbQgXCKr2taya8nRyVaqyY1u_fNo3t4&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-7542592c-1926-46fd-ad1d-2c5e41b4500e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQgDJvXL_R944rZLGis8...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQgDJvXL_R944rZLGis8JI8upr7jQUYEloDHtkM1uyza6K6NUh2zt2reR5dSiuvMbQgXCKr2taya8nRyVaqyY1u_fNo3t4&google_hm=A3VCWSwZJkb9rR0sXkG0UA4

0
0

GET

pixel
cm.g.doubleclick.net/ Frame CFBF
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGKjrsYcU5y2zsXq78KwJXw&google_cver=1&google_push=AXcoOmRtoG-YAXRpRP17zTMpnLw6XnPI8A8F6iN7hu3UgTDaabaPH0dhrUTpVmOcr-6L3IiJmlkoEKRE8MXV1x7Dl2Iv5vLMwRSW
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk1OTU0NzU2ODM3MjA4ODIyMjUy&google_push=AXcoOmRtoG-YAXRpRP17zTMpnLw6XnPI8A8F6iN7hu3UgTDaabaPH0dhrUTpVmOc...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame CFBF
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEH4Wrk9vFcJ_s4bE-L7lejc&google_cver=1&google_push=AXcoOmQUUQKEyVKKBvseus0F_yymDs9xt6mTj-i5Xh_K73s0h6ByfiEbo8IqEesExxFBvI7JAquqYhV4-yP...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi8v3BWQqLMpQrzeNTs1Ye42NfK7oQoxQqA&google_push=AXcoOmQUUQKEyVKKBvseus0F_yymDs9xt6mTj-i5Xh_K73s0h6ByfiEbo8IqEesExxFBvI7JAquqYhV4-y...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CFBF 0
40 B 376ms
374ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Irg_YzslFmmRXec1LTq5hjn1siAPfhXQHz-AwlOvNBZAS3QjvfosLArLAd3_ri3E5f-XNX3Q

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 64F8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32ef099ce9fdbb10be24996446365d8b2fcb0cc896e0e2f4170b969095798eba

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B61E
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEB27WBbC6lD_LKQ6J07Zt_s&google_cver=1&google_push=AXcoOmRroCSgQTX5zwpPrRquYjkP0iZvM_n2zHZaCheB09aeJrig1ahuyRtMSP61vAhhCuyQrzvLxQeJTaqSHryemI0zlB01mfGrRQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B21E19D074A64BA496E7CBBE5241FE74&google_push=AXcoOmRroCSgQTX5zwpPrRquYjkP0iZvM_n2zHZaCheB09aeJrig1ahuyRtMSP61vAhhCuyQrzvLxQeJTaqSHry...

170 B
188 B

1787ms
1784ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B21E19D074A64BA496E7CBBE5241FE74&google_push=AXcoOmRroCSgQTX5zwpPrRquYjkP0iZvM_n2zHZaCheB09aeJrig1ahuyRtMSP61vAhhCuyQrzvLxQeJTaqSHryemI0zlB01mfGrRQ

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 14 Nov 2023 03:54:05 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B21E19D074A64BA496E7CBBE5241FE74&google_push=AXcoOmRroCSgQTX5zwpPrRquYjkP0iZvM_n2zHZaCheB09aeJrig1ahuyRtMSP61vAhhCuyQrzvLxQeJTaqSHryemI0zlB01mfGrRQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 13 Nov 2023 03:54:05 GMT

GET

pixel
cm.g.doubleclick.net/ Frame B61E
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENW2LuUOeLtri2cfG748aJQ&google_cver=1&google_push=AXcoOmQLIlKEbsLIQQEXdSEH6Paa_pozpbP8VOVB0B4oCMHQBq5Z_JzHOag_XN95YP8R_rloT8waaHIteuToQ7IsJbqd...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENW2LuUOeLtri2cfG748aJQ&google_cver=1&google_push=AXcoOmQLIlKEbsLIQQEXdSEH6Paa_pozpbP8VOVB0B4oCMHQBq5Z_JzHOag_XN95YP8R_rloT8waaHIteuToQ7...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQLIlKEbsLIQQEXdSEH6Paa_pozpbP8VOVB0B4oCMHQBq5Z_JzHOag_XN95YP8R_rloT8waaHIteuToQ7IsJbqdgUgz1Eumng&google_hm=HDCQVU2GSqKEaLdqv5ypNQ==

0
0

GET

pixel
cm.g.doubleclick.net/ Frame B61E
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEOru4RPDbZ2M2wlmPrXjEWk&google_cver=1&google_push=AXcoOmSzQN0FvSH93NOotdN04LcJvSSeYkjF9isEoYizJn53tJlkQ3sqwJePGJNf81C9FTNQHWl9SoZ_-MfOloJawtZr7NUMBKQt
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSzQN0FvSH93NOotdN04LcJvSSeYkjF9isEoYizJn53tJlkQ3sqwJePGJNf81C9FTNQHWl9SoZ_-MfOloJawtZr7NUMBKQt&google_hm=M0ZpWjRwcGpqTHBVSnl1...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame B61E
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQFjWkEJk4DIht83A3I5-7V7KVBma_UdBUPDifkPMrf8EU2c8M6SI8BFi7ZZrK2uKinnYuO0bsWzUtbq-PVHVV006fw3ud4tQ&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-ff666fc9-9e51-4ab4-8232-e75f66648025-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQFjWkEJk4DIht83A3I5...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQFjWkEJk4DIht83A3I5-7V7KVBma_UdBUPDifkPMrf8EU2c8M6SI8BFi7ZZrK2uKinnYuO0bsWzUtbq-PVHVV006fw3ud4tQ&google_hm=A_9mb8meUUq0gjLnX2ZkgCU

0
0

GET

pixel
cm.g.doubleclick.net/ Frame B61E
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESENDVyt-jr9Jo1erqLbHAGck&google_cver=1&google_push=AXcoOmQZJAEAOxSQ4PptbyH4_zGzEP2H-74h0MYpC2e7hAvgpJ3BVspQEAuzCfGUe12T5trYuLaQyjXZRMdrZgNXiJGXQ8nNp...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyOTM1NjQ1Njg2MjkzMzAwMFYxMA%3d%3d&mn_hm=MzQyOTM1NjQ1Njg2MjkzMzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQZJAEAOxSQ4PptbyH4_zGzEP2...

0
0

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame B61E 0
34 B 371ms
370ms Image
text/plain 52.58.37.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESELa5RAYWWNDi8qXFBppqpu8&google_cver=1&google_push=AXcoOmRsdNhze9sxK49va7bYko9nlOdpJqSd7cNZgJ94psd-5w2V5au0jppGB6B_HYg9q1Hxf7u-JXNr0xZeOGaqmYJOQ6TAKI0tZSY
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.37.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-37-65.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:05 GMT

GET

pixel
cm.g.doubleclick.net/ Frame B61E
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEH4Wrk9vFcJ_s4bE-L7lejc&google_cver=1&google_push=AXcoOmRsMYctX1Kcuxtjdb06pRnS0Gw6DkOXZ4jcuIbLD13jwhLjiHfpGeuduGm1mCDzOXA3nNHwakt4R_q...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi8v3BaXjJNIzanQTqx44fb3-2A6es-4vMQ&google_push=AXcoOmRsMYctX1Kcuxtjdb06pRnS0Gw6DkOXZ4jcuIbLD13jwhLjiHfpGeuduGm1mCDzOXA3nNHwakt4R_...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B61E 0
49 B 380ms
380ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I8NbY1FbLvo0y3umhGJYJGT0OPX7QhesjVyhgJs0ZB66-hyWq1PfQXzXmzBcsqOGKTRq6lYQ8

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C8B5 0
0 183ms
182ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDmLUWu9SZZ-sMYaJx_AP-bKFqAXdkZCSdICr1PzzEa_Mor3AARABINjV2Ctg9eWzgYgEoAHR-ousAsgBAakCKmQVxsbysT7gAgCoAwHIAwiqBPUBT9BtdQ3tmv0qrmK_2OXHJUF6bwKdLpdIyUkjX2mAPCYWb2uZOGNtggFzLXcwCBUuHuRfi_aLoHQK495BRs1eQRoLkbrqDLhyxYvIinbuLiBgyrft_KWbXuherolKQlRGFEGmjnUwYy-SAljC8FsN2c3g-D1_zzKdrw2zzVgGVd6FIAhswuXuLyJBMlrkbaZMZioRXpivboORBDtr13Pd-qnO2ck2BldFxsiOpLe8kyo3hnmn2rIJU-xWzruVTKUJ3bJpNlA59Ay4WrEsmTui5pauLHj-WOS048CkE5u_OK4T185FncTHUCPqmJTurf24gzwRjJXABJHNm9zNBOAEAYgF_-OMr02gBgKAB5eF9NMBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQrdIW0ggUCIBhEAEYHTICigI6AoBASL39wTqaCTFodHRwczovL3d3dy52aXNpdGN5cHJ1cy5jb20vZW4vY2hyaXN0bWFzLXZpbGxhZ2VzgAoDyAsBogwQKg4KDOS0sQLutbECtbixAtoMEQoLEODu_e7UqsL11AESAgED4g0TCJDEjObLwoIDFYbEEQgdeVkBVdgTA9AVAYAXAbIXHgocCAASFHB1Yi05NTE3MTg1MTA2MjgzNjgyGJjbEA&sigh=nEnwsEULJCc&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaNjlossHfyDRcajL7JvkMx6Lq8Qg0YBD4i3j-5Q2d1XHZUtUceCxoY4RWXy67-zaIPdZHZeqJCGAE&cbvp=2
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lcfraa-aa-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame CD56 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 192980a281f2d3aad434e2e8a7a91002ac0cb9402d9e71c74da9c99a6ca2bb67

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET

pixel
cm.g.doubleclick.net/ Frame D598
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEB27WBbC6lD_LKQ6J07Zt_s&google_cver=1&google_push=AXcoOmRUMKFhIyy8maBnXgpziNRZiRbq4wXl7JoLZD3mGmCV9eoZyzsJC-XlzCmGvHW6FY7ZlQYd6pLaoPOEAG47G9P02wLjN5ZDKQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3F2DCF0A817B43E895D550A0AF49F2FA&google_push=AXcoOmRUMKFhIyy8maBnXgpziNRZiRbq4wXl7JoLZD3mGmCV9eoZyzsJC-XlzCmGvHW6FY7ZlQYd6pLaoPOEAG4...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame D598
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRZ6r...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-lqVQ_WdwpTYEUw9FpYyhdFOgK0awIDkhKA70hQ&google_push=AXcoOmRZ6rmLHbUcRSmato5c7QY9IjoTwdnD4-lXAeKv_woanpFPNWPZWwxIgjxOr6Z_M2eDgBWl74wKvOSo...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame D598
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_hm=ZVLvXdOQZHukhhGRsBecegAABLcAAAAB&google_nid=index&google_push=AXcoOmRmzX62k8UGQjEKH6xXxqSYCwsgEKu92...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame D598
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEOru4RPDbZ2M2wlmPrXjEWk&google_cver=1&google_push=AXcoOmT_cRKLosEKh0xLacfR3j6aBJLRRm7AivuhPoYEGCqJFAv0Ls4YLOU6SybYUacc1reZ2JvWdX50WpeftHsFRob1HFvwVjPd-w
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmT_cRKLosEKh0xLacfR3j6aBJLRRm7AivuhPoYEGCqJFAv0Ls4YLOU6SybYUacc1reZ2JvWdX50WpeftHsFRob1HFvwVjPd-w&google_hm=M0ZpWjRwcGpqTHBVSn...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame D598
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGKjrsYcU5y2zsXq78KwJXw&google_cver=1&google_push=AXcoOmSWrfA4_77I6_zRm0TcB_jf0lM1OyV9mzXb9Ytil3k1t6-ez4TIAE6cPkNpBZ4PylGl1j5YSl640cu3fnJv2y61S4dmB3KQ
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk1OTU0NzU2ODM3MjA4ODIyMjUy&google_push=AXcoOmSWrfA4_77I6_zRm0TcB_jf0lM1OyV9mzXb9Ytil3k1t6-ez4TIAE6cPkNp...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame D598
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESENDVyt-jr9Jo1erqLbHAGck&google_cver=1&google_push=AXcoOmRUEJihHRqfMB3wlHowVAFD9d5rNFUZuCpYr503dDUF5VdmEnTF8FxTaBlxpRauuPmfOZVPni65BPJjaBR_oGcOylRU8...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyOTM1NjQ1Njg2Mjk0OTAwMFYxMA%3d%3d&mn_hm=MzQyOTM1NjQ1Njg2Mjk0OTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRUEJihHRqfMB3wlHowVAFD9d5...

0
0

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame D598 0
34 B 397ms
396ms Image
text/plain 52.58.37.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESELa5RAYWWNDi8qXFBppqpu8&google_cver=1&google_push=AXcoOmQOvWYCcQJUm58JNUyNI6tMLcafWUIioeAqaGyPSiW_Qg7zPqRno5OyO8z_hHfUwCcOqQA8OGcDOaqkIHF4fOj8hh5VAL3nz5w
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.37.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-37-65.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:05 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D598 0
49 B 423ms
422ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J1Ir-dddcU3b-mMMtkXL-Cu0CH1HbVIhqnzeyLkM8GKVJwk500WpOsybCGcRibGMXeqe5zeA

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame C6D0 49 B
492 B 286ms
286ms XHR
application/json 18.66.122.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-80.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:06 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: aLnfTg5k1anSxwiKci4CjLrWOPDMj54snujLRrRnhNXJRC4P5-o3EQ==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 418ms
171ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: c4794d49-2832-452a-99b5-bcd74a6ba1fb

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame C6D0 133 B
569 B 471ms
191ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: d059e58c351f0132daf4821428d62d7492588e589b8310b42ec6010b877ce06e

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=9cbc641b3b5ed9f62305a3c7078c327ba9a85380b8e654e2e097a2e92578ff23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 9b680498bc00fc3589934c61a636dbc2d6971c5b22f915e42e3ec0c6b3aed9d9
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035405Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: d5899c43-6e41-d571-8845-6dddda95f77a
Content-Length: 133
x-amz-id-2: CoeA+s3OHGda1vKJ6cC0ciKe0srSSI0FJB+Oloz1drrpO5uxY1lRy6b/99f90sJ6oEVxuk0NBLzLAkOYyuBvM8EmBDFGWztq
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame 1006 0
0 850ms
850ms Document
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Tue, 14 Nov 2023 03:54:05 GMT
pragma: no-cache

GET
H2 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js_a/desktop/ Frame C6D0 208 KB
64 KB 1328ms
1026ms XHR
application/javascript 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js_a/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: M..2uk1oytKXIiwyOT2pb17QwmooKg.V
content-encoding: gzip
via: 1.1 ed149c4696419c0643fab13e9539b16c.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 10:00:04 GMT
x-amz-cf-pop: FRA60-P5
age: 75473
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:39 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: Myz5ylQmp5AkGzMqRWKguwH_4yzvew-z1gqz-1gj2f1LzPVCHg_sBw==

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 7003 43 B
855 B 123ms
123ms Image
image/gif 67.220.228.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=81a53010-8b0a-49aa-889a-6006d15167c2&id=3FiZ4ppjjLpUJyu5Gwoh

Requested by

Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Nov 2023 03:54:05 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EM7QQNKBET6QRJMZA028
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET pixel
cm.g.doubleclick.net/ Frame 7003 0
0

GET

sync
ads.yieldmo.com/v000/ Frame 7003
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=
https://ads.yieldmo.com/v000/sync?userid=0fRreYpNWgjc&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0

0
0

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 7003
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3FiZ4ppjjLpUJyu5Gwoh
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3FiZ4ppjjLpUJyu5Gwoh

95 B
437 B

119ms
108ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3FiZ4ppjjLpUJyu5Gwoh

Requested by

Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Tue, 14 Nov 2023 03:54:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3FiZ4ppjjLpUJyu5Gwoh
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET

sync
ads.yieldmo.com/ Frame 7003
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo
https://ads.yieldmo.com/sync?pn_id=rc&id=LOXSU8S0-1-A8KT

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 7003
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDJGODVCQjktQUU0MC00MkJGLThFMTAtNTI3NDhGMzAwMDg2&gdpr=-1&gdpr_consent=

0
0

GET

sync
ads.yieldmo.com/v000/ Frame 7003
Redirect Chain

https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fuserid%3D%24UID%26pn_id%3Dan
https://ads.yieldmo.com/v000/sync?userid=8149008930017261356&pn_id=an

0
0

GET pixel
cm.g.doubleclick.net/ Frame 7003 0
0

GET

sync
ups.analytics.yahoo.com/ups/58529/ Frame 7003
Redirect Chain

https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3FiZ4ppjjLpUJyu5Gwoh&redir=true
https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3FiZ4ppjjLpUJyu5Gwoh&redir=true&verify=true

0
0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7003 70 B
148 B 118ms
114ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3FiZ4ppjjLpUJyu5Gwoh
Requested by: Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:05 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET

cs
ad.turn.com/r/ Frame 7003
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
https://ad.turn.com/r/cs?pid=45&rndcb=5311750456

0
0

GET current
yieldmo-match.dotomi.com/match/bounce/ Frame 7003 0
0

GET cookiesync
bttrack.com/pixel/ Frame 7003 0
0

GET sync
sync.srv.stackadapt.com/ Frame 7003 0
0

GET

sync
sync-openx.ads.yieldmo.com/ Frame 7003
Redirect Chain

https://u.openx.net/w/1.0/cm?id=d4c5257e-828d-4b73-90b8-97929e02d6c9&r=https%3A%2F%2Fsync-openx.ads.yieldmo.com%2Fsync%3Fpn_id%3Dopenx%26id%3D
https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=c321ab4b-58a2-09c9-1aac-777b11273f60

0
0

GET CookieSyncYieldMo
rtb.adentifi.com/ Frame 7003 0
0

GET

sync
ads.yieldmo.com/v000/ Frame 7003
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40
https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=83f2cad0-9bea-4d6b-9a29-02ed6bc04996

0
0

GET

p-zLwwakwy-hZw3.gif
cms.quantserve.com/pixel/ Frame 7003
Redirect Chain

https://x.bidswitch.net/sync?ssp=yieldmo
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=yieldmo&gdpr=&gdpr_consent=

0
0

GET 26980
stags.bluekai.com/site/ Frame 7003 0
0

GET sync
ssbsync.smartadserver.com/api/ Frame 7003 0
0

GET g.pixel
aa.agkn.com/adscores/ Frame 7003 0
0

GET yieldmo
cs.admanmedia.com/sync/ Frame 7003 0
0

GET

sync
sync-adform.ads.yieldmo.com/ Frame 7003
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1283
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=5759223980947758559

0
0

GET /
b1sync.zemanta.com/usersync/yieldmo/ Frame 7003 0
0

GET psync
xsync.iqzone.com/ Frame 7003 0
0

GET cksync.php
contextual.media.net/ Frame 7003 0
0

GET 397286.gif
idsync.rlcdn.com/ Frame 7003 0
0

GET sync
rtb.mfadsrvr.com/ Frame 7003 0
0

GET mo
match.prod.bidr.io/cookie-sync/ Frame 7003 0
0

GET /
csync.loopme.me/ Frame 7003 0
0

GET pixel
cm.g.doubleclick.net/ Frame 7003 0
0

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 8B42 133 B
569 B 608ms
257ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: 6b177bcbbeaac486dd8c2c6de04b997fbc904f10b2193151f0d0ac6b6d27a422

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=65b030e1a4d73fd2f3c2522def27652720480d912826cd52ad7d53968da5ea06
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: aa24f9043131b47beb7971569b0f5cc617c60b7545e19f84b30488df1033770b
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035405Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: debabcb4-ad63-5894-8376-4d2a6f344b3e
Content-Length: 133
x-amz-id-2: Ge2juyi3sBn/KLC0mfQ2L9tbWsoE7Feq/7YKWszmU96Uw1TW7R9HZuwyGgaX4220RyNlpeXnT9XpN9iv4RvgowD55Or3ckDq
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 378ms
308ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: fe2f8c5c-df04-86aa-a3e3-7dc28347c506

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame CF2F 49 B
492 B 367ms
367ms XHR
application/json 18.66.122.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-80.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:06 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: 1KsOntRZyenY70Ry6HOxMpznMKzdsyoprpdsCdY2s_OyQLPnDtmSXw==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 480ms
230ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: f10abab7-10b0-021e-acc6-4b2957a067f5

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame CF2F 133 B
569 B 474ms
257ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: 2e8e8960170c7d85b86e47f1c026b928415b1265b18d4cc823dc89ca84b5c351

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=9896e330ada1932dfc32f98e7c9c4adfbe5eacea07935b4531b7137d61f2b93a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: a476da0b7238cbea2b83bf968afa0483851ef311aa07a79b38b0c65f7a8d8780
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035405Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: d0f7685b-a1b7-5089-8d3b-99c5c3eeb458
Content-Length: 133
x-amz-id-2: jEK27Z2EZj1KdVEYF7TZO1GiXByIEQNfRJ7ZkPFp8UHPsMq4tp0pu6HKw9ctDUKldRF9aJ3FlY7KnBYI18PPTrTEifVs4ztW
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame B900 0
0 779ms
779ms Document
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Tue, 14 Nov 2023 03:54:05 GMT
pragma: no-cache

GET
H2 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js/desktop/ Frame CF2F 208 KB
64 KB 1017ms
1016ms XHR
application/javascript 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding: gzip
via: 1.1 ed149c4696419c0643fab13e9539b16c.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 10:23:12 GMT
x-amz-cf-pop: FRA60-P5
age: 70760
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:36 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: DKV3kzn6l1oJWcCF9aXvXc413XJ_wo1SavBWVojZE4nxW0Dpy4wPSA==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 471ms
229ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: d439dea8-5a54-bd8d-89f5-2f369803ae27

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame CF2F 133 B
569 B 474ms
258ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: 951a43718c86a59965bf83876373339a1abdc806041408e7695546b6591666cb

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=9d734d36fad44dcf382d99c9cdd19cadea5543f005df695fd9745e4f2309d984
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: adec0352f0b006b61ecfff3416586c872323a63d4f55a15da213996413a04d24
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035405Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: e37c6592-64ae-f7c1-beb0-940cd07ad5ca
Content-Length: 133
x-amz-id-2: x1hUNyTFBNl8PFwmsKgFjIUKOuIyqOWzqi5h7kHt8TTIdnqelUFRouLNUSWT8plYBukI4BgVoSPWkbM+Z3+KMoMSE5c/SbXa
Content-Type: application/x-amz-json-1.1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 9543 70 B
148 B 121ms
120ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3FiZ4ppjjLpUJyu5Gwoh
Requested by: Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:05 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 9543
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3FiZ4ppjjLpUJyu5Gwoh
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3FiZ4ppjjLpUJyu5Gwoh

95 B
426 B

119ms
108ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3FiZ4ppjjLpUJyu5Gwoh

Requested by

Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Tue, 14 Nov 2023 03:54:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3FiZ4ppjjLpUJyu5Gwoh
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET

sync
ads.yieldmo.com/ Frame 9543
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo
https://ads.yieldmo.com/sync?pn_id=rc&id=LOXSU8V8-5-D4M1

0
0

GET pixel
cm.g.doubleclick.net/ Frame 9543 0
0

GET

sync
ads.yieldmo.com/v000/ Frame 9543
Redirect Chain

https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fuserid%3D%24UID%26pn_id%3Dan
https://ads.yieldmo.com/v000/sync?userid=8149008930017261356&pn_id=an

0
0

GET pixel
cm.g.doubleclick.net/ Frame 9543 0
0

GET

pixel
cm.g.doubleclick.net/ Frame 9543
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0QwOTgxNEEtNDMyOC00MTU4LTlDQTQtRjk2NTM4MzNBQTg0&gdpr=-1&gdpr_consent=

0
0

GET

cs
ad.turn.com/r/ Frame 9543
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
https://ad.turn.com/r/cs?pid=45&rndcb=1309583805

0
0

GET

sync
ads.yieldmo.com/v000/ Frame 9543
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=
https://ads.yieldmo.com/v000/sync?userid=BxVZ4MqfSNQh&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0

0
0

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 9543 43 B
855 B 200ms
183ms Image
image/gif 67.220.228.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=81a53010-8b0a-49aa-889a-6006d15167c2&id=3FiZ4ppjjLpUJyu5Gwoh

Requested by

Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Nov 2023 03:54:06 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VBEGDAJPYNPX6HKJXZJY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET

sync
ups.analytics.yahoo.com/ups/58824/ Frame 9543
Redirect Chain

https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3FiZ4ppjjLpUJyu5Gwoh&redir=true
https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3FiZ4ppjjLpUJyu5Gwoh&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58259&ovsid=3FiZ4ppjjLpUJyu5Gwoh&redir=true

0
0

GET cookiesync
bttrack.com/pixel/ Frame 9543 0
0

GET

sync
ads.yieldmo.com/v000/ Frame 9543
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40
https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=83f2cad0-9bea-4d6b-9a29-02ed6bc04996

0
0

GET

sync
sync-openx.ads.yieldmo.com/ Frame 9543
Redirect Chain

https://u.openx.net/w/1.0/cm?id=d4c5257e-828d-4b73-90b8-97929e02d6c9&r=https%3A%2F%2Fsync-openx.ads.yieldmo.com%2Fsync%3Fpn_id%3Dopenx%26id%3D
https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=c321ab4b-58a2-09c9-1aac-777b11273f60

0
0

GET CookieSyncYieldMo
rtb.adentifi.com/ Frame 9543 0
0

GET sync
sync.srv.stackadapt.com/ Frame 9543 0
0

GET current
yieldmo-match.dotomi.com/match/bounce/ Frame 9543 0
0

GET

sync
dsp.nrich.ai/bidswitch/ Frame 9543
Redirect Chain

https://x.bidswitch.net/sync?ssp=yieldmo
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=yieldmo&bsw_custom_parameter=3e7dd619-7616-45f6-96dc-b4246ca24458&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

0
0

GET

sync
sync-adform.ads.yieldmo.com/ Frame 9543
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1283
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=5759223980947758559

0
0

GET psync
xsync.iqzone.com/ Frame 9543 0
0

GET /
csync.loopme.me/ Frame 9543 0
0

GET mo
match.prod.bidr.io/cookie-sync/ Frame 9543 0
0

GET pixel
cm.g.doubleclick.net/ Frame 9543 0
0

GET sync
rtb.mfadsrvr.com/ Frame 9543 0
0

GET /
b1sync.zemanta.com/usersync/yieldmo/ Frame 9543 0
0

GET sync
ssbsync.smartadserver.com/api/ Frame 9543 0
0

GET 26980
stags.bluekai.com/site/ Frame 9543 0
0

GET cksync.php
contextual.media.net/ Frame 9543 0
0

GET 397286.gif
idsync.rlcdn.com/ Frame 9543 0
0

GET g.pixel
aa.agkn.com/adscores/ Frame 9543 0
0

GET yieldmo
cs.admanmedia.com/sync/ Frame 9543 0
0

GET pixel
cm.g.doubleclick.net/ Frame 4375 0
0

GET

pixel
cm.g.doubleclick.net/ Frame 4375
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDMxNUE1NUUtQjg3Qi00NzNBLThDNzEtNzYyNDA4RjEyMURC&gdpr=-1&gdpr_consent=

0
0

GET

sync
ads.yieldmo.com/v000/ Frame 4375
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=
https://ads.yieldmo.com/v000/sync?userid=ccOGRsGmkMiy&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0

0
0

GET

sync
ads.yieldmo.com/v000/ Frame 4375
Redirect Chain

https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fuserid%3D%24UID%26pn_id%3Dan
https://ads.yieldmo.com/v000/sync?userid=8149008930017261356&pn_id=an

0
0

GET

cs
ad.turn.com/r/ Frame 4375
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
https://ad.turn.com/r/cs?pid=45&rndcb=1858563272

0
0

GET pixel
cm.g.doubleclick.net/ Frame 4375 0
0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4375 70 B
148 B 164ms
158ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3FiZ4ppjjLpUJyu5Gwoh
Requested by: Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:06 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET

sync
ads.yieldmo.com/ Frame 4375
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo
https://ads.yieldmo.com/sync?pn_id=rc&id=LOXSU8VA-X-AF3C

0
0

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 4375 43 B
855 B 300ms
114ms Image
image/gif 67.220.228.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=81a53010-8b0a-49aa-889a-6006d15167c2&id=3FiZ4ppjjLpUJyu5Gwoh

Requested by

Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Nov 2023 03:54:06 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Y8MQXJ51BRNGGDJV0DF9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 4375
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3FiZ4ppjjLpUJyu5Gwoh
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3FiZ4ppjjLpUJyu5Gwoh

95 B
426 B

243ms
232ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3FiZ4ppjjLpUJyu5Gwoh

Requested by

Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Tue, 14 Nov 2023 03:54:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3FiZ4ppjjLpUJyu5Gwoh
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET

sync
ups.analytics.yahoo.com/ups/58529/ Frame 4375
Redirect Chain

https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3FiZ4ppjjLpUJyu5Gwoh&redir=true
https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3FiZ4ppjjLpUJyu5Gwoh&redir=true&verify=true

0
0

GET cookiesync
bttrack.com/pixel/ Frame 4375 0
0

GET sync
sync.srv.stackadapt.com/ Frame 4375 0
0

GET

sync
ads.yieldmo.com/v000/ Frame 4375
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40
https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=83f2cad0-9bea-4d6b-9a29-02ed6bc04996

0
0

GET CookieSyncYieldMo
rtb.adentifi.com/ Frame 4375 0
0

GET

sync
sync-openx.ads.yieldmo.com/ Frame 4375
Redirect Chain

https://u.openx.net/w/1.0/cm?id=d4c5257e-828d-4b73-90b8-97929e02d6c9&r=https%3A%2F%2Fsync-openx.ads.yieldmo.com%2Fsync%3Fpn_id%3Dopenx%26id%3D
https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=c321ab4b-58a2-09c9-1aac-777b11273f60

0
0

GET current
yieldmo-match.dotomi.com/match/bounce/ Frame 4375 0
0

GET

sync
u.ipw.metadsp.co.uk/ Frame 4375
Redirect Chain

https://x.bidswitch.net/sync?ssp=yieldmo
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=yieldmo&bsw_user_id=${BSW_USER_UD}&bsw_param=1c309055-4d86-4aa2-8468-b76abf9ca935&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

0
0

GET psync
xsync.iqzone.com/ Frame 4375 0
0

GET cksync.php
contextual.media.net/ Frame 4375 0
0

GET sync
rtb.mfadsrvr.com/ Frame 4375 0
0

GET /
csync.loopme.me/ Frame 4375 0
0

GET 397286.gif
idsync.rlcdn.com/ Frame 4375 0
0

GET pixel
cm.g.doubleclick.net/ Frame 4375 0
0

GET /
b1sync.zemanta.com/usersync/yieldmo/ Frame 4375 0
0

GET mo
match.prod.bidr.io/cookie-sync/ Frame 4375 0
0

GET sync
ssbsync.smartadserver.com/api/ Frame 4375 0
0

GET

sync
sync-adform.ads.yieldmo.com/ Frame 4375
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1283
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=5759223980947758559

0
0

GET g.pixel
aa.agkn.com/adscores/ Frame 4375 0
0

GET 26980
stags.bluekai.com/site/ Frame 4375 0
0

GET yieldmo
cs.admanmedia.com/sync/ Frame 4375 0
0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 158ms
156ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7BR5TDFFPC&gtm=45je3b81v9135293448&_p=1699934038948&gcd=11l1l1l1l1&dma=0&cid=1651993066.1699934040&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&ngs=1&sid=1699934039&sct=1&seg=0&dl=https%3A%2F%2Ffolkd.com%2F&dt=Folkd%20%7C%20Home&_s=2&tfd=7455
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7BR5TDFFPC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://folkd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame 070E 49 B
498 B 354ms
353ms XHR
application/json 18.66.122.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-80.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:06 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 1
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: rMAqZcm6SLNDTj2dyWD7ZrIJExfFNoHxrh6PziwbfJe13pQgnHnC8g==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 467ms
246ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: c84d96b0-794f-957d-9581-672e250cd6d1

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 070E 133 B
569 B 740ms
381ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: ad5d36852bac550e2de6fd395457f8d619bb79463f4794a79802cae51fc18519

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=74cb8c2ff5403d6cb6767cc33716a7c0d55a5008b0b4056e1f48057c94076080
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 64cc1c14617444880576d73983e06031db50c52f6e417d1b15ccb088b60263da
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035406Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:07 GMT
x-amzn-RequestId: fb55444a-2c7b-e4e2-a699-b5d56b6b8109
Content-Length: 133
x-amz-id-2: PVnfuVM+wj5KzfomtTQhfhfA1vqSOmJqr1t3SEC6fEIutTk2/o57hw8bPvA47Z5DsfteyyA8KaQwgRjmfRqYszm0Eje2rIiC
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame 90E4 0
0 888ms
888ms Document
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Tue, 14 Nov 2023 03:54:06 GMT
pragma: no-cache

GET
H2 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js_b/desktop/ Frame 070E 208 KB
64 KB 1132ms
1132ms XHR
application/javascript 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js_b/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: YQ_PAHjHhR2k9ZZbM2TmYlKb5Z2N6Pg_
content-encoding: gzip
via: 1.1 ed149c4696419c0643fab13e9539b16c.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 15:29:37 GMT
x-amz-cf-pop: FRA60-P5
age: 44671
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:37 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: EARB_VEkCHL0C2I6YRMF4P2MTnR83S00bQDNUlBeYmcj8cIStYWK1g==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame C6D0 133 B
569 B 520ms
255ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: 66cf41a043410ebb249810ba87bf27b707cb43eb97955ccb57a2e066eeefb43c

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=39560da06f6bf73851f8d0c1baaa369da8b7da21822c85e4d416ff64e99abd91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 01bc4228bd807950d0201942e065ecf2674d3075aa390606fe9d3d51e2f463e1
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035406Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: c0894b9b-91af-f666-9d45-ba05a1b539ac
Content-Length: 133
x-amz-id-2: SsZX/8+SuBGe99rcg8vSfcKwQYfRn2dkkR1u30yAMM3ry8l/IlKw12JnanM8TRR5NRhG0V7ZJ3V/AnYVXF10EAT05bXL4tgt
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 486ms
194ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: d87ce0ca-dfc6-e2b3-85b0-115498d68758

GET

sync
sync-pm.ads.yieldmo.com/ Frame 950C
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
https://image4.pubmatic.com/AdServer/SPug?p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D4A05665F-430E-4B47-8C66-B32560E08997%26gdpr%3D-1%26gdpr_consent%3D
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=4A05665F-430E-4B47-8C66-B32560E08997&gdpr=-1&gdpr_consent=

0
0

GET
H2 200 receive
pixel.tapad.com/idsync/ex/ Frame 950C 95 B
426 B 348ms
348ms Image
image/png 34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3FiZ4ppjjLpUJyu5Gwoh

Requested by

Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

GET pixel
cm.g.doubleclick.net/ Frame 950C 0
0

GET

sync
ads.yieldmo.com/v000/ Frame 950C
Redirect Chain

https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
https://ads.yieldmo.com/v000/sync?userid=8149008930017261356&pn_id=an

0
0

GET

sync
ads.yieldmo.com/ Frame 950C
Redirect Chain

https://pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo
https://ads.yieldmo.com/sync?pn_id=rc&id=LOXSU8ZL-17-70VY

0
0

GET

sync
ups.analytics.yahoo.com/ups/58824/ Frame 950C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3FiZ4ppjjLpUJyu5Gwoh&redir=true
https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3FiZ4ppjjLpUJyu5Gwoh&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58259&ovsid=3FiZ4ppjjLpUJyu5Gwoh&redir=true

0
0

GET

cs
ad.turn.com/r/ Frame 950C
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
https://ad.turn.com/r/cs?pid=45&rndcb=7246214971

0
0

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 950C 43 B
855 B 233ms
128ms Image
image/gif 67.220.228.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=81a53010-8b0a-49aa-889a-6006d15167c2&id=3FiZ4ppjjLpUJyu5Gwoh

Requested by

Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.228.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Nov 2023 03:54:06 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9T70BREN5ZXEX0P3KCKG
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET

sync
ads.yieldmo.com/v000/ Frame 950C
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=
https://ads.yieldmo.com/v000/sync?userid=0fRreYpNWgjc&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0

0
0

GET pixel
cm.g.doubleclick.net/ Frame 950C 0
0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 950C 70 B
148 B 102ms
95ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3FiZ4ppjjLpUJyu5Gwoh
Requested by: Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:06 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET

sync
ads.yieldmo.com/v000/ Frame 950C
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40
https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=83f2cad0-9bea-4d6b-9a29-02ed6bc04996

0
0

GET CookieSyncYieldMo
rtb.adentifi.com/ Frame 950C 0
0

GET

current
yieldmo-match.dotomi.com/match/bounce/ Frame 950C
Redirect Chain

https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1
https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=2c5583f31e6a16e4&is_secure=true&networkId=42851&version=1

0
0

GET sync
sync.srv.stackadapt.com/ Frame 950C 0
0

GET

sync
x.bidswitch.net/ Frame 950C
Redirect Chain

https://x.bidswitch.net/sync?ssp=yieldmo
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=yieldmo&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=yieldmo&gdpr=0&user_id=2ieEE4l0hETBdoMUiiqcQIkjiRPBKtBE3yQw3gdn

0
0

GET

sync
sync-openx.ads.yieldmo.com/ Frame 950C
Redirect Chain

https://u.openx.net/w/1.0/cm?id=d4c5257e-828d-4b73-90b8-97929e02d6c9&r=https%3A%2F%2Fsync-openx.ads.yieldmo.com%2Fsync%3Fpn_id%3Dopenx%26id%3D
https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=c321ab4b-58a2-09c9-1aac-777b11273f60

0
0

GET cookiesync
bttrack.com/pixel/ Frame 950C 0
0

GET

sync
ads.yieldmo.com/ Frame 950C
Redirect Chain

https://csync.loopme.me/?pubid=11479&redirect=https%3A%2F%2Fads.yieldmo.com%2Fsync%3Fpn_id%3Dloopme%26id%3D%7Bviewer_token%7D
https://ads.yieldmo.com/sync?pn_id=loopme&id=d24b8f70-bf83-486f-975d-4e86f4a15cf9

0
0

GET sync
rtb.mfadsrvr.com/ Frame 950C 0
0

GET

sync
ads.yieldmo.com/v000/ Frame 950C
Redirect Chain

https://contextual.media.net/cksync.php?cs=3&type=yld&ovsid=setstatuscode&redirect=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dmnt%26userid%3D%3Cvsid%3E
https://ads.yieldmo.com/v000/sync?pn_id=mnt&userid=0000EEA

0
0

GET

sync
sync-adform.ads.yieldmo.com/ Frame 950C
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1283
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=5759223980947758559

0
0

GET
H2 200 26980
stags.bluekai.com/site/ Frame 950C 62 B
442 B 875ms
499ms Image
image/gif 2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/26980?limit=0&id=3FiZ4ppjjLpUJyu5Gwoh
Requested by: Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 14 Nov 2023 03:54:06 GMT
content-length: 62
content-type: image/gif

GET

sync
sync-eq.ads.yieldmo.com/ Frame 950C
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=71&gdpr=0&gdpr_consent=
https://sync-eq.ads.yieldmo.com/sync?pn_id=eq&id=6175204657591028361&gdpr=0&gdpr_consent=

0
0

GET

sync
ads.yieldmo.com/v000/ Frame 950C
Redirect Chain

https://b1sync.zemanta.com/usersync/yieldmo/?cb=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dz%26userid%3D__ZUID__
https://ads.yieldmo.com/v000/sync?pn_id=z&userid=

0
0

GET pixel
cm.g.doubleclick.net/ Frame 950C 0
0

GET psync
xsync.iqzone.com/ Frame 950C 0
0

GET yieldmo
cs.admanmedia.com/sync/ Frame 950C 0
0

GET 397286.gif
idsync.rlcdn.com/ Frame 950C 0
0

GET g.pixel
aa.agkn.com/adscores/ Frame 950C 0
0

GET mo
match.prod.bidr.io/cookie-sync/ Frame 950C 0
0

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame 64F8 49 B
496 B 255ms
255ms XHR
application/json 18.66.122.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-80.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:06 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 1
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: o9GV_P8io9Pn4r02UuR83x0ny_92IZ4993wlbo1MdBc_A4sX4k6Ogw==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 650ms
257ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: f7caf2f2-ce39-d6ed-aa06-036c8929b306

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 64F8 133 B
569 B 257ms
254ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: 5bcdcfd85c784a73e88b9ee533d05ebac61ca7ff9daa0db56df831bdea06b912

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=7dd3f8fe603371aa7a0b181a61c1c7b72c640bd8659eca39dedd42524e5ea7b8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 5d68b1ffc092ab21332a587ab091de2f76fc7526a4a8a649cb15573c5b9b236c
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035406Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: efad0b37-ef1e-40b7-b261-faa95bca62bc
Content-Length: 133
x-amz-id-2: 1oqlh2wHmpAjXCW1nsKM5Rr4KLVOd4Lnj7mkBsvzy8Y73HU1v7r0UEPDokciv5FXwJzNiHop+l2GJ1sP+VjglCEHqgT13j7o
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame A7FF 0
0 1282ms
1282ms Document
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Tue, 14 Nov 2023 03:54:06 GMT
pragma: no-cache

GET
H2 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js/desktop/ Frame 64F8 208 KB
64 KB 1082ms
1082ms XHR
application/javascript 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding: gzip
via: 1.1 ed149c4696419c0643fab13e9539b16c.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 10:23:12 GMT
x-amz-cf-pop: FRA60-P5
age: 70761
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:36 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: JD1dJVpvGt0CBChW68taT34xNb9mjC8IdXgkAAc3M5dx6nvRV-U-cg==

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame CD56 49 B
498 B 170ms
169ms XHR
application/json 18.66.122.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-80.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:06 GMT
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 1
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: l4AcjJ5spjRMuAzAq9jTWC76rDLSlDjm7158kNJV3d8Hm6MNgS5OGg==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 410ms
258ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: ccf6de53-ff93-d2f5-913a-2fcdcf891d3f

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame CD56 133 B
569 B 311ms
258ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: e5a7c296feddf844007e98a9b36c02bc775fd3c1664dfb24592e019fd435039f

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=58db3ff19fd9431c32944764a930a3d5cf44fcdd7e9a907bccf5bc7d86b6b9c9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 008878de01a3c60fb5e529f145e19dd196b876b44a6f5bfac73fd7a3af7a8c02
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035406Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:07 GMT
x-amzn-RequestId: e09a58bb-95ba-8d03-bd56-a924c9f9ceaf
Content-Length: 133
x-amz-id-2: brVnlFYmumARBhhljBwE7FloXdI/oGSJhTP94uoxntsemKDkdTWvfPAbjPSCCCbaROyGQRIxX94qx84+/jeUZK3ky3CfCho5
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame 0B9C 0
0 1077ms
1076ms Document
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Tue, 14 Nov 2023 03:54:06 GMT
pragma: no-cache

GET
H2 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js/desktop/ Frame CD56 208 KB
64 KB 960ms
959ms XHR
application/javascript 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding: gzip
via: 1.1 ed149c4696419c0643fab13e9539b16c.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 10:23:12 GMT
x-amz-cf-pop: FRA60-P5
age: 70761
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:36 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: 7m4KQIudFWLsNgRrWN0oJQNR7I3CRxOQu_IPcfPk-P8DPkY02NrJdA==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 070E 133 B
569 B 450ms
242ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: 82d365ea4963c52e2415f8015d1319c944347504b96ddcfc6478eb2df74cf532

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=1bf0a2f010f0111d564ad4da590c26c1d678babc603658a8ff63f89505397c89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: cda70122ec4daed5d105df630cc547597d22390609b141fc0379ce0520ea640f
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035406Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:07 GMT
x-amzn-RequestId: f24bb922-c8bf-c7b0-af87-48bdaae62361
Content-Length: 133
x-amz-id-2: 4vhtgZ4y0OhlNuRk6C67aD1fODSz43xYBgPxeTEIFKcJyPorZQ2xbvMWRf8UzTcSpfF3z3MGoJQr4zTpubAIo+C4CYfqfdBd
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 430ms
133ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: d61dfe48-b7a8-0bf2-8bd1-0fd6ebeb485e

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 456ms
252ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: d35c4dbb-08bf-7082-8e90-bc25cae86328

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame D493 133 B
569 B 247ms
243ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: bcab1aa1689a2a5ca25a3b3b1cd95d3a9aaaf9c0a3071b4f38816672eeaa0b3f

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=88d408d725103f3dcb6872ada5306c25a9744ac07af99d6ef2b80cc56c2fa425
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 54c74e5976aff44893bd0bc8bded262e6a68b76009bd943df9009e1e28909ca6
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035406Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:07 GMT
x-amzn-RequestId: d34ea37d-c0a3-4cd5-8e82-52e2f0b9831f
Content-Length: 133
x-amz-id-2: mSRL+1/HLlO+cF8IBeD5qPVktZebTQbyscqhjr7EndcnhFu6XEv9YdsdFm8x46eEUPu40prlhm5NXWne37pje+WukBlWD66f
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame D493 0
469 B 983ms
982ms XHR
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=3705549153950893210&plid=2521236318193655889&pvid=3406412728534012548&fmtid=52&e=11&rep_meta=_3aTv21hvbrUUcP6Lpzv1Pbwcj5UuT0GObj0pYazrOmo74N07AP58yOXZES83sh6The4sEcQcKRnWuK1s7bklHtxwOT_e7zxD0mNNmfeUXL94z-HTv_tm_LUFXIp8U5XXM7StP2ClCA14rq27YVhnN_ya3VOWDClnvxL_W_wthRY5lZHmjRvoiMbRkMCooPqlHC4kR9ah9mp3A17qHNLHXlqGpH6vtWKj9ZvUhDNJExTELC7SSw5j_gI1o_QtdbX5D-Yj8SOvs1AANCqD8Uo3UknrRtjRq19sbXWwdQcgjWhtTZT4iiHHefs73QX0ZGw0QaROTYXH6O4GXnL_Ok0ZdOsSfYyOJlARRzmGxUj7xF_BXInbroYzPOu899vBkZEoR4XRvWTGm3MahQukNhjBg8sW29Wrgr17qkpY1v7oCQ&offsetX=380&offsetY=-182.140625&pvt=1699934041285&stime=1699934046690&etime=1699934046691&viewportHeight=1200&viewportWidth=1600&adSlotLeft=1107%2C6&adSlotRight=1107%2C6
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:06 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CC30 21 KB
8 KB 145ms
143ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 03:54:06 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame CC30 42 B
440 B 806ms
287ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C7S66vepdzkQCMcyok7H45AmmqTG6UhttK12gibMmBXnpPYfIg16BtjSPitNdB9QqN1zA3Z5mATMhvMaCu6ZpWh0JAsA&cry=1&dbm_d=AKAmf-C_722W3Uja4pkBtHT8_zMsM9ZHFPG2NC7eKCJkWmDGTX2tYiWuVY9VFQ5B5xGF2skiDZCgTaoWKNlK500jEM-8OvdRjj1Ro9DCWKMrlivJJCo6dWNp6y2ffKZysfvsec3npM0d4wyfdG7faRRAtq6b_Oc_ZtP6VJwNTFSNI7hSIhmcnLq9fMiDRKJpPM05Qv1MhWYXVuPzqOtu66vBA0SLVeH2v8kSjpPyZRUZrMkIJ2IPUK3WX2oc9YvZXoki62yb79rEWh8bYihtr_peOdyly4-wKvdOa1UZ89tLFeMOuZcSqRweSLo0evK2mULvdi_Mgltyq4Yk4l2ktV0OEVobUfUCknvOpIY2JvH_Q9AAB6Z2EDRCRYWiQba2H-AFAF7tFCYwmdOq9_ZJLqQWg92B8JaH9mzMW3BjiIMn9bOrG5QJFFacwoQQOHAQ8eJPTdvFyjTsRFlJ10PK1FuUt_dQdEJvhXy8-DvwxaC5_mClU1T37vVwdL3zZ7hejsNu9l1va-yznO8tRXbiNFPIovOYdbRzZ57pdyNReNfcbkreqlRqzd0YjNNuKXQpqaymv4L0YH7p5YqOrECJXRdrpSgtLfllJaZk2WAsLB3xllkq9BOG0wIqqmkKTH4hMKQGAfTztsXZrqHYDxkoGeGz4Buh8ztlYq41sbon95mve5sNyGiN2bggU_j60jG14hVpWguOaNDYRGKQVL-bVQhZ7SQFAWixcDsAUXygH7oGd8c4zCBYDf7nS8BCRINYQ3Jhr4Jpfy6HZcVS_aYbt6Rwj0jOrSsNjfstOnBTjRUsrpukRKSq3P7ROO3v8XyAEXcTp1IL27Z4jOxTG3ZGKWxjQo82-gHTkQoQd1O_IR6fzItTVSjeVXKeIKBHdISXZf0-fuImyLjrKN0qg5jNWVE5bLnRwUdciBuWPB2I0nhTfd50bgn6XhshpzxYnGyarDwtfShXWRYcouW4KcS7e0nrCGv43MJgVR6Dxcb5htnHBTePFNP2vYocXzr1sow6ijKzBxCOdvyti_012AMqxYUsFCeN93pm10jN_wOJWpFkQ7DJ0XsmwqEGsT_DZtllX5WYypcJPHR0rPgFmqtTJoGVxwX39A3ZraBegcevc4lRm7h1a18iGiBl-0nhwg3dsC0BqMZUua8ODCsJ-gAQt_W-McThYXdVwzzsjRBQoQ-zTfarOZaef9sRFACh7p20ptQ2ozi2JZ7IN3iE4Vcx_HNKOPrIfSELoLwP1il5wUHYlBsbnIjqzjJvOH9oUuScqQBK2S6oQuP8Gt2DjyeDThRYVMHzNor6S87AgoHM56Um-gT0vjOBo2n7KvHKJvvxPa40SU1W3l_SsxLX0IzMJTov0YwOqG1lxCJziZuozb3QpWgd_qB83MZ_hVdIsY3s8Z23uyMcjuRxfIwD6wPXUAVt0IbwV1v5D7OXqD29bBHCaBsVvC6x59agn_O0UFv2t23HzOidL8ZyW9wNkWyvBgcKT0nOO6i5rMIkC4ALXQKXw0NaVo6FEX-T8dl3vDWZ3Dav7tN3VARjKOXOIUPLaeRGMPsqx1IhURG_WCWCRPps-H-TGrbqeKDxqRrTrNAR2T51cwGVkwm9vLMX98kaxBwLRihrJtPqefvzuL35s50avWLEW_NefX1kCkDikgH1bt9-mSRc5c7hnFywIjUjbKmw17Gffsfoq09WeBYyf9FNn7Hnsnqzwbhq9czLWRXw3Q2HfguT6jxk_nHh6WfGsHohozzmlVTsudSXO0HYPlzV1KY8b0Sg0cN0ygBXw-g9I5B2ZvpKitgdDNE2WQynrJo9X5LiwKwWmS_Nfe2tfDycHWb7BpYd-z8NLynZzoGgLSGq6f1SEUdSdCgI02gh8OQTvabmeluGQwSNxa4F1eZWxevHHXEV8oDrVFYE2xnTXYEFZjK2ycAvo7JUl02LQFG0ETARjzWMj22k4OKULsa_BgQNNH-2AtqFDfOQzLx24vYfUa-3ufF6rwHzT6Y2s5iDs3Ae8ge4xyFpkypw9ofnowVzromOmH4SUfZv4u1flF91sJpyIuNGwTtPf2tmCikpo594ZU3bfKzSkEjy45Nq9rRgnOOp9rH-mnDuCJLwTobd5HY44u6crLTo8f_G91nizLdh5tpKRRPRkq9LRj_Yb2zxpj6NYYiliZca9HFfg178dARdtXDT9j7ZAArEajUl3e7Jxnsmcaj_W2BBnF6ye-D0pPfyRsCT3jMeZOX6SsuhR9NUS5qGyjzY59K0CJipavDeDDKRRZlh6X8cj22dQmGfHLXr31aVJYf0db4XwwB_HPTK0OMoATdOgKkvSPomBp_BCNuj6QHDGmgC9nD5fPwIkRWToQi6k7q4CA7_taq9JCr9sj199FkhaJuPQ7bt_U94vj8TOYwLyITrUp1j1lzzM4cC1oAYBW_yZrZswYUpjDHA41XiNDW9O1Fkd6Tdb0jC9f3ouATx1JGhsjaUGugtC3MkZTk&pr=67:0.656837&cid=CAQSMgDICaaN5sK8AYecuErFKW0nPEjKgdhfsNdvhiyTsEUXLZPR3NgO8SOEs9ijbTtfNX0xGAE&dc_exteid=31358248203003149938585848162662309&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame D493 0
340 B 510ms
129ms XHR
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=v&imp=3705549153950893210&plid=2521236318193655889&pvid=3406412728534012548&fmtid=52&offsetX=380&offsetY=-182.140625&pvt=1699934041285&stime=1699934046706&etime=1699934046706&viewportHeight=1200&viewportWidth=1600&adSlotLeft=1107%2C6&adSlotRight=1107%2C6
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:07 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame D493 0
341 B 508ms
129ms XHR
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=fv&imp=3705549153950893210&plid=2521236318193655889&pvid=3406412728534012548&fmtid=52&offsetX=380&offsetY=-182.140625&pvt=1699934041285&stime=1699934046707&etime=1699934046707&viewportHeight=1200&viewportWidth=1600&adSlotLeft=1107%2C6&adSlotRight=1107%2C6
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:07 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 200 ad-choices.svg
static.yieldmo.com/images/ Frame D493 699 B
1 KB 142ms
141ms Image
image/svg+xml 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Mon, 13 Nov 2023 10:41:55 GMT
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 61932
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: private, max-age=86400
x-response-headers-policy: static-yieldmo-com_svg
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: 1z42we8tOZZSIETNq7Elg-jW4h8zNjwNkXRzN34MgiKffheLRV1TdA==

GET
H2 200 17768653065623918536
s0.2mdn.net/simgad/ Frame D493 403 KB
403 KB 919ms
286ms Image
image/jpeg 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17768653065623918536

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

sffe /

Resource Hash

cc1b22f3e61d086a18d61d1385e3d053f4ce0d95766ac760483795354274643b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 21:49:38 GMT
x-content-type-options: nosniff
age: 367469
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 412661
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 12:49:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Nov 2024 21:49:38 GMT

GET
H2 200 13915685206028675079
s0.2mdn.net/simgad/ Frame D493 70 KB
71 KB 806ms
174ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13915685206028675079

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

sffe /

Resource Hash

51a6ca133d5532acd4b48bdb02356a1fa1db32ad440bbaeefed060ebd12a883a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 19:46:30 GMT
x-content-type-options: nosniff
age: 374857
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71950
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 08:35:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Nov 2024 19:46:30 GMT

GET
H2

200

p2
sb.scorecardresearch.com/ Frame D493
Redirect Chain

https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=e4eac496473040b6c9da
https://sb.scorecardresearch.com/p2?c1=8&c2=18969557&ns_ap_it=b&rn=e4eac496473040b6c9da

43 B
300 B

91ms
89ms

Image
image/gif

18.245.60.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=8&c2=18969557&ns_ap_it=b&rn=e4eac496473040b6c9da
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-72.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:07 GMT
via: 1.1 5b17764336ffdab7d2a3e7707394867a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: SI4_MQvvMDeVflyA16tCcQk_ZAwpJCm8MjODrLhdgL0CDSDlMin7MQ==

Redirect headers

date: Tue, 14 Nov 2023 03:54:07 GMT
via: 1.1 5b17764336ffdab7d2a3e7707394867a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
location: /p2?c1=8&c2=18969557&ns_ap_it=b&rn=e4eac496473040b6c9da
content-length: 0
x-amz-cf-id: KkikaNel4i97N6zTzX1hlPrMgVoHu9_DSIg8mjebgQ_iUHKrU2rlkw==

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C6D0 0
0 112ms
112ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3zVCWu9SZYT2MMqB7gO_tZmQCof0kpBc6Oum6fUEwI23ARABIABg9eWzgYgEggEXY2EtcHViLTM5NDQ5NTQ4NjIzMTYyODPIAQngAgCoAwHIAwKqBOIBT9B3Hip6OW3WQPn3hYX7DkV9Da5iJ7JFx2uMR7hWWzNqIPg_Q5bH5Gp1bnegpBqOvff7IJcil9MpKCjtJ8_y81RtxJviYPc8tuTTr3imd8xzgsfpKatUnXRmaYpfgnkGjIC40mRsw9I8VfDG4eSOiMfx4PTGGDa0lXr0XTjgDfHFSnMEObto56URq6u_oAblYQvH1UgCoFAa2fjhjFJOlYsH02OZ_a8jkpbhA3Rd4tyJdX4XWd1oRoS71i3kdHBhVjCPom7C60ABQtqzZtqgBkmffyS3ukVvU7LRJTOnWf2ptuAEAYAGyaPCtrX92NlToAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB4g0TCKqejObLwoIDFcqAewodv1oGotAVAYAXAbIXHAoaEhRwdWItMzk0NDk1NDg2MjMxNjI4MxiY2xA&sigh=AtnZeOi9D5A&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNUaeQ1FAVcBcV3FeOkNVjGHU6owINKFlho1STl8OsJRlSgnjJpumSJv3SGZ8l3oHrhC37IbEmGAE&tpd=AGWhJmum6hptePgLa24SkTYWjjJZ44c4b8zjJ3y5bbkTSEJUYRwV_u25YD8JQ1Qhe53018ECSqdK3nsNZfOOkwh5D01lOKW_mwNv5PaiKbBk8Br3ksbFrQp0ATBcXG2p32QVo6wkV3XiBJ58OCzBE3yU7wzT20EACDLMprR8MaL7X-fpIMJKYNoWLB3qJBVL4R20Ozk3TBI1prZXsbgW0xTsU2eKILRmpXb7At1eiwYvttJgE_4F8pYSFDt0zbKxUGjw2BDgLfBhYUYuailJ1JHVt5XBjMzpIRKeqf45S_E8zEALq3yWyxasp2xEUCIjIhYjb7gFQhTk3xwBqQul7p3_h5fiszuIiopUA0sdPJ0UzjdMetPvo1cj6ndVvxdGkIUDWAVg_lEoW-U_gl5YGkUz0gbDrirc5zLVQC68v1v6j0mLFA0-Kjyw398ElKiSXkIAb8D6e464DHRcR4pBANPFeduqcGNuiboqLt3b4A6zwyZx77eQ_B8oXeJNBune9mWeMDJm34ZA8cCd2u8TG70VcGkTHAfKw5XwhaZtVYHf3ZPUVTXxFC8ctmXNLbE9p6H00e3sgMGmgD-BJ8P70R-WoDIqR5EJURC6feGFfwPvLz-g9LLCcUPt57B4z0vO7XHdxTl_atoGoJk0Ap_mjN-vP5oIHNVLACGDu0qOjbTDi3OHy9ITCWpqSa_4aM-7gldA1fRbTEL2OljsZDryoXA-kGVQZSo3Ho9gvGMEr1MrNXc0P-HOWfUMbNJWdo08coyLevm8cGeWs3jJ6UZIBfytbsjpzBXh_xAdZkRcZL0f7n8tJzqepth4WnB0&cbvp=2&vis=1
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lcfraa-aa-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ad-choices.svg
static.yieldmo.com/images/ Frame 5D04 699 B
1 KB 100ms
99ms Image
image/svg+xml 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Mon, 13 Nov 2023 10:41:55 GMT
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 61932
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: private, max-age=86400
x-response-headers-policy: static-yieldmo-com_svg
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: 9T2DHKD7zafKlIBtPxMK3BgG_TG0c3pjj1VdXji5Si8DAPqTzHqYGQ==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 280ms
252ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:06 GMT
x-amzn-RequestId: f2082892-4685-d54e-afc4-d90c24dc319f

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 5D04 133 B
569 B 298ms
243ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: fb64666fc3ede8d0e0cf538b064ba2032706d7d4b56de5a77f73b64bb467b2c5

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=549b1fff191887bfb73e20fb71a68817bc00b548fa8cd9c9218e436c3856b515
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: c9e4d65fad9889c08b0502620bd0d85e979dda5e35d7062d9b5f1c0a7c8d295c
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035406Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:07 GMT
x-amzn-RequestId: f45b2dec-b0cd-4254-a997-dc73ec8e01f8
Content-Length: 133
x-amz-id-2: y/kAAp1BDKyc+hRPym0G5FLxS+Vm7axFWRkOlNGngandk18UnRd6fi2oR5KA0jUqABvELPphxsRXJLVsNkUcyhkqxM88xzqA
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 5D04 0
469 B 807ms
806ms XHR
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=5109049471736973731&plid=2521236318193655889&pvid=3406412741847641488&fmtid=52&e=16&rep_meta=BXHpP4x5NLaykCo3iUTmwGE9ffb3U-neaKPG9HM3A-YQ5PRrr5KGq7_otCW_e0jL-D4gmwcc1PrVCe-lWV-M1HwrbB1zfx64QXz3KpdjCIEE95QqP3SrS-1Mc0aRJyK1ErQNbdbJl1g2PXLmMJvYkM9Z6gti_bIFWj98zEiYREX47CXMTAjqodNUaNGM0-ux5rrDOOVtj8uGcFmO5tBXp8hpnB06Y9vyxytVix5dzvqtsRaygkbk7EHbQCpo9qHOQ2qXTelnLBtfpBMzBCWMNeveQ8D3uqd6hHHN9q1Y8Gg1CPnfjaZaSQ56ch9CWehoSNO-kWud1Jgi6_F8KlI-jukPg24sH0vZwFTo1mVBL05NFbqI6EepG2EVUrkviGEJCWULNcB7ODe4g4EnU37D9lxOvuS0t0-YLFVo5VcHcKk&offsetX=0&offsetY=0&pvt=1699934042872&stime=1699934046869&etime=1699934046869&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:06 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H/1.1 200
OK analytics.js Show response
s.update.tas.yieldmo.com/2/518423/ Frame D1F7 6 KB
3 KB 575ms
122ms Script
text/javascript 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3406412741847641488&pv=4a15f476-2063-4f8b-ae11-8977b59abeed&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3406412741847641488&bt=programmatic&gt=ch

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-253-142-96.eu-west-1.compute.amazonaws.com

Software

Resource Hash

dcae362ce48807e904785a7806347b7be8eeeb581f17ff33afeac56ec56bf06f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Nov 2023 03:54:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 2701
Expires: 0

GET
H2 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7D48 21 KB
8 KB 235ms
234ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 03:54:06 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame 7D48 42 B
107 B 641ms
308ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BnoL0f4ZJvi0G3gVFtVDAtNPWC2db82xRb2WUdkWG9FvlBiHSwRfpBQVlW4mIKj_FQHQN_WVzVJ2_jRFNHiCwhi8yYRg&cry=1&dbm_d=AKAmf-BELtH0U3gv0Uhgg3XP7zS0HFdZrHqnJBxuSqKRPE_uteQMTq4Tj9UEdOhd3KFOphhFZXLw9ZrsmJTcLJTFvbtrhVvO5kcffZvFodWh6WXbLE38BAo1Pv2gK__PK3YjTef1NHr0OkEmEYDnvGg-eNsIQPAlRDmLRhba1-xj7WRy-H6DGrcuIQmTXesnd8BlDxGyjYTsQ-J1qtnSinw0dIVi2vs-D7cJA3i5UzatsyN8A8RFHC9vHv8I8eSw6fypeSR2H2zXTc6Vtf6u4PNv4HkYDcpkXqZ-cNioFTZSuu9CbzL13TZWKqH-Sp6qjOpi7sOXT3mnUZvZvS25JZkzxnZjhLAFq8tZ4MNAf3yhtxUwUSPdSY2_OKa0Z7mWETpaV5jHvBztrxVH_BHrB7Pb9Ftdckdbfp6jfi-Ywvm7n5qlAeO1_mpXEEtiusGgcBOy7WJanq-jxX8Qu8C4rxpjEs7Pek0zfeJlRISa9397ZdELZK4X-DAe3ebgkh2qYWyE7nzsPJNOz9uGZcuNryrqXz6uS47LGE8mvqygDWPTTugusCnic9NDIdgkLXAyYtF644VdEhXVZwtF9DpPEZAoH4EfCMI7i9SYTy8rst_5Z16e76I6ivUtkTum2SNXSXuPQG0kG4TAGjgzfxZ6QzlzmCWwp_L9Dg3cwBII1Fec6QvvP0HaZGf35B4GHq7DZ_xYIMVzc-Dkov1CbJKyMjG-4B8kGPp-jK_Dv0AdZBSJIut7zCfLO_eySdViUcHPA7iVD8a1cVDecaR6RINvViM1d76MLBRQdVJTL2Vi9qoig07peomqgIAFtKyt1CbksAqbvfmmmgy71H8UXTDrx267p9HYM2OuNgnuUJVyYxOxu9-SF2OOe_z9VkU2pgP8LVPltEn2awkg-iNvC_C6Th1-k4s_ezHINi4czoMz3bVIz2GkpYD1HrMf66irupQL0gGOVNaO8EIN3_EGqCeTAiU2x6G4Rofd5MAyjLGgZDP6EPFUzGv9VFiP6okTXCZKHYNSttxhUJdBwmmznLTQSosqaJmMBacYEWECnGbZwTt2iW46ZUhZ6aIt8a-5U5E9lbymdQ1IpO-NYP8l9D7zAR2appVe6YmKBhkS7XjhTRlRdbkS8lSEfLFard6ptBLLhwELi_tBZHxDXvXb1U7SdDK5L-NtCGFD3sv8oWp2X3xocB2EbUFujBheqT2C7fEDM5ZJEhp6zMaLzfHKY_JHm65z8OzJwa-uLQZ8bIu2ByHISWoPptXwOEJXC6ZTJ7dilqgjdKUXRN_Z1EG2Vu6q0QqZw77l1gv0V_hJchHKFfPnk62ENTB9cQioOyy4DXvubl4jAmHLXom3ppWPSOawjG5a90FLU-hfSr_sd-SSxw-JtGsmOEM4SJhn_8DnDkP1VVhImVyCIQ_v2PmOp9tbQLnyOcikDGSAEnOfzfDcbx5tMA4ceUTRPnEvuU5jjGmql56SWBzoihOVOZGVOlLSyMW72t2BBh_2AbQfrLNhClF7VLRzTipLGgZ0dCfdosdASCVHKv0yllGQ0MZiBccosxuRDVzrW2cUgDZt9SZUMVuhFf7lN5K3OLfF1SuyllpAazp15A4G_6CD3U7sT8Bzpp0bF8GJSTKP-fOfpdhnU41M005MwHKu92P_fUlVlO2iAMhOs3mt3XKjYo5YWc9wML3gbdOALhJXD19st9i-j7UTSbC9H5j-I6u88c6kBj0zFUMbSFFsnOjVHeWhja5dpETuQC3tK_Xoh4pGvoH-SCpNzCPLe8x_u4haYw70CQEivrFWVdbMiQJT4XKwjIV7RRuSXMmLNXE_W3zZTDmA_9_FaMhK2MyqD8RmIbLNMV_AW0FljZQTS87FEq3fQ960mMATz5neuCyQqLwJGVpxsd7MJ11EVRFwuOk7yNx4RtvzhiEpVKmUkw21vojz3CRz9I5Z5sTjrbvXMZ9TDEjNcz-GT0hwMn3a9pgTUOyh-5tamYDSXhXVXK7jDqTjAW5gWDh3qAh5Q60qP45OwDOdQQ4BiyqV8lOOIYwzclCFcZdJWxUp6EUrb6QB_FXii2b7IYbX69JFIDdj9nVb9la65BjzwbBku-E_qYf_Bh1ntdc7UataV517lkXeJrOHUAvWMDFpVTJoXSfKtjnPUwPpUvSksupeE9950nBlQmFIeXAC3KvAa5ZUrVAFE_koqvNLHzODuOScXzS-WF4qPVxueR7eIaWmOS1EJk4J9yK2Se4ESOcg_JwaSeZ1iQ6aQh5DVGERWN2PSjzGluZtG2Lf2GTgYHxtyMnKNW7aDr47KTVXVYsk3MXEqA1JDqEe31YKQ4G3lmegkoAGSCm5rkRb_-9o4PoTKAbL8rvoHyUg9VMJizzZTPpwLI3u-I_J9n-u-iNDZ-rFgU5e_9PsVbYaudPQssf6TlQ5jYLrGe7Psb6xX05m0huo3vNi&pr=67:0.425150&cid=CAQSMgDICaaNiZqOd1l5OMQj5VCVSnggP-EzJnKIrdALnMwsklYllDU5qsjk0qPdXFZEnCIuGAE&dc_exteid=31358248232066142673204918383946659&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 8848508277141994890
s0.2mdn.net/simgad/ Frame 5D04 80 KB
80 KB 1006ms
561ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8848508277141994890

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

sffe /

Resource Hash

16f4deaca6ba7c9445274a0f63fcf0f04dda4192ac7fbfdc2fda220a2ce01b02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:50:39 GMT
x-content-type-options: nosniff
age: 500608
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81569
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 16:16:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Nov 2024 08:50:39 GMT

GET
H2 200 12848886564002658733
s0.2mdn.net/simgad/ Frame 5D04 10 KB
10 KB 1006ms
561ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12848886564002658733

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

sffe /

Resource Hash

3b4360ca28098a502944b07600e089919a49dbc89b4c1e3e0437ae2bf782835b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 03:22:24 GMT
x-content-type-options: nosniff
age: 347503
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9753
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 16:16:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 03:22:24 GMT

GET
H2

200

p2
sb.scorecardresearch.com/ Frame 5D04
Redirect Chain

https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=3ad8b06faab8fe0b2c3b
https://sb.scorecardresearch.com/p2?c1=8&c2=18969557&ns_ap_it=b&rn=3ad8b06faab8fe0b2c3b

43 B
300 B

80ms
77ms

Image
image/gif

18.245.60.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=8&c2=18969557&ns_ap_it=b&rn=3ad8b06faab8fe0b2c3b
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-72.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:07 GMT
via: 1.1 5b17764336ffdab7d2a3e7707394867a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: USfz_-V-yUQWtKRf6DurHVBy6wnkwggWIBUw_esRQn-LOJ23MoT74Q==

Redirect headers

date: Tue, 14 Nov 2023 03:54:07 GMT
via: 1.1 5b17764336ffdab7d2a3e7707394867a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
location: /p2?c1=8&c2=18969557&ns_ap_it=b&rn=3ad8b06faab8fe0b2c3b
content-length: 0
x-amz-cf-id: qt7ivYpJc45APLz66ZFBWIPfAl32bIvr8afNQ1AmobGFUVAj5MYPkA==

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CF2F 0
0 213ms
212ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C6QS-Wu9SZa3xL6GJ1PIP3LCc8AKH9JKQXOjrpun1BMCNtwEQASAAYPXls4GIBIIBF2NhLXB1Yi0zOTQ0OTU0ODYyMzE2MjgzyAEJ4AIAqAMByAMCqgTiAU_QsEM8yZ7DMxxyXkXG3qGJc2YzFknm8mYUzzwAOzWv7kBzym_Y1YPa4ZcUKgus-Ty3BymEfoRfa9xnRXWHmMhN2Rd0EjooMcJlf9pwFvVh_BnnhOkd9cOy3NFUlKY7PsoyYxFULpTV4DmGcdYqgd1nUssQf-YQnJ-q5tLXyZZ4_DF7mQpJ_8ulxd1ip06OHDWGmzcfL8NeHA_eamghWfHimwhQop83qW88AqTw7pS7GmozPgVk4WVzm3oOgMKBIFTu4TbtFL8jY_Y8lxf04LIMxlSpfbnZGTOzNI3OWcJNQtXgBAGABsmjwra1_djZU6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgP6CwIIAYAMAeINEwjO84rmy8KCAxWhBFUIHVwYBy7QFQGAFwGyFxwKGhIUcHViLTM5NDQ5NTQ4NjIzMTYyODMYmNsQ&sigh=McPXcNzrDRg&uach_m=[UACH]&cid=CAQSOwDICaaNy3IajJvxILS54XvgMCPbZEQySSGhKmJNO9hrQbWj_lbpa0VK3a-TJbGZg8lp-SLsSj6tlPvNGAE&tpd=AGWhJmtvtljohZFpDZDhXgM9omXH_SNo4nBSWGhQB_WJE0LOM2wR2XhT6SQmrRG5KJf7C1Omxf92f0qVJ9OBz8MdPl3WA2UXozgq-DtgksvHGLM8CWf9AQUDRKOTonGrsfgUrGwBZ0FyBjevyBW-o1Qh1DkoYAD6NyIp-3i3CKZPnJk4CegKx7J0oRSsfu4A26-5yp2Tm8VKkjDqY_pHZvxmwQAyvwOJtiXoCwQrqVS1MOpjD9WdPSY6jJgABbfV4wvVHtnyOR_E8KbP-tS9gMvi8ctsXOrEwF27Oj63pBSfxz6MeRWuZAYKLv2ZA2UjP3QgOq02EDDQV2Kaq7oG3org3Qo3xlB4UXf3Z7WRRTDgfk9_RkE6_v4KEwVsPuGqOCdMEcwpvw1n66Zxvw3dUXAHJe0hyVaz4460rgD21Ren6AVwJFbWROeJC-mA3JNqsrKhnXF_uZfiF79YNabX7lU0Ms-AfU7yF83L17JtKXWSeqpQpNHXdtYvEE0kJ1eyQccX6ODd67OGQ7BwWMYNl8sWd1w--Wq9FXWFNBg2uY-cxNPTvFmzK1SWc_39Kn-UIdW_Fqi_CVJKxQQH2iIoMLuEHMMRQK69MgRYEAgbiqp5FGAV3LZBckoiX8ghefiFU63crPe6iVc9-cBGZ6pFHTpc_6Xk36QtABJFuDeTaOxTsYE7UM36NzFAcv1s5d6bjbDn689hGYk0EJ6ihZ8Htg_6iO5b8hCYyJ7b2A0wFyHJFPPaHFWXtE5O4BlA5oHEyYpMoEnoUC3muyefYT8V9kBcxxXo71tyFdIJlfmkU7ja8hpzZfDyOk9Tl6-a&cbvp=2&vis=1
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lcfraa-aa-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 64F8 133 B
569 B 145ms
141ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: 85b1ebb169a27c943c078d457620c02e30ee5d4eb50f9049d67b580604c118e1

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=9c0d441388a0f72fab0f4ec62dca8800896e925ce57e15bdaeb17a6a1c385566
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: b915f5ac6cd7c1c1d2d8ef8d5e592b285eb7e0d7b5596265e7378856287400c7
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035406Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:07 GMT
x-amzn-RequestId: d33a932c-4ff8-6e05-8ef6-62b3fb2c4c0e
Content-Length: 133
x-amz-id-2: kF2RaEN3k4SXO+zDKlr5Z64RSRsFivXumBAw4SmPJkNIkMOYcjOOsJp5ZZNAQ/UjjxNEN7qfyXNYvJWMWcrC7SF0FcK+Xplw
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 466ms
241ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:07 GMT
x-amzn-RequestId: dc40a58c-c96e-27a3-818c-54130b393409

GET
H2 200 ad-choices.svg
static.yieldmo.com/images/ Frame A918 699 B
1 KB 155ms
150ms Image
image/svg+xml 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Mon, 13 Nov 2023 10:41:55 GMT
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 61933
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: private, max-age=86400
x-response-headers-policy: static-yieldmo-com_svg
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: tx79xZ-tBtfd0E50Yf3kruoszEJH2JTv61J8HoTZnEwBRvsOLZQuwQ==

GET
H2 200 8848508277141994890
s0.2mdn.net/simgad/ Frame A918 80 KB
80 KB 777ms
507ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8848508277141994890

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

sffe /

Resource Hash

16f4deaca6ba7c9445274a0f63fcf0f04dda4192ac7fbfdc2fda220a2ce01b02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:50:39 GMT
x-content-type-options: nosniff
age: 500608
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81569
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 16:16:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Nov 2024 08:50:39 GMT

GET
H2 200 12848886564002658733
s0.2mdn.net/simgad/ Frame A918 10 KB
10 KB 555ms
285ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12848886564002658733

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

sffe /

Resource Hash

3b4360ca28098a502944b07600e089919a49dbc89b4c1e3e0437ae2bf782835b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 03:22:24 GMT
x-content-type-options: nosniff
age: 347503
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9753
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 16:16:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 03:22:24 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 317ms
243ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:07 GMT
x-amzn-RequestId: e291630d-682d-1bc5-bf5d-9292dcf939ce

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame A918 133 B
569 B 141ms
140ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: 838dea5598888a3df51395454bdea966b32e2493d0c7928f53a27363988f4332

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=163f5de9eaef32958bef175002de82582eec4deadb4a44d619f3688334b00f33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 05e267856e53b115b2be431516374d5aff43f85dea488e0be86e762d35ef54e0
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035407Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:07 GMT
x-amzn-RequestId: fcb4baab-6a54-11d3-a178-4b34080df502
Content-Length: 133
x-amz-id-2: 9hR+zI9JHoYAdPEOsTYLwoszAA0CRwUcFbPi27oXYcgg/7Ty2hXx43L7WTX3lzoRowmTgogMTAQxj6jHEsKqjOCbIpPf58mS
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame A918 0
469 B 598ms
597ms XHR
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=7449121635122684926&plid=2521236318193655889&pvid=3406412741595725383&fmtid=52&e=16&rep_meta=2YAhzdbgSY7X-FscykyMqoPEaWN8g0Gf1e6Luk6jCCC2WT2aMYVO0baNymzJSHBplkaRuexOGrjr7SOiSKa8NtD8WOxzdjJdeROwsy5VRwLg5uv0qDvHDHff161XkNwnqYg2dvSxGowjMnK8GHpxLqb45qEp5rimlTKtnvHPlxFc4hTj2lvJ7PXA0tG6kn8JMdJcCD7X-zqWtSKwfjMO3vB4NM8OMAyMNTgLnAzqXYDvYBlVjW1_WvKCQQWXp31Sv1I0jnXDcuaED2fOkWzye1bnp5q5mHll3IpvquPr1c5LOwrNbpOmW63_SsD19al1w725K8-4wAhlzeCaUX7Yvngb9dw2xcpg3FK_VMxuoSHDz01PhmgSLEugIFKKedyrseljyRI1sjynvoeS0iqFj7gBNvZNF6BNZHdoIN4E8Y4&offsetX=0&offsetY=0&pvt=1699934042842&stime=1699934047079&etime=1699934047079&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:07 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2917 21 KB
8 KB 252ms
250ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 03:54:07 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame 2917 42 B
107 B 431ms
303ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ai4oJWtFQqNUo5KGAMuzR-ioR5WoPcdMRIqzgcVG8yOynyvZIR921xkSNrkkXzYw6ROnqfi1n_MxZdf_4uNFw53ugvNA&cry=1&dbm_d=AKAmf-B4JqOjKfkLXhCSlBmVHhb0bA_r9mcOkjgk3f5fHPxDolnK1ULp7qU7Rv97ZRKbJz1SQ2PJbOKIMeIxZzo8_ewn5Gi_-ON3UOs0xstl918N_OCwj81Cjz24UtlXY1XCpR1R_qc3k6X8Yg2_thi4jnqRcztaQLya1GS6jKdpAZnefhpYwWjrMpRKoy0_eLlM4zXiV3MDaPwoPrwpyuj5KG_76eQJXVzgwQepDd2PZ7nrZZBgi6S_yhiKlhvmMdh4o6hMHFIazlcT8heqqAM8CYc0bWqhwIeBl5GlStJmq3CfB3Kz9o5ANHTdEw8Vj65EteyzuHsGQ_HELC4Cr9ZBueE-SUsOJQ2Bq45sCPsqPbvsWqV61-zW244uvyk0qyMpgitd12oujYVR630_LFvWbBQbW_12jQvhZEYKEJDDqOgXCWUFGXUH1OxZkrl85eFkeVKe8U4U9c7_kBiZaiuiK9GS4O7Bi-CZfsaGUDxIny9v8gogLITXqwLmzOkdAbzcamttywEyvazQEblc6J6h8KzFijO18j7UcZIL6H23MVByEem25g46xZX4PuGquTl4iTAMJ19EjQXhT4xLn3utPgtwk9hHqR0-BvSvWym5vKxdyhhOLtk3St-JXIO6GP28Fhy_Gt_ORXbFeVNTG3P8P1bjtbWKxuLAT4-JqQDu5Bd3rwMbhtnzQQHXYM6fUlIHpY9sy81k0IN-ap2L5UEJja_RPdUGGXwfbqhjmNNvFvJi-Zug0OqpreiPZ9h9Gh0c_fw1OWTMNifIOVpGOf5Mg5-GOSshwnjhT_WvfRL2gvIcnWn7WbdCboqukmiXlIi110eK-_LZLb3ZqA2J5NlbFOWj2DXktCuG0qzcYcJG_Mbq2d1q1kW0RkFgoXb5iGijbyzJoWIKeFDQEqQsVlBR-JoYILTwye9H0ZeS3UYDZJ6vync6e9yTHMT1b64oxU1Gxh2HPW4_yaAW4xtoFTvywk6pPL2KRdRND-qdFSrHlREQPkSCZ1QoFzgzAgAsU_fxjRDWEoKhe-awLdK7UDeDKE5fyiOqfK6MV-30pcdrS0Cg7BygfavpYheBU6IILBSihH5SMCMHUDeIt0m_o2pP3ReGSS1LhgVnrvDhY5OZRtk_qSVvxSbbqJL-RqFicB5gm1FLBBkN6uyaXzfBQHts0-vUvNFgQ2-PY3ZATyU0n6cTLJPdb2yFWv4YCWLVfbPBNyZ9jHtMzdJwXeGiBPgCSoL5EuROJgLUlfHnj-DrGUiV1oI5DP1drKb0fNp4R8ZpdWGEQSBIYbCSXp0Svucwdw-ZfRyeomPlEQdb59DhYFl4JdXQ7QjtcyqaJtri5JrXSP6h9fsoAYewr2uRcSjrPiShcpmM5rMW6O45IWYW1q6-AfTRbZdKnNEZ1DcwN5UWA1zyDaCEwZba_lcLygXJugy_qybip5RXprX-WxN1v8ZdPPltKAToU0dwuEwJeqnQCRH5fKDVdb7yH4HQ6tOZG2-Si-GhaKY2OFXLg25eDaXXiltryjOJfbubAc84tZSjA1YyYUG3LholrUw00h-MRVaYbfdRrs5EY_hXEK8Z4mvxJVehJxagxv5CYAo7gWeuuRE6MGXzR21fWnJar8d8LFay_RypwAvR7HqUewT0yIP68vZg1tgK3q-jTMQN6Fd1BwIIGRP8V-jzYhHZVyDWRP65KvLkeziZT35zXm45nNt0PkW9mzCkEx0Z40w52S3JmI3H6OJ50ufoFpsgqhJC3W6MXghdD20-rG6AgFYHiWTPay0dNOocRSAzjwc9z2pfhNKwL_FSTXK54LtWINq4aeWPVWLf83vf-mn-VYRlhr4acObk8ZZsfgB7ErfP3gQb0o8ytX8KEtoCn9euIrd5EiMCXeZFol5t0B-PMtQRKI6G_IOuljF0l2JQxnYeFa9FQQNtq5jebd2JNgVHhmY8gnnwjRmZeGrLydux8WJb7e0CXF6VSgEMmIy8kJjkfXo00uWcn_6u5N6nFNpW9oFcJJ8x0ySQj54bM0RZC5N6SdDGroVhRmghHfA8Jywi2iak9As1LTfGeU4U3urJ6SWYu_GnjolijIW5EHBwbzAJC4sI3_6dB8GbJgUGvsCGQPCnFHOaKoZkSzOmBxkX24qnSmEsC8Ywwg8whl3OARlOeplaEBbavIpmIHOwCtcB7dGGysShcwHKGisUfXlwzVLCgT6MwKYhmxLX4M9oOme-w97Q2BAKzQiefT6BSNGcxdVxC92EJlw6gElSnSuDNPCAJki4-BtjcI_U5y98U0HEt1IdrrmVzqKqqHCN7vmlgHXum4E90xH9pUKMVkNWLmSSfnhSi85O42lBdzkZXqChbaK_qCKqOYp9Rb-KxtFRsP8z9JjXURsEGXyRDVM_fjazGs48OiQipZUMYc1RQBOfU1LqsTGMw-HxN4eyV20v7iurM-uUU6_e&pr=67:0.347473&cid=CAQSMgDICaaN8w4RqJFF8ATjtnYWB7Zm3IOFmXy9Ccvuwkq6qBpWeKBJRmR3ruFaFG1bOQcaGAE&dc_exteid=31358248231952326262264595478762214&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

p2
sb.scorecardresearch.com/ Frame A918
Redirect Chain

https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=e2031714f412ec3bd9c8
https://sb.scorecardresearch.com/p2?c1=8&c2=18969557&ns_ap_it=b&rn=e2031714f412ec3bd9c8

43 B
299 B

246ms
245ms

Image
image/gif

18.245.60.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=8&c2=18969557&ns_ap_it=b&rn=e2031714f412ec3bd9c8
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-72.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:07 GMT
via: 1.1 5b17764336ffdab7d2a3e7707394867a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: q1vgrJ4tcqxqH1n6EpNfWsmIe2luN9yCLvpk8JRNnydMBXAYg8gkCw==

Redirect headers

date: Tue, 14 Nov 2023 03:54:07 GMT
via: 1.1 5b17764336ffdab7d2a3e7707394867a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
location: /p2?c1=8&c2=18969557&ns_ap_it=b&rn=e2031714f412ec3bd9c8
content-length: 0
x-amz-cf-id: pTdrcQbhjXEu8Zip9OdPeYFv1yRHyKXEnfdxneXHbzn-uD_gZjWzZQ==

GET
H2 200 ad-choices.svg
static.yieldmo.com/images/ Frame 8B42 699 B
1 KB 114ms
112ms Image
image/svg+xml 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Mon, 13 Nov 2023 10:41:55 GMT
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 61933
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: private, max-age=86400
x-response-headers-policy: static-yieldmo-com_svg
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: m7TTqjIZjRKZsOi_aUh11oICcAn65zJAZ7ryDMR9qiZnj1TuF3MfiA==

GET
H2 200 8848508277141994890
s0.2mdn.net/simgad/ Frame 8B42 80 KB
80 KB 438ms
336ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8848508277141994890

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

sffe /

Resource Hash

16f4deaca6ba7c9445274a0f63fcf0f04dda4192ac7fbfdc2fda220a2ce01b02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:50:39 GMT
x-content-type-options: nosniff
age: 500608
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81569
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 16:16:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Nov 2024 08:50:39 GMT

GET
H2 200 12848886564002658733
s0.2mdn.net/simgad/ Frame 8B42 10 KB
10 KB 553ms
451ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12848886564002658733

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

sffe /

Resource Hash

3b4360ca28098a502944b07600e089919a49dbc89b4c1e3e0437ae2bf782835b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 03:22:24 GMT
x-content-type-options: nosniff
age: 347503
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9753
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 16:16:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 03:22:24 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 239ms
213ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:07 GMT
x-amzn-RequestId: f4081ddf-217b-1a14-a9c4-ec40666b7fff

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 8B42 133 B
569 B 192ms
191ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: a64bf8f87428ac22cacb423cc5ad41c6b280e4094418e5b2459bf2deb7e54ed6

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=073d59c75a3f0e7eebc381a5bc1c2e4efa94ec0bfa65ce0f8e0f9f1986a0d016
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 9d9798e9a8191cf25fe6a1c60fd6ebfbc934108270f2b45639c73ddbd854ecac
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035407Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:07 GMT
x-amzn-RequestId: cd09213a-328f-fcf9-90c5-d0a5759f9912
Content-Length: 133
x-amz-id-2: aNiLfFRUghyNfeaUHTTwWCTHwDRovVK89x+iPsBqvGuSo/Y8V1K9+H6mhh9LNmxaaIOA042zyPEyOvoBHeTzmApZTLXcbTig
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 8B42 0
469 B 429ms
429ms XHR
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=3521666358786417234&plid=2521236318193655889&pvid=3406412741864163421&fmtid=52&e=11&rep_meta=E5yEWkMLpoI7GD40uPfQBEjQ78pNJFWkfISuI1Tn8Pt16WNZnl4w3B3X2o79w_F9MR-EMCUR3ruC7QYKn-2j8UzpiFa_0lRc-ahqN6mhMxLWuAzdK_DQWAKokImK9Tnd-Ff9OjYJCjf-hlWSz8HMzbteDAEgwk8_1sL-c98VPDWr8dVxDOWPt-36aOBcNTW1jOLTDV0a4Om_PtCHDoqlRHLdua9iWJ41m7PiAStxTnyU_sVgglzm74U9mge04iLrmsS1Lz3W5AWzx0-aZJBKPh5YR9EBQRKmxy_isqIPe62rmEqQI8V_UMlcdoqveiWeSEBvhBoJEqCGNyawgZnzSWEnK_zG0qxwDR3TABNdujhwHVIyJEsUPBVX50KfDTZqkiNwcy6iUEefR-fH2yc6qmjVpGwpL723wXPBwRyImbw&offsetX=999999&offsetY=999999&pvt=1699934042874&stime=1699934047247&etime=1699934047247&viewportHeight=1200&viewportWidth=1600&adSlotLeft=-991227%2C-999613&adSlotRight=-991227%2C-999613
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:07 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H/1.1 200
OK analytics.js Show response
s.update.tas.yieldmo.com/2/518423/ Frame 8D1E 6 KB
3 KB 284ms
86ms Script
text/javascript 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3406412741864163421&pv=e2837ed2-fb5d-46c1-86f8-fe192e68516a&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3406412741864163421&bt=programmatic&gt=ch

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-253-142-96.eu-west-1.compute.amazonaws.com

Software

Resource Hash

936256ec2479e3fa0b47e0201dddcb6c6bf1fb307250d2e5c05ccd4e3abebb12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Nov 2023 03:54:06 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 2700
Expires: 0

GET
H2 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0940 21 KB
8 KB 194ms
194ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 03:54:07 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame 0940 42 B
107 B 276ms
275ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DR6K7FK-CbP1fby6F9fbApHcAWrEG0iPQwAv2DvAhzQYufz81WfJxdH6DuBaYFwD9DXyp0hpIGso_5pOEIk_gvFzQ6iA&cry=1&dbm_d=AKAmf-DfHAT4n9xAGlsy1tR9U2Wx-OokYY8bXbVVFBlTlomAjqRQemVgrXPc2RvhuU7A-fBsSjm3SdzXuB-m2-s7LO255iq0q3i1YbyYIji90ovC6k8sZZ8ZkVfwykSXlLVgbNjTVo525OpptHbMTk6gI1fJvnAPi_riDsZAAJBAGsI-uy9aYq0dW4im63FUmg8vdIVRFIxX8_Bf6dRIDIl9iKKW6mqhyizovd4f7SigX71ThaoJHBcuqsRPRry94NgMnpzL7f7tUOWEYjww4MCqWnqZegTZT7aG8MCpuKzVD3fGtN_fG9VwjL3HrOyXkEdwurBu_f50JJVhs8GUb8JTbbRCQjPXUk7-WY2tULzlAiZY14WczTIr6UT1jCtb994fzaKsIDcusEAMjG3JzhNOwMCybeM1N_i0agKPL6R3hUk_5PPvc8fHenc8R5FGYF32RoMOAU-OfCl33yBIjD3Mt4y20aGDcm5yWMmlORN1WzBKdkIPvdw57sOPWUslGySP3liL1P5C15yZC34qKgkm7YkNwU_26DD-wNgCq8a4x6FtJMYNss6zizDz3LhGoJQFzKk7XUoAvhXDch2RqaX6kZd6kzArb-54YnREGhXWIRn9AD8187VnySTuZpeGfTMkIhTykqvZRSiUH2H7fOmJF8W2Q0MQuctgFO2Yh_9V76Bb3UYd5grh7G8h2fNOOC7F9_idy70A3ZpPdum_EUEwRsz243ubS2kV847G6X0QEgT2DliENbMOVK3X9ug4fa-HKocUUptVQMz8h3bC6dY3Z5qIyOA9xAwMQNoaiVotizk0TXJQ5B7SnkZnYrbFYFzlka5Sd6r3f8VTCzncDqpVMzC2FMAZuMMkWBrnyDpA8F4m6RGQ0Xf9DUisdqMmcoKBybFrXpXVy98hEYVSn3nNN1c1lTZEQkYwbWAeF2Tar0t8-nfy0NMEGmspxGoqTSAW_L9mR_9tAYcyVCpTRoK9LzKzbifGH0SZ8ihjIKtGegTmofkHTrkWav_VV9w_z49_Ru1j8O4mDQniDGhyNduvbMoWbbcXD3EjM-Q77NQXFYlsA-oXo-XZqL6MpCpCDDzFW2j0aAa339S-lC8GXxBAI4nK9EUO7ccORF55oa3OLWZ8_Ew9Can77-8u5kNUJa2MpXk4I593GirdjWu1zmixY8R7RnG5FIGG-ILpzgXou4DtnHblv-f-4Sg3fIouEitNixg9OAKWzU0j-glrp257RmbUPOl2Gfha_huxN3KDYK7GG8xlyy7wsZt5snnA9TPRZYTTW5jIgN0itf01v7o3L0wTNmI17ny5zkxU80JJKHdZSiRQ0MkH8XyQJ7LOv2MqKiniV2m48jPdbImB_4kT-pwI_cTR9RnLk8xGN-DTi4oltpRbTUoaDNv2v-ESOp3tSanHBguAOWmGN02VyY2ezyNdMlvc04UMQqbryHJXRMVfrSwAqKZ0OFXMb6Fvbz00cMFa_X5gCNnqkyIxob_mqJhuL3PI9mxyyuhH37nEX5L0EkLdsPvBnPvroXwaPcrKc9pLYSfXUAwG2H8WJ2EIR3uDLdc16Q25wpB2sxe8y7ytYfnxYwZV_RhQaYBN4lpHXKM1fF3Nn0hnLucxH8tMu3Sxo-y2v-u9YEN-mGIFU_Lm-NWTjKg8u10pC9jgpIiK_Q2ZSXERosughxylULtN-eoWVWMhY4w4_f-Ml6eNdD0fJEQMUvofdRSyAhSY_qLwfO3ZaRGpLiPnNJjWqkDH0p87RuvlCvIJzSK38jYQs5k7twsWffiNFT5RBDVbK14_jiLAsNKOTAIJ4a9dnOdvaDH_rmJEhP6Y87ZGeLnjeBc7hduOu7g2lpfGv57hcOQTxFgbnViBfOlsAbLkw_n_cr4X3mGxViLmFTo8FiaLcQM11IjyHKupRtBG3G6Ml62RIHoU8ryOumQo1lgd8XjMqcxU9WxBHYnxURiB9DTlcp3UCJSnGTVgT0_NfZAaca4BbTpQfb1_GNyA6wXcFJGn6BG2bOfOeJqk3eNIyZ460nujBZKHpkEdcdZGBlCOmCFkfHQZwggGNltA58QOPU7rprytxw7XN7NHhum2a-k7uGJ8IJzf2JQyR6A7s0cJdwTByq-yjgWIytrjXGgxAVyRknmwY80L9iHnVb5QyBEJ-APLEky8OBvsuUYpvM1mUn8XR1uyhIWXinpnUoozmvNOdLCIk3ECKwvIkeMxwobkxU634805N7XYnUOp1tr7jDFTe21HtZgfZ8VSk2khILz0TZY2FTL8jvbxNhetBmYrLiuxxE7E0pomYS7z6bkC6xW_cHQMSBH-rEi1lutW18d6JMUmakEyFUTbJc8bJ68lvHqeszQGVQcpPhXM9hsnkCx1PyyMkCeoEmOzCSd-F-rf_1_rtbq3Zyy52Usd7-05jW3qmj12EZjL4eZUP076yooAcv6HnObo&pr=67:0.347473&cid=CAQSMgDICaaNqyogvcjbvj87DgU93mBwCOFEaxvyKXoU3RoF8R5kWXR5DEXKvp7WQgl0s12ZGAE&dc_exteid=31358248232428787342418709347243992&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

p2
sb.scorecardresearch.com/ Frame 8B42
Redirect Chain

https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=6860cb33178d0b21ea23
https://sb.scorecardresearch.com/p2?c1=8&c2=18969557&ns_ap_it=b&rn=6860cb33178d0b21ea23

43 B
300 B

189ms
188ms

Image
image/gif

18.245.60.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=8&c2=18969557&ns_ap_it=b&rn=6860cb33178d0b21ea23
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-72.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:07 GMT
via: 1.1 5b17764336ffdab7d2a3e7707394867a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: fvYiGBfGWLTaxd0bhyEMxNkrP4gvXoRVqrk0ogzj0V-FOiGEYMQpzg==

Redirect headers

date: Tue, 14 Nov 2023 03:54:07 GMT
via: 1.1 5b17764336ffdab7d2a3e7707394867a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
location: /p2?c1=8&c2=18969557&ns_ap_it=b&rn=6860cb33178d0b21ea23
content-length: 0
x-amz-cf-id: hAIGEJmLG4WIZjH_iEcUUEnxMVKdOCiftEU8VJoWm5utoS8H6DS_fQ==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame CD56 133 B
569 B 192ms
190ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: a051b3625edbbe7f15f87bf1725ffb09d38bf3b6ede278a4ef6bda4bcec38205

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=b8a293feb15639d279f4de8d41a4e804bb44b3ff501cb63778e223f64274035e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 1aabad50ffa55018525de836393832bdf6629d1590e6334693c395da01c394bd
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035407Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:07 GMT
x-amzn-RequestId: ca45b5a0-69fc-a1d0-9789-443fababb27a
Content-Length: 133
x-amz-id-2: +rIM8eCmz8PXb9X4C4CWbxv5d0CLlNl2l6pr/bFXIneoYgeCdaeRGHyCSjCQQzMQz2tIXzZcGuS9oAwQeoinezH4arZLL3o3
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 257ms
141ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:07 GMT
x-amzn-RequestId: cc6dcf83-5130-343a-91a1-3e1c93672790

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C8B5 42 B
176 B 224ms
223ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9Cv5rU5Yxu4IkfGOfdPk3kVZP4DaeVergF9sxKVBcfvSCEdeZyTwctB3r22iHwkaTZSLSqhy-xhn6Klr9txf_Aid1HF1onO66OsJT9p8IuoLZTNJRaNNru0QkUQSHNJgDcWjyKXu7Z_z0p5U5h0IlrKoNtCz0aNhuvb1tP_7HCIa-6sIGXQJWilOaq6yw76eJwuLofognjzC7gupx_4ynZPOs07ScP1PeDUi1r-M3ew7t_arl4zayy2cWB_RXadlsKKjK-xPJNbDkwgsIVgaUa75H2SaQV3V_jBn8p25HqOok06GVBNmDiyS8qSoj3IXZ-qrDOKioQxxatXY1id9k-_7aGc8LYaSu5SdpwRe3SmQCsqXSZaDVDI1vykQrbwONIB2nYBKSzWLoGdjZCv5XNs70lWaSvnSKVlnCpgBpAz9KeC7iF84DAegcgPQlLtwdSLFiY5iEuFJ00C2uHQHPOteF4PBP5Zvnymv04nV0fWsczzYVJe9rfvDOXvKBxrKQqps7xD47xsUTjf4k2gEl6O1ny60h13xasLxQA7_04pwSLCufhCxPuHHgJuJfiYLJImyKod8LktynRzdAZq71HbgU3De8vRiCv5PF8YlFeD-TD_BKqcobzNYs50jgkkpORJb1pOgAA7Db28hBJFuVp8SUkRH0HToY_hIGJ2apicbCWEZD0XXCAx83v_tnHDyMMhKB6asdw-ON6MfYPaHhgNnM40jzlPobuCBNKEIaqdpeXEc9ZrNykJSxV7b3pIP4-uMiqCPceJnuGCMxtHlkuZFJxS7yBCMxX2Rrd8KcB07AS0Gb6jjSKZOQrZTsa2EVzo6v3Wznp6GZJ2IMsph7s66bLTM3EY9_AUvFVbbGxt5zF2nf0yIYn_taI7fKq2wCeX1-6RHdrwnI1IjEiRe5gTiRHAjcQGfgrk-SuueVLl9K58eJFFwEI-frRvJKX29BuZ8J_Nb3__dxNWPO-gc6__Bf-nPL-qo46maeR6JHfqWcwitdV4PLD5Tc16CutuRXEH8mJ8H_O3gF5LRSLL1ubErkWCQur9nzqy1pN5cz2A1ZOAXU7u1ROukMrIsNAD_e_s05TklnBrKymw9ccvVxqGFA7GpzWj_beVCRtaf0BCdL-j1pR28uPGO1MO19YR1sOnfixH8jHtfXmmUkUJvVY6bGktblFN9fLpf00GX0bE3uA9skfPEr5tGjVD6YywOSlXdmYXJcJIgc6vra4BplJXn0NpGxbx-_E_KXVIGeNAGjtcH69Y3aitajEsC7l-RQlk53Mw&sai=AMfl-YQfxtFel0rJTuRqa0WthSbsKBSvwiw2o8uPcZvGok1jQtVTA9Z5AF4QhKAC4KZolZuEk-TW0Fh3farXWBPxvP9yyXNGq20VKOl5I6dtEkWGIun7fSfLDWTvL0ZyNkLGzmWi1jrcIDdG&sig=Cg0ArKJSzEL6-873Gp0LEAE&cid=CAQSOwDICaaNjlossHfyDRcajL7JvkMx6Lq8Qg0YBD4i3j-5Q2d1XHZUtUceCxoY4RWXy67-zaIPdZHZeqJCGAE&id=ampim&o=1140,159&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1346&mtos=0,0,1346,1346,1346&tos=0,0,1346,0,0&tfs=2071&tls=3417&g=100&h=100&tt=3417&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad-choices.svg
static.yieldmo.com/images/ Frame CF2F 699 B
1 KB 101ms
101ms Image
image/svg+xml 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Mon, 13 Nov 2023 10:41:55 GMT
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 61933
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: private, max-age=86400
x-response-headers-policy: static-yieldmo-com_svg
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: qEbqWbPXE5zrTzgRyGj6EWu4gT1Fs3E5gG__2-1P0d5C0N5FolbSvA==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 130ms
129ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:07 GMT
x-amzn-RequestId: d386322f-f030-4a3d-8e4a-c3b0c02a85f7

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame CF2F 133 B
569 B 168ms
168ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: 404bb14cbbe66db8fe9fb9c1fa83e1f2cf2e1a81924af53e108d8b5196689f3e

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=dc3c786db6f74b9431eb7dfc578c44446a202521fc652b8f85bdd8573bc1c4e3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 6fc81f2d80dbe2c6a69f3019dc61ba2894295e3094e5d17e3c138b018de5a2e6
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035407Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:07 GMT
x-amzn-RequestId: e6f44886-fb94-96b2-bb38-b919cb8e5978
Content-Length: 133
x-amz-id-2: 26zZoU4v4hTjvPf70w7r2uWLoD75fI3LJ6tF6ihOqoCrHs5hj7Ns5fv566Iq+GB5iN/dIovHSP2BGKYD5qN4Kn1Myvv3T8EL
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame CF2F 0
469 B 245ms
244ms XHR
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=3304920979415637544&plid=2521236318193655889&pvid=3406412741679615071&fmtid=52&e=11&rep_meta=7Iili4cFJVbkoGBgA_6454BzOq6o9VZhvtUvPBf5Fp67L7MHMPNDLfxbnBr2etglS_IWcIpcE_Dj3hP45kJP-2S29-tdBFmcNdsajVS-cRlMx9rdWiRFbl7WXANwodIpwntU5ijAjRHdGO5tmlIpRJ-KKRu37qwt02XjsOcPpRmF-kVyn1VHa2lFFO1n0CxyksOziT8NMVmyrn4Sv65JBb-VlPCARcIyWYduyUvBr8_PbBfqiqopj97qmS7Q2Krh733ipMWtCd5ojSchPE64jLaMLXq9FFj9HqzoT9cN89EVKvZqwk64AzezrIAvJr88Mr2W_P3a9mVOL76Z8ShnZiT6ZFc3b7o1jmlKYHeMXfX95VJhFrd4eNZVDdgVMsYyRjIp1KNAeiHBJh1UjXS6TdXUusUs2USpQtIK3kMVXDA&offsetX=999999&offsetY=999999&pvt=1699934042852&stime=1699934047432&etime=1699934047432&viewportHeight=1200&viewportWidth=1600&adSlotLeft=-995625%2C-999613&adSlotRight=-995625%2C-999613
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:07 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H/1.1 200
OK analytics.js Show response
s.update.tas.yieldmo.com/2/518423/ Frame 74AA 6 KB
3 KB 176ms
77ms Script
text/javascript 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3406412741679615071&pv=f61d60d0-0b4f-4611-b831-f4e60183c08c&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3406412741679615071&bt=programmatic&gt=ch

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-253-142-96.eu-west-1.compute.amazonaws.com

Software

Resource Hash

5e2942ba2c3a97021dbef4e82a5e43cad354b730ae07ad30c0d9b81dbffe1fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Nov 2023 03:54:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 2696
Expires: 0

GET
H2 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame EF39 21 KB
8 KB 83ms
82ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 03:54:07 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame EF39 42 B
107 B 97ms
96ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ai7hEjAuJMpHcZOk-Enzqv7R8MyxXXhInmrOqIm2iPNeBZrheUCbRiTaDkiReKKP9AypnK1pJDe2a3H0C4d-heBvp7Yw&cry=1&dbm_d=AKAmf-AlefKrna85ogFAnmjBxEKNiWcOThHid5dFVuakddnzApr_t0ldySctkactviSn9QBHwhiVcUYDgh1PMQ3DFjU3LY3hX28beNXJfkDqAkW3dZR0MDviWus0ihemPcKOom5OWvGLX8AFfpTaUWa861jULxf0htvR-FEUoDOW86FXjyYYGY_qGsZYQdmjZnYfdAgt2pDdGlFSBzkvAk6_E1oL9RWSM8nmvrngWhzA2i45kM2aa2_uANWIPv325jz93ypL9M7Qnm3Qggbs_HpEIfRLFq4O1CIbFv_2eHdyrETW3rS2UEy9SOZBEMWAe9Y3leVn-qUvHjyJrtttiU8R9bBhl6EEpcwCnn-aqq8UW5HQz9VpVFvBduZpVHkepphW_D4ZmdW2Q_7WhVGQfDv5dPfeoqxns9G_c4yBSjF3DOOEKlD5vQcp5umLeqwaBhBxlM9HWMewPXs59e7ANCtVpN9Ite4DBCsFQkZ8Li0jhV5mMWXc-7xPk4B6OkZFVHX6O_lSCO_qZMLLwc_lGDpIMpBCn9Y5lmOPNNoRz1iLRfyeuPNaBDgdrjsw7fcZ6npcoTakfZvWkBkHP7TabrGcXsba-HnrENbx7gePL1dV1VMayFXMYA1u35DDHJ4LleQXjMRo4sI9V7Z0n01d6uRbD458FKnv0JGOkTGdBR7wybJJvfYuHP7hZ-1kSA5NKuFZg7zHiy_X3scK6jVITp4i6eu042EdWaVCjyni0cWi5XYsoI3tfku7vAUUMDDCVGVM6JgTexW07lY_BcB5-D3iK-FAq7jCLOE7d5G1a47EuWcUSJjRy1yc0H93VNRLRYHaBmv4HcnHHfCbWF1tuBjdEyPFXBj5dFW7Mw472T8qBNEyGa1gpytshrpcNaOxt4jy2GJSBqPQFbWZf7zKiAp6fmVNmJokDBzFCWXvNQBNr1g4IGcGpmw1CAqklNr7KvtibyHX1hFLyK5FiqCQXa1IQMjL-PSVpk-R1toaW5Es3XipV-JP7O1ESPrslIEZHq-wqowyzMNmFDQOxLm84jKlijmycgkHHHJIHAffPxt6fwJBffPTdtegKGdlCxCRmkbB3RcjhVPrG8acyyZqCxbg_cMPk_zM-xtDQSs1B-zE64cPXEaR4Q-913mPDx2cWQAd7zy6-67Dy57H3d-avQWqnlotf5EXamU_QbBnElhYLdmJtFC6KrsGdUwQLCU2-8Vzmn-zTBGAAZyc3ak6ohX3sK8oXF4G_Kz8Q3vpyoeS4Tl7zwD5IF0fT7nTW1AcluBwNbots1dyJ7_fNZTrRPMt0pLhJWvGJhIGU9HgykhdZLsGKggFmDDnL16_dVFJbW70oJ1karxO1sMHXNoa7beFcXx83IZzFw1SAs-SENPNpXkb85wyAoi11_F1Jag04jrhGHdnnZwPN_Ak6VR5cQkSYLv2E-oZAn-XwaQMWEJY7iD-EpjBZFkbxCof3fYs5a5MvRvKLs05OMwlUJpDDPOd8n4bdirYw-3CKtGe-23GmEX9eErxrzuFybR-v50IBVTS4wiE-9MvExz8ZapMJCJpLyjzXqKyf5DIbj08mKpGquqA5WeGBsTEhXXFkuSM6KeVqvNvQFRDQVBOMX9NNbE3DjZP035Uydcyf085LGFZ-7hU0d9NmvVNupnwqy808iK12FPK-fIUMwKS_NXzu011avJ9KAeKUxtHsao8JoJR5BtQwirCSHx0RSRtN38Aoy7XMenNvvKmMooanJUYjJKKYWucf_D6HyQ-mV1iOhxDsD6FBU_sWRRggYH7XJEvE2zZFUJ5-zF2YEDezaXqdryPabh49g2acnL2cl0njrM5MxPbKXUmhp0kuVMxfGmN10YoqXuHmN2m-GD9j3q1EjaFPsebtzhiCSkK9y9qKBxJL2EkysuvxkC0OUMeF-t7CuRk1RXlS6I3_kH9_ECiLTSGk_zi84ehCfUB-2VXPqMotSZE4Gs6szUuOqGOVtZRjSbuURmt0HBKl56lLaA78HbYIKTFbuZFlqo0OwgQHlnCyZZL7iUsbLftpsZIVurbZEbe5153ForX0TGYEJXnpUFaNpZuP1F25nLglT9-kybhuRXn-cn8hqPJ6iAtuLIXjA4ESEtgTYWgjJXp5sWlGREaY2I1WfbDQ2U2ykl-068RwCrIQaoaCbuAG3JyBzFunH9lqAZ12e_jpT7MynHAYS3Up23CyDDX7NNc2ivzziswePHbPNp_9rS8b2_IEu1Vpq5Gb8CiVC20Q7lqwZQ3FQ7GRgRZPgkd4tTzXrlEMz4zrSRVVNGwfMlB0Hlwn_atbVRwYVD1PpkDUaC0uj1CqOVRqpYZkgq_a0SGuQeEfpb4MKapaeCa89RjUTwGwg23IoJ466wsXy2CEd7cPdXw8k8Bc1hO7Fks1DAuwUFQsNWoxG_oOTNNG0gaPHC3HIhG-ftFUcdJqEc1k0M_0hWPihPg1znoaL5KHxD5KI_p6Uz00BaQNAOfpqA&pr=67:0.365388&cid=CAQSMgDICaaN-QztkxzujtqY16QtP2AV9DaxifN7L3zC9c3M7dk_67kD2-8yjGADIzEtlmgpGAE&dc_exteid=31358248232037495007121365476423589&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 17571064577316851266
s0.2mdn.net/simgad/ Frame CF2F 63 KB
63 KB 775ms
771ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17571064577316851266

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

sffe /

Resource Hash

26cd2d91ae3c0a816c246c61271616256a632c6e55953e61c1533f9a681f9934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:06 GMT
x-content-type-options: nosniff
age: 449101
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64216
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 16:16:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Nov 2024 23:09:06 GMT

GET
H2 200 8389412397464698438
s0.2mdn.net/simgad/ Frame CF2F 10 KB
10 KB 774ms
770ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8389412397464698438

Requested by

Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

sffe /

Resource Hash

3b4360ca28098a502944b07600e089919a49dbc89b4c1e3e0437ae2bf782835b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:29:04 GMT
x-content-type-options: nosniff
age: 447903
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9753
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 16:16:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Nov 2024 23:29:04 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame CF2F 43 B
393 B 66ms
63ms Image
image/gif 18.245.60.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=5ff38aa61a959ba04091
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-72.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:07 GMT
via: 1.1 5b17764336ffdab7d2a3e7707394867a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: 70t2FCiAnKtC3YCVX8vtV5s5BpCRKtPu-k169UySfJDu67dwcpU8RA==

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 070E 0
0 90ms
90ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CMosiWu9SZYHJL4GE1PIPlM-hmA-H9JKQXOjrpun1BMCNtwEQASAAYPXls4GIBIIBF2NhLXB1Yi0zOTQ0OTU0ODYyMzE2MjgzyAEJ4AIAqAMByAMCqgTiAU_QNYjhqKEtshZzjdrjen4-5t_ZvawZ-Q6zI6KP9zyTOEp-FYrjtsPhiJ2lzsUsVp0_0JQ64YoL4Ax933s9qmEt3ydPSlxrLA225ewCbdLwJpoux_wq3dqkmGaZu_V1rAMvbZLsLeDYMolxk1VjphsCOfaS11dlwkudia40hXcbvbwEYpjwjDe4tqug56P8tJnNwtNak750hUI3y3Pg6ijpwW-k0f16IMKn1FG-R30KtSpyFmvRZgoxCm-IR05nGwYpoHE7_73cp7hPQSaXx-qaF7nYWqkJopYEAcUWhp2lseTgBAGABt3XybuzsKe-1wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoD-gsCCAGADAHiDRMIgOuK5svCggMVAQJVCB2UZwjz0BUBgBcBshccChoSFHB1Yi0zOTQ0OTU0ODYyMzE2MjgzGJjbEA&sigh=-WN2ODUBNWg&uach_m=[UACH]&cid=CAQSOwDICaaNXjX3WTxxX6IuZPzJGPvcWewlcCkHAa3N0rtLBJKhC9vEYFakFVunr1F7xMNs-__3AtRRReipGAE&tpd=AGWhJmuYFa78v0EbS7sd8btWoYeC2pS3v0AOMwK0rXOmZVEJo6kNgkcvwYDzZYb065VD353raMweCNORDs6z49eL4YqF0Far2s4fn4gGrIxWy-CsOhRReL-GRsYXxCItT3HGNhjrAv8xY_jJFKGen1xrFciKdJvtqUD8I9PNHjwu_ZsHf3l-LpavHepFhzVb6fphqgwTyu1tY-Ns6bg6zskq0wcpuY8J-3rGkTGFpXvGhra7ebKTZO92YjETEHDXB6J3oPOL3-9iG5tMt2TLFEC_2dtaD9mp9gFUXNXSWlSgOeblhMVWx4mZRrm7K4U7t4Xa6IL1n3oADR4j76lhMWdxOARmxj3J3Ed1Yu86SCaUKXe0CCi0C5MaPBqkbhaHz7trMlQGuPOyTTuGNlZnreA7NwbkAUzI5oJHWZ476YSHFW5zuUSYk6kp46igZMLKwZ5S6ziKdbFqHGYW2eYmEy91Gozr8H69bW6Csi-xwWWiug4gF5IJ73vJab8hZBKFz4q6yAge7357yUDpk0kcGSTlivyaLmIgtfxqoq-tnSCCNIPU5PST7lbL9jT0Z3L45AG6n8aJyQPBW6CwUt77K7cLP88GGiBTipSuRTB4uzLx2hVeNFyn121HWjB4_Gl1oQuaGJ5rABuq-xC8vVf_5hh1Z8qo3przjhTGKt_bxjC24LS8Hu3CWqmYfnVq9iL6QbnKicO09Y4Y8xa8Cky0BOR7sBXpPoN7hmHfPij3eYF42nJ6-PmeKjEbdymvMoZ5yZ2u1INWuD5PewNuIBtU_WSRba34NyVwU7_VOCqht-aR7ESqeWCkVTKPHg3P&cbvp=2&vis=1
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lcfraa-aa-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ad-choices.svg
static.yieldmo.com/images/ Frame C6D0 699 B
1 KB 101ms
100ms Image
image/svg+xml 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Mon, 13 Nov 2023 10:41:55 GMT
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 61933
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: private, max-age=86400
x-response-headers-policy: static-yieldmo-com_svg
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: JSSHwm8Gq_htLhdxLR6j53Ij80UdwkkX0FGH4NJxESnY5ltpEMTFxA==

GET
H2 200 17571064577316851266
s0.2mdn.net/simgad/ Frame C6D0 63 KB
63 KB 657ms
656ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17571064577316851266

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

sffe /

Resource Hash

26cd2d91ae3c0a816c246c61271616256a632c6e55953e61c1533f9a681f9934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:06 GMT
x-content-type-options: nosniff
age: 449101
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64216
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 16:16:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Nov 2024 23:09:06 GMT

GET
H2 200 8389412397464698438
s0.2mdn.net/simgad/ Frame C6D0 10 KB
10 KB 657ms
657ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8389412397464698438

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

sffe /

Resource Hash

3b4360ca28098a502944b07600e089919a49dbc89b4c1e3e0437ae2bf782835b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:29:04 GMT
x-content-type-options: nosniff
age: 447903
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9753
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 16:16:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Nov 2024 23:29:04 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 147ms
146ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:07 GMT
x-amzn-RequestId: c77ba71f-25c9-0dc8-9ab7-5680911d2fc3

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame C6D0 133 B
569 B 170ms
169ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: c8c7dc42bcf92f233a6deaf5ccd2197589c7ab0e0c50c9223eb606d64e85420d

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=e7432633a933399d8bdbf757a426d79cdf0039ec020549beae1097d24f4bc05a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 722bceaf2a27cc5f96bc2f9077d94c2a81fc74aba467cb53aa88b05a6aa83a3c
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035407Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:07 GMT
x-amzn-RequestId: fda88209-5587-7b11-a064-7396e153591a
Content-Length: 133
x-amz-id-2: /IWFJGwJGZ5FdV+7tvo8gOXLdh/zG64jIpfeHc152a3ms/r/KfsVb80w7o/Q3+xKojrBHWokJ+8KAhbTaynkDHiUr3gkvxbB
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame C6D0 0
469 B 88ms
88ms XHR
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=7315198811636959066&plid=2521236318193655889&pvid=3406412741813180597&fmtid=52&e=11&rep_meta=5TCwfQdl80qfhyzIzyDV-aREiJKJHvCVr19lkp99pjLQDY2-0zQ-ZZa5_PAVekyMoEJzXEAqTbhsxQOf0SmursSYAAbMEBfdjQkNkLVXphTbdqmnw1DWwhKA1kl_H3TSIQKNNohl4TVNzM5RUh372iuZcTXMLrEyRMLV94Dkmhqu_RdCa2k__iLjEOY5Tr5noX_Ftf-scaQxzmsFw1-HJZsD6iTeet0IyaIB7FJkyjQ-pJ3Awj0arpDg_kESf3OBUGQNqVjnwhYQIv358EtYLy47G0Wr-vmSS4O0nNL6OTqlo91bso7tUp2Ov1_vo7mpGWydhaq2gfgcGA2BsdqNNfcIqlLchWCdq7vMfFxlG5NuxC0VRdPCrQ87To5xW6qn4w5qjdL5Jz79CFBseVKyQ2cZEp9y1u4ABEwpbRUdEXw&offsetX=999999&offsetY=999999&pvt=1699934042868&stime=1699934047644&etime=1699934047644&viewportHeight=1200&viewportWidth=1600&adSlotLeft=-992068%2C-999613&adSlotRight=-992068%2C-999613
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:07 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C1F1 21 KB
8 KB 82ms
80ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 03:54:07 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame C1F1 42 B
107 B 140ms
138ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6u-xfv1WKkjR1zxAIx5Mx-3yJ9xAHQsZ39GSFiZUt7kG9XSzzWNaoiVSnaVvQNAmVHQRarM0CyE9Ro08ajhfOBMxOGA&cry=1&dbm_d=AKAmf-B4CvAKCSalSaF9wdVPXybLyLD9kcXlIasEBGBmYhAx3SaxquVz5WO0_sALAlIOx4YtTm-fINTdJj2xK5y1b-LHd21bh7OXdLGQHAXVqB-8yNWTZGn6BdIwp53_7t2oWA958sPIEkHfEGkEmAyAaWe_cjW_OmlvMBuABUKMNxrXx7x4Z8v5Kyd8-uzNlmUjKM6E8lN0jtKIeN2sxuknmD_dVuwGEtNY4keNncF9N6mq4msDZJMhcZKIt2N78A0Tm-xdrkpld6O68RzK3l_GTsd6mdMVZU0fr0oAmo1q6_nQAIWaGIOl8UhrJ05H6BAuLSePXeJtS3zhqOIQLC2j9mVytWrMu8DT51xafblymy9oqSNU75M3L7aidedL13-ylbgYIWk_TwzrAUIe3nesTwyIyPA8TWmZGuok3j-uXUh1Xq9KcW-Ils4b7oHsPjxyjsvGutGvZ6k3mem55hatSKNVNN4bO_LuS22JY3n6IYWb8zdIxigcfFiz3WFsiX_ngaRoJuGFuDJIqlgCuiV_YS-SeL0Uk2rUb1ZwW2aB11vn_p5cG9wyx3NVyH1f_8FzSCxGqIqRs3l0vGUWXRwnQieYOJxNWe9In4CBtMP4g_gnY7gLlhNweHxhi7LNQbkAZrlHQp4q9u3xX2sO4QHOWCyK8SlDgpgIStZt8-vxsKUrRsMhhY4BTQUPIaAy6aXIRwVyObOuZPYecnTBQZO3IBQyelLYViuiTlYuadhIddtdVdut5nqM6uhhnWhqeiKYrfT921sb_opu2LLFIN2dOEyMJxqjkg10pTM2Nv9NimY6rFRryfDan4xTEmvpIkx4GB5ccwskbTBA0vDDMy9smNjMDvsygKLXEo39t4ApcMaymR_SSC5iT4ik0Ol7qxd_nY_dY4vJGq44BDRkHXyjq0BaMCGr9fNIlTU_WkcA1dT7CL9yKFddEb48qsDIanNiO2rHxFPN20NsEp1v78rnSwenbwP1tnele1QNo1AyZoH63Pcmr4AJFWAbhNq-M65OpGr7mGLjERLf7Q9Fix9f38Q8pj8hXhdxIR-59u8EfqVxYdfYhbBGY4hkMKJ3RPEA2sMqOH2GZm9-KzMg8nAg5gv9S7xrc4Umm4HYkOqJvk2MR2ub9pPbOjXOy_39mB7LD1F1AwaPktqCL7YHiCRZTT0m9eoJOqFN7uWtkgXuycMfWaG5LGiUb8XK8rOCA8USAZOImalPWIIoqJXtKEyvJ_o8fuXsUTSUON8xyqmFaSFiNoANABqfLC0_lG3o0wTwm5Ni7HI9boCnk7--9X5kDLUNSJ66y2KZo89EdM1hI5NSCRk1uGPwQbgwgtaob8Xuhz_XXSRCdfz89VPU2eFubnBhLibxWgo28JZgP4wWlTY4ylpHrkEEKQJs5csUcyhDXxSEvASDR9-7M4L1BMsykk5JGGgrshc8RI7wQgPdYd4VPRIwpZicpSyRRdBnt1p1k9sLCYjtJv2RIfg-VFhOjT8C-uwQRODwaHDivbawPpEJhr39ncHN33a_Gk6caAU5RBnN8lNr_wWQKHhJLSZkJzkdUgrWpXWVTLj8J312dYxMzh4AgJnCvOmqXtpyoq5fRDJ14gyqbXAL-3CEUtGa0HQbmB4hJPWdOsXzDRq1I1Hh1-x4hRdvC2zP6AepQL5njUXs0rFAqdqLSBjs8BXF34sji4MQOfRPXMaPSgjXF8SBxZHL7RIW5bp2roYqXLbUG6VHcalK-yp1kdUEaoC19PrddfbwxonR5C4eszbajByv8fD-bSHzmbeL4uTEryZzCadN-6lrjHpOsAlBFu0UZGKH8CC7QIHZl9itvGgeE-iLnEE3nf1oqpw3hFLZ-itlIpgMFDZr7fxtIXHgpWC18FEQbaMdaXb8VSNiLCYj64BxGjo9hATL0TFPrBIniHeqynE9LGIfIzHY7SJEKLgjMV1b3GM89vB11ZmPUjv2cYmC4ZZnLF1vbyqDo1tG3u39ni4N7DDhCX0SR2E1DsrlxiH7XqGlhYDM6dl0YJrDk2FMd9ug9iYzSMGtsS6HlIK53MHCBvfEBvf2DQyYXyuX1AMnaC-LZqb0nFuc0I5PTRH-C04fZEjcRqfQeJ4H0fy5Q7CfBB0LpjJQQ5Rh3pTUgxo6BYVlC56r-ubGiSKURn3lx-8tBK_5tonSTLZCue2T6IfeU8fOurIy3B_rCDEbQwdmY0PiFaZQrmFYB9-gSgJSedKw34zTVnbS0XjUXloVxBPsSuKdNbzNfw5t-0vx2cWJE_J0gaA3BzlqJAjDZQohH53u3ecHypkG_T4E3kOdQ_tJiP0ZfGdYghpXHD8oGll6_mvbZYjMqiulbE1tm0voHJz2nXjUA5zzolsrbQgTx1lBA7jqcfg3O7k42sSsn869gp54DJ-7hHQvSLe6cDC6cYeIXA2uTdRwHaNmwhv4CQ4cMvx6LBH7mc8kBdQ8H0i4n3KuYWYTy88HK_0h9pXIWJvgTsY&pr=67:0.365387&cid=CAQSMgDICaaN2HzOJJwVTjh1nJqnA2X_Tigv_yCQHQ8mpcnnYRCvu67Q2lFihu7BYtN1RxgHGAE&dc_exteid=31358248232036572669909833093966914&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame C6D0 43 B
394 B 82ms
81ms Image
image/gif 18.245.60.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=422ac7cd49d66999a1e6
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-72.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:07 GMT
via: 1.1 5b17764336ffdab7d2a3e7707394867a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: 7lQXntrofHQGkmn_qoKYd5dfxv_A64EnTQ_Q-pTlBxgfTgL5xVU7ug==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame D493 133 B
569 B 170ms
169ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: f3b6988247a9a7f88e5a4d7bba8b6a9b4d72e145140e58965edc14f8734a2470

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=71a8cbf3feb49126ef210dc245ceec3cd906ad987ae7d0021845077869c8eeaf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 22acb95b0218859336e4cec3d6a312d1d0cf7a5e5c53f224a2d35a3f6f3ecaff
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035407Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:07 GMT
x-amzn-RequestId: deefacb6-f9d3-4526-8323-5d299b8aa1f7
Content-Length: 133
x-amz-id-2: ZqcGC37f68Smg2udSXLOyZ0LguZ3HF3/7HBxoYauHf8D6xlEB6ViUYdnasWJ4SKmYD+cEw47hKeAuTli2s7PFxIBkeMUUEys
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 171ms
170ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:07 GMT
x-amzn-RequestId: c2673952-20f6-dfe5-9fab-c8cd42af3b34

GET
H2 200 ad-choices.svg
static.yieldmo.com/images/ Frame 070E 699 B
1 KB 97ms
96ms Image
image/svg+xml 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Mon, 13 Nov 2023 10:41:55 GMT
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 61933
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: private, max-age=86400
x-response-headers-policy: static-yieldmo-com_svg
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: 86xQtDNO7kUA94oRRMatM7Uqo_6iWljy4fBHz2EQneAZHrUVujJlqw==

GET
H2 200 8848508277141994890
s0.2mdn.net/simgad/ Frame 070E 80 KB
80 KB 540ms
539ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8848508277141994890

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

sffe /

Resource Hash

16f4deaca6ba7c9445274a0f63fcf0f04dda4192ac7fbfdc2fda220a2ce01b02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 08:50:39 GMT
x-content-type-options: nosniff
age: 500608
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81569
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 16:16:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Nov 2024 08:50:39 GMT

GET
H2 200 12848886564002658733
s0.2mdn.net/simgad/ Frame 070E 10 KB
10 KB 540ms
540ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12848886564002658733

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

sffe /

Resource Hash

3b4360ca28098a502944b07600e089919a49dbc89b4c1e3e0437ae2bf782835b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 03:22:24 GMT
x-content-type-options: nosniff
age: 347503
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9753
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 16:16:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 03:22:24 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 151ms
150ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:07 GMT
x-amzn-RequestId: dadcf5f8-c167-d0d1-8710-0467f17d1f1b

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 070E 133 B
569 B 162ms
161ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: 28222920d9152366bfafcf1ec991d1c0ae4dbf00a49dfa055ce4f14607e2a1ce

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=f6d863a0f89c0885aec3e29794e60a0d5d79e1f9af7be0dd8a59e3c42ba524ad
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: bd2b58ffdb53c5ec222d724aa06d5ac6fe5f69ae8a5bdec5a932447984593cc6
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035407Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:08 GMT
x-amzn-RequestId: f2f79559-87db-8830-af3b-64f9330faa3b
Content-Length: 133
x-amz-id-2: pwVZGNN+wHGohYiRDeu1qXsOQevIjlp6PSdlESsR6Mg1igPb13Wt+T1Anktn9qDgxLINsDJXvs/aGldASX8meOlshn09KrUU
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 070E 0
469 B 88ms
87ms XHR
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=3037460314043235416&plid=2521236318193655889&pvid=3406412741603456321&fmtid=52&e=11&rep_meta=20IhmogU2xdiegwD_TNR_RnHs2FMS9tis8Fs7wi16gtcZaqnW4gj_6SiPqvUnQSD9CJlpHmJ395hxvjyPgIiye2L3UWpduPqGeH3H86AHggib15LkyX1B0jZ5Pg2TCt9ytseXipuCjX75wdBPNuQuPK5pKfyOYjPTjQ0MyLYeJUx8rzk6xXP-6YR27GeoETeTIfwqobUcE4OmrLd0QHro7S8kqUvoApCjXZ6WA7YG-L5ckndCtFtECU0fr0v-6mWB9GOzsLrkMnRMp30XVgEsk3fQaFTCQcrHOu63O-pKOKGrtlKxzgce4cfS6LosV4PvzWLpm2Sc7mEJRQWP4SqQC9ZI-AZ8yZFCBCtLBOM28zjw-WqftJOhbId-ys_alB17n8w8PKGPOHj7_7WQY2rJjTDxTXvr2p4HbLaXAcIFgQ&offsetX=999999&offsetY=999999&pvt=1699934042843&stime=1699934047810&etime=1699934047810&viewportHeight=1200&viewportWidth=1600&adSlotLeft=-994698%2C-999613&adSlotRight=-994698%2C-999613
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:07 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H/1.1 200
OK analytics.js Show response
s.update.tas.yieldmo.com/2/518423/ Frame 4151 6 KB
3 KB 83ms
82ms Script
text/javascript 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3406412741603456321&pv=ceb77ef4-6942-4245-894c-770ee57cbe67&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3406412741603456321&bt=programmatic&gt=ch

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-253-142-96.eu-west-1.compute.amazonaws.com

Software

Resource Hash

a71016da2e5eaa43717ddb49f4e8e89c322d5212e6a68959d00b6af68f600fa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Nov 2023 03:54:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 2700
Expires: 0

GET
H2 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 87C9 21 KB
8 KB 134ms
133ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 03:54:07 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame 87C9 42 B
107 B 135ms
135ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AD-vRngpCrx4IN95qVoWPivb6z73jkk6k58EssFb6eyuIdYGDSF2ScPEqcsLQRutUNcHj9k-j62k9dPwg3omVqc9bSzA&cry=1&dbm_d=AKAmf-Cw_JlLxygu8B28QaM_0h7pXGNr39XNBEJzW_T6gi6Na71a547fZG_C733jkMMbeN0e9i1ZPSibLUkVZrqgLR9Am_O7bWHz6BxbMTJT6lroCcQnZTbUguwDwG2CRVDZkDyT-SMob4QuRVvWrsGaySgVcRaI8DWV1Nra-bNpdiQUJVR_qkYXDv7dQmce9UKweGZMUmrvjLx1xA_0WH6PazafbNVZI9pFW4Ymz4Y5MQKfs3N2cdc74znhMVMTXQACQ4NA_NUzVD0WCpPL2vwThF16jgrUmxby9EXVT7Ed2mmqzw9gD_aZu8-IX71QNpBiw6XrrpEo_z9bRtVCy5N6ncsIcxDkUBf6MNzTxkfWMMRzwIirHXaFe1YeTGH8HOVdOAoATTFWwUrbAFXQ6eYi5Ktvo0WvQ9B1HY_lbVIAchZ-ssAhXtG8op9LP2aBZudPnl7UV0vAuGcmL_WdewuFpu5hrQqZK83P1pXInrpJYnfaogYx-fl-d17JaHjI6fbkeDFob3b8SJl0cJonpcoKhUykQxqK85KqQOk2sjcm2mPBIlt8obJ1FiqeVQjCdzGfrJMAaVXkyXAFiEmK_ewECxBLtf9YL_vV7pwVxgGPk5-p5GIMJCaBT6CU2kLF2TiN5ct1X6wkxRm0a218Z1SaWh3edfv8RviN116jWQhcS0cUVq4Hfg8SATWZLyzp2vyB6wMnQ713xpOAzi2u8_DMj1P2Pkm5QlU4K8tCxCa1S1lWCoxElf-TBWJlRNiP0vB1ePTxVkVyBnei8f2jxRUwZn7zMtL4tT4nlmrrzusCfP8IgDAz_-332U9lRinKPGNbKFmmLcKdcFQbOqB89AU7_5d000zUiN3pHJaoA_mmVRZgyGFsMka9XP4fo3YdiI-oVHECLa_Ugzone1-29_cR59UhrEbDWoNWkw4XtYODUx0Ir19Be3ErRr2-WAxvXYGtnIMksuh71poW5UFz2v1ICbYBO5_6NkRtWbPb8r0ZdgwXij-D77rABCl6gL9hYVYIjMBHU779QQHm8_Zrm8i8IfWtTeTFme7rgcso0G1CSlf2RXzOxJpOp9UPt5R974yUFAMZtuTBHAuJ0-UwTCnksAfS_8r20LxIgot2QbIYuxorr_ZZDh46VOJDUUdBSpF6C9Nz2_6_OC_4iQwkEdARni46U2THIftmunCYcuS4g8BMoi-7_8CFRva-sDsZggzHfntc-wbTzTcyaNHz8CGvxywsTIldzOSOAzZRsi5sGAM0co1MneKI6Vb5FGNCrcfQatdIctJSaOUP_S7Jh1KIMgxk8l5e-OmTJQ7fEv5QzxVLiBxQr56ZwEP3P9k3X8LJlmEWYqPlY9OiyMCcm9P7gGIGjuDZWXQwe2JiHfkZTOLV4bjkhPlzQgbnRUKSBXTd4Uu6niy3ZeGyqinl76VdudWpKU4TgMkIqkyuOF3sAJ8VUgUASlRZGOAo7lXGApahb-la5WN2_2G6D-vUi8mxSQ56IOOc8wYBzJnqWtFE5RPm7bD0-054RDRm7ryuuaoquOLtXMbhFkP7aqV9Uu5LmWboMorApdvSmPcKLwYzNFhIVP_ZRUkDCUIuu1hOR_pmQtaamwLdDeT95QbBZxbeO79edc2UWSZZjc779uHmAXHhmhBFi32AEyj7GPFt_oNgdFr7fFz975rPrKH0joOqDFtWSh_Jx8VYRuQcTkBbh1LHZZvpA5vdV_0dBQ0uP71p6Zk0V2zQAMTRQ1l_99OEi1sao5YH1kxQW43N4uvgY82O22thlueDPSL8n0m4hnduwkbAritewpLEGPK8F4CQpzo39ISGOopInzWoupleSe08XECAUvUp6cwgnUmLUnHoehfL8PP8thW2Jnq0xHuTDD0QcSD8P7DWkfWG4nyDvG9Cs8kEebOjcic3ERZq-h-iF1E2GU7E1jzowZOkuDBVqVplUsxD5I3L1trlb4r2IdMgy2h6rpk5ceJW_GzcWsl-Y-iylvsuoaSHsG5Qb89fh8k0voRrAgmPwyJImjkRqSBwrl4WNswVGIEeUsGOLeOUkX0AKWdJ5iX-xkYjIHdJnVneCQGkKhJJFnfjsRaYSYTqV3-ZgFirIDEqdt5kyyWeOVp3qLWJoHTNoLhSp5_ClKR0nkZ5wD4zZIdODkkyhIDeAJRIUqdUf4v0Ua6IHnQEQvwQCR4NSSNKtvrCxFNLNcqew4V2P_5jZFrGX9rvlSvOYrWF_wHeNddooKZ6ha-uK-8P8WWeehmVaVXukrW0_t4q9M0xhywHQuDwnKwB1lRXFP92MhdKE5NtRweQGeHa5WXG9l01ZF_Y1qSwwFQLpqkBBFDJK2cmqHQl200xoMp--ZNdjeUaN7e8oBUCRDEvUph4m7DdEyPVDOsMmnN8JAgbnr48l6GHVMOQV8qen3_F2lM--5OGX4JNDrPidfTKIOQJS_31&pr=67:0.425150&cid=CAQSMgDICaaNI6kIhs3U5d_QjpNMPcS8NkfK9NEgHut-34fCt5E0kw5IZ8r7b5qDREO7zWimGAE&dc_exteid=31358248232102242951353758426429167&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame 070E 43 B
395 B 134ms
134ms Image
image/gif 18.245.60.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=d0d587fd9a0a6ae4d29b
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-72.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:07 GMT
via: 1.1 5b17764336ffdab7d2a3e7707394867a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: 6XymqkTpMGBhKHDmsmgI4OpVXnCSPQe0F1mAW84j2HEDZ0ha1KBVHA==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CC30 14 KB
11 KB 772ms
68ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

44932693a18808f2cd2f4b83c025b3ed2ac502590447014b8c498048ba2e41f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10450
x-xss-protection: 0

GET
H2 200 ad-choices.svg
static.yieldmo.com/images/ Frame 64F8 699 B
1 KB 51ms
51ms Image
image/svg+xml 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Mon, 13 Nov 2023 10:41:55 GMT
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 61933
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: private, max-age=86400
x-response-headers-policy: static-yieldmo-com_svg
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: Xx5UKt4cQ8k7sS8FgxmLTqSUI-j7xYWmk_GsT65Yj54p8EtvcIVD4Q==

GET
H2 200 17571064577316851266
s0.2mdn.net/simgad/ Frame 64F8 63 KB
63 KB 435ms
435ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17571064577316851266

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

sffe /

Resource Hash

26cd2d91ae3c0a816c246c61271616256a632c6e55953e61c1533f9a681f9934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:06 GMT
x-content-type-options: nosniff
age: 449101
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64216
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 16:16:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Nov 2024 23:09:06 GMT

GET
H2 200 8389412397464698438
s0.2mdn.net/simgad/ Frame 64F8 10 KB
10 KB 488ms
487ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8389412397464698438

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

sffe /

Resource Hash

3b4360ca28098a502944b07600e089919a49dbc89b4c1e3e0437ae2bf782835b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:29:04 GMT
x-content-type-options: nosniff
age: 447903
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9753
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 16:16:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Nov 2024 23:29:04 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 150ms
150ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:08 GMT
x-amzn-RequestId: e14e31b3-3964-0345-bc82-c013097ecc8f

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 64F8 133 B
569 B 165ms
163ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: f7b69275b42bf4a8c71204b1d2aff179c0f7d56130bafd988a22df93e97c05a2

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=eafd918bcd54d672fc56ac0591f8ee2c38895b4f5c74ef4e3c625773203f7f4d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 5e96a8c51439bdf99236c29ad538511badccf0b76a9d09916d28d11288702051
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035407Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:08 GMT
x-amzn-RequestId: c803e881-0dcf-82fc-95cf-19213dd54d36
Content-Length: 133
x-amz-id-2: pKG/POCZ7bGXyeIOsc95bC8eFZePXxwJppObsOQNJ5p2fwzSxuLyaCbHmWWGj3RBGEUQCbzWLqIXDFiCn7mkxkaH8a1IwVH8
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 64F8 0
469 B 92ms
91ms XHR
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=3255630530178913474&plid=2521236318193655889&pvid=3406412741603455307&fmtid=52&e=11&rep_meta=mN4WpyQsj7QNnF5O9Zy6Oj0FzSPVSYKjUUcH82C6TiTLC0ARUQ92vz9qDljYG_BfDiBpk3dESN3bATx5SSHWsK_HGRdApQTaQUWxwz_cr1oK-vJxPgV7jQEzbuMACotdFrB9so4pw1u4isMljlf0yULPKtcK42N51jwXMN_F0h_k9p-OtsDyB_cIbtk9yXiDB3-TO21fKI64_V7OHuPWObwpgLl_MXOrIC4jX4plNn3SiENCCW4dQgm8Hjm9bOBoruceZZK01OZnX5PLc0MOeYt6KNZZA67aXsp_mhk0Mi6DI9Bk1Q2rNJCTlw6L7duxijibeAvLJH73DhgBQaYoDlneVL_7QazbLLa9_ZzqB3RgngtnoK5bv_exouIUQNBhb18tgtBC1xThbeTpJxxe67oaVsy_OLD37L7dXqxmzrc&offsetX=999999&offsetY=999999&pvt=1699934042843&stime=1699934047974&etime=1699934047974&viewportHeight=1200&viewportWidth=1600&adSlotLeft=-996466%2C-999613&adSlotRight=-996466%2C-999613
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:08 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F92D 21 KB
8 KB 87ms
86ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 03:54:08 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame F92D 42 B
107 B 143ms
143ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A7jZu8jQi1Rc9d7tnuPj5XQFHkNbRvzYQ4Mzwkhdkro4a9hJuEFp3BA3GjQZ6Ik7hCFgIgiiRxwvtBRyI81HNbWcWOyg&cry=1&dbm_d=AKAmf-AJMXlRoI2sxBjh7KBdswSlYdSnAbVsooowALW6ISKqTJ1Aan4gCgaRJtZV-q7Jc-FmGIhBZbNcYOtxMMGhyPlpFhISkVT_8nfWrzCuvgos2gBubmpD9dUuXSXgqjDF0u4FlvaVHKlD7LgycWuhcwfnhT54vcNrWSi6vF5zI45hICZ299Vh-8vyFuoTMf7uBgfqV9t-ptT5BkRyWVYTLR0CQboVyZPehfTBQ2K1YvZpf-redGlLsWiEMHnFBIQpZKnJzg8Dm8KeiXo32mHNVrPFgy4FT0fBwo1TTxPCtTTPAVgwdBMIX2wtxoT1h_6ntQNkv1p2ydwxl1i7QxF5xR30aAFGrDk2T0UZmTyJzpYnr6hYiQ4IxfajXBt3nn_vVHM7wpJ4rtOIUkxPoH-eNmfnj-M9cFi5_OQcXTHRSWUIDZRd52k47K94l4N4jgH6MYS7DeOCWi7jGn3nogaTIIjC9Ri4gjUQRT1ICvKQihdJERblIvQCvQHyOUYcIH_7NVltmKhUCPX73vWKI5ncNpPxXVWqhPciOyiMOb6tgw-ikIKTcLEn6mMg8saA0cNqWDvtc1iu2z5A0jThAhLauAJVEIOpAEwxXwQOKuOKoCWptH6vcqSQB96uSvgiSudkZrJO61Kh2PvMjauM3yIf4rsNlAkjtlA6uod4aku4GyDgnJGD3KKQWrO2XENtUu2kXyuCH1x4sd8Vr5Ice8LJF-qKOqN3jkhILAhZptcVohzp0mSj523yZMQ33iswynC6pkbWEpAfJARNwRMa44Vk1xoxEwzW0-KhJafixDiFcm77fiMAONdk_S3FbZem3bKDNX3qw0gLc2IX2AFKDxO7iZp9GfbEW59svymrKAhYXZewApLef5_sL9I9l5VBftknXxzow0-ENLfSIEylNPN15xszgkWkFaCmEfPqkYK8O3uzzeeBbNTXlAkHvq53YdFfvHGPJ85H9N2S2wI7ZuywJP4elD1WoZU28KaLeVxfA001ADzItiGnRyMVu06d5eg-t-QIjAHdLK6ewI6pja19JrTZ2qdg1I4hKffoud1GL8h8DNrgBqHXXyCjvB5fBk9Z88DHzs0GOF_tEDYXFT_rHhyfA6gzyeK1k6Csl_HwGxaMmQPnl97bxVkY2A19oe24riy9PdyxrctCajX0GkvWBZsU7KkjuNvpa3kyzPgIyTMQBERG4KsBR0f49JBXyL9L_ppUTuLj_zMaTHlqSPQZBl1eAzaw1F6RCprbDW7sieohBe2tedicheNLr73rsaBok-AgHVMyPLu5vn-_gj3jWxu2sU3E-Je3qxHvDDoab-cEc9Yk5vgCMBJE537AT8U4K4IeYk4L0A-6gXe9BVGALVo56Lx8UpVHUw6Ltp7d3a20KbrVXbb7Fyd1X2910NYUZSTz37sxKZURW6f0s2F64VQQ3L7CDxnmafA00l6bwRTMi-xfVeeVtCF4vkON71wqGd_vj2_MXSjm6fNAfcWByFbYQ4ZydhLS3PbJ4O9zEId2dhw6FUOUH1aUQnBA_jUpjIp0bpw6Gxkdigo97wFntwxTroulVOyKeo6OQ4ZaSiZDLK99mLhS5Hq165QXq0iYa7aY4KsFU_OkUJxjNgOOeI_h2WbK9nrUDlsxcGAcINNqSafqEg1wpvBmHt0ASJ7tdRVQjZzM1olp2IrvFBBOvyLvJ2ZEDp7favewR_DrapWhF85EPjSMlGgMXKTyc_Xdlejv3XVsYbyVlAvKTNsiIr6ZHc3Zt8qb8BTj1jKoe0YWCwx85r4MVW_uAWTGJjzNssRkQkmPeSHo70uniFxDCP5FUw4kK9CK0qLQ0I2mQoMOauLYfwAwCzv2ygqIWkVah4y_H7jzc0a5evzeAWO2X_Exnwi1KCH9DuaUB-Sk4idrfd28E7-BcB7yMMNiYdq2xp-srL_moFY78VZFkLVXNrNuTT5s1BIR3vcBsClsc6em6FecjaBH7HZ6WbdzH9p2qZ_gJsyzIP7T-Leob5oPDUlNN8P5i9wOPRj6uU5za4SQF7MZrTY7G_9rcrn2F8o17uDUui3m5nCdx2JwenVGaK_889YFdO9jT82JbTHAY0HYxkbsKbDJXKeG_kMLKxuGWDxtDTq8oGhSty_OZ9sO92TlqXf8KSgE3y01FkL-_9U7BTr5Siu9Sk-015prPfxkxaaGMosa1LRUlG-fXadnmtLTVW4xbjppPFWGN7Cl-ozW6URzmNUAgwInaNqKDFCka8eTDM-zAVByTkxK8EegUJjgGlFdJeXlF16gxJxGQKT592tR5dCyjvmxYMctVLNauMKIpAKmngJZtPXf1neyGYGQigMJDbxthcTKuzutJwA48oAPNhdIzOMKVdjG5GtmMI9ZeVwvY8_MJQFuE6req6eVyuCUMNeE51RjvnCaTlcXv5TlnNqEc10Ygd9bjY0x2FR2swYADWPAEKGSYqJ8nptZKie8-ofwkD0R7YE_ak2YXSpEJoc&pr=67:0.365387&cid=CAQSMgDICaaNj_mslc7oV0E-3CQQpu0JNMzri3zkTwbVuXRqz5OvnAh8WKaCAs8TbKstjxjzGAE&dc_exteid=31358248232063431129296246061508390&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame 64F8 43 B
393 B 86ms
86ms Image
image/gif 18.245.60.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=2c77601e707d73eb8ba0
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-72.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:08 GMT
via: 1.1 5b17764336ffdab7d2a3e7707394867a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: 8r_nYxOiI3_A-pC7TIzwddgZzERtfvehrU5Q7riHtidaljjrtO5CfQ==

GET
H2 200 ad-choices.svg
static.yieldmo.com/images/ Frame CD56 699 B
1 KB 72ms
71ms Image
image/svg+xml 18.245.60.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-74.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Mon, 13 Nov 2023 10:41:55 GMT
via: 1.1 e505058447bf5e74cc264f4e72f27bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 61934
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: private, max-age=86400
x-response-headers-policy: static-yieldmo-com_svg
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: MuWR8QmwSRDvI9MUJD5jUA_DTpoTJlJczRBkboT7wb38_ri_itRpIQ==

GET
H2 200 17571064577316851266
s0.2mdn.net/simgad/ Frame CD56 63 KB
63 KB 395ms
395ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17571064577316851266

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

sffe /

Resource Hash

26cd2d91ae3c0a816c246c61271616256a632c6e55953e61c1533f9a681f9934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:09:06 GMT
x-content-type-options: nosniff
age: 449102
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64216
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 16:16:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Nov 2024 23:09:06 GMT

GET
H2 200 8389412397464698438
s0.2mdn.net/simgad/ Frame CD56 10 KB
10 KB 396ms
396ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8389412397464698438

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

sffe /

Resource Hash

3b4360ca28098a502944b07600e089919a49dbc89b4c1e3e0437ae2bf782835b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 08 Nov 2023 23:29:04 GMT
x-content-type-options: nosniff
age: 447904
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9753
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 16:16:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Nov 2024 23:29:04 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 173ms
172ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:08 GMT
x-amzn-RequestId: f8825802-3888-3c14-a54e-a9a25ad1d8c5

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame CD56 133 B
569 B 160ms
159ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: 8abdd8c3dcf4c686313c667eeee1410a79d8e03be3e11c7bf385d744063b5386

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=780b2511ba339d66698a7f8aa07b7a6fab351a5c5739cf57d94cf89485b1ed56
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: bf5e96963d27cfb3a47feed9c66f76528cc5dfc61434fddfe35dda15f76952c4
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035408Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:08 GMT
x-amzn-RequestId: ee43edf6-c29b-d351-b38f-1c56764ff15a
Content-Length: 133
x-amz-id-2: xn20Bn2NodAldUlC5qo+VMafBcPKDdNclrR7wJ4Xc/oL31QV/N2fca79bbafWbcdCPL/yB/Eh0tKpPlYEHzLLYOlrb435qJ/
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame CD56 0
469 B 116ms
115ms XHR
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=1882986022487144822&plid=2521236318193655889&pvid=3406412741804773331&fmtid=52&e=11&rep_meta=NI3qr8CBzr2-zLdUkGcINYKKs8w51PK0vgfffFOIiq7L9JlGT0dVpzxp0gOgEuNv-VQv9Gjtv26zgmHn5OSA_N6m5v5Wm9VKSaYbMJGCVpbY93nFnpcFQG6H60zHACd_RlQ4N2ijaOBrnnemqV0Mu7hKnmqiawD07z15K6w37cLKDS5ce6yMbF0wlgHcd8IlWoVoC2UeUz047JqN8Y_yl0obD-tx85TgBk-4Hnc9YOPn35WmAp3qM8R9cfOwBML-AoMfDsMY1i-dOSJDZvDoNW38eLVisGUJVGD4gN4SSenH9-aRsCxe04m19UpGP7dszfd8fS3wL3r5WYfMuy_ZNHotbAAg8YL8X6eXJu1rhcVSNtLNX_Ms_NLiX3DtiS6vJphNaE541ifKe8YwNEYq6flsPyHK4i5nTAy2bzrML_4&offsetX=999999&offsetY=999999&pvt=1699934042867&stime=1699934048119&etime=1699934048119&viewportHeight=1200&viewportWidth=1600&adSlotLeft=-992974%2C-999613&adSlotRight=-992974%2C-999613
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:08 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1679 21 KB
8 KB 108ms
106ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Nov 2023 03:54:08 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame 1679 42 B
107 B 109ms
108ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DovLNZX01Kf_7goZXjC5ihVTwI4oxt7r-j2xdN5va2X_mFD7rGkOeMWG1GDvvjeSTVyl-o8xFS74Wds-y-JOh4hDopCg&cry=1&dbm_d=AKAmf-BIW2CK0PDRnZi0q1uN0SW8tfNpmzKwZSvvfXeBEElwNBi3tisN0wXbR_kQTRl_NttQn85gBVKEW8TYon09gAN04S8kVz0jOboB0DSXqXg6jG4KAV0XqHfOsLCzhZdlS1DOrr9Oy4wEiRTkREHdVKcjEXCYXfgZqiVndM236d5YYpLOZkfkMi3dVc7dtygWTRVYgMRJBKUNMKEVTdMCgDtfpbLcoPU73EadCB0NjXkMwIB5UOXlKPhk4StRf_4z1GP3217K6h7rmwvQtqCKOlKqLfsvVPtqKlFhj2UaKPcE0GQSjtO07BQhM6RcjyadUZHl9wywgWgzDyRjXaLtWt7CHMPJcj2lvOkDhTtY6tHkBVSHcDDB14Tq5VN7miByPe_fYReOieHKrHgUMfcSspuRrTd16mN01vSespxfwoBpjsqB1bFYMWnAn43ZI08D8yhnR4cg9znLJ4LSDpq4EtfexcO0OFCizJ7s8C2jas1gIpGP_N17mdo2xcYVEMu1gXU5XeH9g4fyHNwyC12eywxKlNQ4iUOSeAJdUSQM0YeKpdOcLhN0Z52MCsK1fWX008TjZOtbdEa9Gr5awvIkieP1DQekyJV59o_CY_2tcEQW9nq59zLJl9kSwPnrRAc7aE9pZ9Vso1BNjwbN8lp6xYq5Wg_QwuNaCcM6CR_2QeRJXcYY8r4Yrh5ckv7KQRMPjMiC13L_RqYS4KZCUgN1wBOL5x-AZ2vsjOR8Udv3kJQQM43AijHK3W0v9E7FWhb1DK7Q8QeD-32gQe2IjQ-wY5RkFoYOoGh2Q1Wk4u_6VBX6aryF6Nvj2DZ1QqEkUJfGO9Oji0KO8Xg3EJHtnelVmP94S7czufcMESc-SZOaQ-3JrJFGu_Tl87SkVntv3_Yvz55L8MRqjknsQgeZXypIbnpXAnn8ap8pCWvqtg3clRVEsh0mBDmYQJmnbmxXrTQQ95nSDAkJzpXZDHDyK1gOvnemXlNPwhuzug3-dii4WTQWU78lFcJ2PvlnuExXp3T3C4BB1oKDjaAREl7YLRjS9onEMSmKYTNY-ph2b036x8LRes4WI9ln02EzlWyj8zYfcdhMFe8hHS4g5ytTmhy56A4SxG4xSj7hc9hZXtkaqDansP0gMwDb2eEP_qiGInhv13-RVnsAORk7ktRVKwovitE4Ccg4coQ58XTO1nRKquPM08jPn53CITJa-_-68hODTwT-fRXxw0iPRRoupy4EHtKtMn_hjPoYSDOV30t_jSgQdDluclX3w1l8MZfInNf6qSmaSh3j1z3pOsp5HBO8Z9LKEaMPyAl1WL7YLtE_4cCUfkhah5XaHDRaETz3vIT1aH5FBn3eRFEuL4YIAP9VXp0X2hRsg_9R6l_BUOyYWyD9hlUWrCFZc0CHWu5NtWCDyKbBq4Ll-Xuc3PiQ00HFLNaXYJaPXtho9xur6gId9DHklmvctcLFS805KWoFt_w0DstJk6IHHTBrk8jqgw7406ceyAoamDf5p5BdOYDDyBzQMe8gnjuwpIr1aPt-m2c1p0vfocXHYpQHop2mYPwEAaO8b5YLO_4iBCxzGFJ8_jYMe1ogJWEVRO3dfVOsE8KglbRsPtnCGOkJIBYQzXqIHrE7S7QpPc-lRvNMp3PVnWjiVaPZXhAqUfa4vBFgr6Fwwrj-NZPP35gXAw83EcHlCbRBVio2SdBJx30GXjb-7uRl3Nix3ABU7-F4clfhByqBRJWrlXEiG7LhIYGyQ4BuexGBexl4qJ7iy1TjwmBp8EP2YsqDWLVzu3wbEq7p9SmRA1lqQkD_Nh-hyELQFhlEwLMHi24oYD9CviknZ2bocCWl0BgzoKMwUg1tDlpgunDpetcMhYp6WFFrWn6juKdCZEPEC_AtsZ2P5P_sI-7nN9SjUy3wuiVcszbEJ1Rw250FfBfXmtG6AQFPLPn4T8UyALv3dr38lChx2w1oFaLDOZvyXtGXQU7dbw-o16ty8hRLBtTOBUNJwHcJK4tMX0eKbSofuU9C7HBUZhIdQ1-K3ZQSNlxzJUI4NbuVlBYikL_x3V2uOUZFYmkybheGyDn0wggSrQMRODxwml7gfK4WZFwnc0SOO0tK8uHa11keUN4_Dudgi31r_3q-z7eFVZCIGj4VR_L_q4Qle2XReK3d2hKwbt-eGxUY2-oPS6n-JNv7kkbRALAeAQI_J1gaEE3gwEgfi93I0E8gbZ5uMBLECGxVhZUrOI0JQLOhNDzYsM_16J6y6SPE_A6B-gynSgTy2qJ-JSnbEhnbXM1_-xPXj9E4N-Ob1OazOXveo0eAoW55QK0iImGnzNQjaClrb9vM1JuRcaWtBPEjwAqfGrhmH752luXm0X2jNUl-HKoqWznDoAkBgXdNVKqldWNhhFS4h9opcieNiyby2sfSXyMDZaPkC9tLw-E3MP9PJB0kg7Ij8xBgZpSSgM8K9IseBznhQUjyOfY85NzD0TKuxov9suB3WavE0Zc&pr=67:0.450989&cid=CAQSMgDICaaNvl6fS8nprEAVP0xCdHLiCsPVTh2D5EJuX613jgQyqM9ZSO1nDZ3PWhgthQU1GAE&dc_exteid=31358248232235631357754751613886515&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame CD56 43 B
395 B 54ms
53ms Image
image/gif 18.245.60.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=5ad78d28c9342273730f
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-72.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:08 GMT
via: 1.1 5b17764336ffdab7d2a3e7707394867a.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: ozVgFwP-UOZnz1UClBjQ6yLgQKuakG0dDDWoD9QYuVnE230eRwPrXQ==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7D48 14 KB
10 KB 470ms
76ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

f8e9bdcf6c304e14a39d88ce0bf5d985719864b15af3122ace46a1c7a470b066

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10470
x-xss-protection: 0

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame D493 133 B
569 B 159ms
158ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: 2046d5c0db10d7198f7dafcca28561a29ed76fe1f72c1b659783c8fb59abd7dc

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=26f9855b2f0692852e041c14c257413e064c87557889a22ed0e8ee78388fc524
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 3a6d6e316aff192c1a8e93213841205cb10adb725b3429d796f94914c50721e2
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035408Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:08 GMT
x-amzn-RequestId: d561281b-e441-3999-88ad-d9bb8618dd48
Content-Length: 133
x-amz-id-2: ETcffJCVlz21nsFA4/ofi7570fPvkCGlptK68/NYmVnKLBEGwFgDWftFZEtDpO6+dI39uwO0P2GWRfLMewkIJw5wLyZrd4XN
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 132ms
131ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:08 GMT
x-amzn-RequestId: faa92ce1-c2c8-3045-a765-dd41761c124e

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame D493 0
340 B 76ms
75ms XHR
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=mrcv&imp=3705549153950893210&plid=2521236318193655889&pvid=3406412728534012548&fmtid=52&offsetX=380&offsetY=-182.140625&pvt=1699934041285&stime=1699934048162&etime=1699934048162&viewportHeight=1200&viewportWidth=1600&adSlotLeft=1107%2C6&adSlotRight=1107%2C6
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:08 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 178ms
177ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:08 GMT
x-amzn-RequestId: d152b5b1-5220-a4d6-8c9e-44119077b77c

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 8B42 133 B
569 B 278ms
278ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: f1ae93d3da658cbe1c56e31ab8499d21bce2e219b460683627689b6d23244dae

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=fa655b47f9413a83f1566b6c0e00f3fc4ce31bd99aa7bcfd17dd6c5efbdfb828
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: a640ae7309ca64d47e9824a870012dd79086afe5c745972f8348922150fdc176
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035408Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:08 GMT
x-amzn-RequestId: c4679441-1551-9a50-99ab-65e1d70689fa
Content-Length: 133
x-amz-id-2: CCMIhxA1LLqUrSiKPQ7YjP+DRMmPKx/RdBFKFKdInZX4q+owtUCwS8R5+X0X1ifcsp2UWz07igLilFHClgFDCQWF4iyc99tz
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 8B42 0
340 B 123ms
122ms XHR
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=922&fver=5.9.26-F36-46-52-54-59-B491&imp=3521666358786417234&plid=2521236318193655889&pvid=3406412741864163421&fmtid=52&e=11&offsetX=999999&offsetY=999999&pvt=1699934042874&stime=1699934048168&etime=1699934048169&viewportHeight=1200&viewportWidth=1600&adSlotLeft=-991227%2C-999613&adSlotRight=-991227%2C-999613
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:08 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
289 B 787ms
693ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://folkd.com
Date: Tue, 14 Nov 2023 03:54:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2917 13 KB
10 KB 101ms
100ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

45e048e615399b7f30441a6a39d4f5a256997943dbf832b6d98d502796b0face

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10341
x-xss-protection: 0

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 5D04 133 B
569 B 375ms
336ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: d9add174bb04a48617832df8074033e99293107b8e2270477557d3d67c46081e

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=3b88d2df71debb14249e1d875936a36a862dfe4dc59c6d2a7f02565752d25bff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 4ca07b58061a9801b07a55596fedac413ca2f6929b3a379b7eebf9469175720c
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035408Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:09 GMT
x-amzn-RequestId: d227945e-a201-b451-8feb-65fffe42f7fd
Content-Length: 133
x-amz-id-2: fDUtV1SeF9nno16fi6hDDUnmJV2sb8QJjz+oS7jh9id89xC651urkllr1b9OUupzGT0/oab2ye8KgijeXNGD0oyN79jGOtBT
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 5D04 0
340 B 79ms
78ms XHR
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=1751&fver=5.9.26-F36-46-52-54-59-B491&imp=5109049471736973731&plid=2521236318193655889&pvid=3406412741847641488&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1699934042872&stime=1699934048617&etime=1699934048617&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:08 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 139ms
139ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:08 GMT
x-amzn-RequestId: fa28cc7d-c108-27a9-a7e4-3ddd75dc05a2

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 137ms
136ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:08 GMT
x-amzn-RequestId: f2250247-7f69-7623-afe9-f3e71d3092f2

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame A918 133 B
569 B 190ms
170ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: 415e3c50a412b8fb44911ef17f8d84ba49b6a06ec66e6deb218fe070a633cbb6

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=c2f0924e041523c2ed97b1e2ecd82d002d5d875cb2a97a3cd6a7487ca83edcd3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: c128123bfdb788a3f8acdc58e86a0e6cb3b8c35c0a8271fc4a06a513a4cb85e1
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035408Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:08 GMT
x-amzn-RequestId: e833b38c-f0c7-17bf-b5ff-422c32900415
Content-Length: 133
x-amz-id-2: 0mHktCVuYN1jeW8KUsYhCeZxUlwOzE50hDXJk0CduZ8CFxfP16qmbYOLSoM3ZcQ7eVn91+y98+A3GYo4veDXQFgVCD3CvIGj
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame A918 0
340 B 78ms
78ms XHR
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=1542&fver=5.9.26-F36-46-52-54-59-B491&imp=7449121635122684926&plid=2521236318193655889&pvid=3406412741595725383&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1699934042842&stime=1699934048619&etime=1699934048620&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:08 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0940 13 KB
10 KB 91ms
91ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

765fce02c11d7f91187914b57eb79dadc36f721fec405b66d8502c4ec4297795

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10387
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EF39 13 KB
10 KB 86ms
85ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

b35695c96c08c364bccedcc7f1e719b3c22d400420ed85fb426b689e07ce5d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10360
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C1F1 13 KB
10 KB 85ms
85ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

94c525963599ec5dee0811c11cb0ba3c5289cfbdf5335c8d68f8876756053f5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10330
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 87C9 14 KB
10 KB 92ms
92ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

65debb54d8aab486eea8fcb137edbb7357237097bab60718904df4b094826387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10513
x-xss-protection: 0

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 130ms
129ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:08 GMT
x-amzn-RequestId: cd79c0f8-1ca7-c27a-90b5-3158def0d1d0

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame D493 133 B
569 B 355ms
334ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: 1cf7c41e9d7dc61aef73285e9157814b70eed448dc1f5a979a57da0aa7623dc2

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=1d9bc578cfb0fc57da00090fe181fbbe5841f7e670c1f4a312ef075a806d1765
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 644c1c2518f92ebf12a2f51fc990467266044bca798baaf3ce9ae948bcba4cd5
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035408Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:09 GMT
x-amzn-RequestId: fcdba085-8ba2-fab3-a117-5124bbb83579
Content-Length: 133
x-amz-id-2: +hm0oh1y3m1+pphfthJxLHlFk3H6Fl6+tzAnogZv2wWlZx6jtQK/VNsswq9vkAu4ghAard6uXeLxbVkHRYl92vnfvkS3zQhj
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame D493 0
340 B 81ms
81ms XHR
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=1955&fver=5.9.26-F36-46-52-54-59-B491&imp=3705549153950893210&plid=2521236318193655889&pvid=3406412728534012548&fmtid=52&e=11&offsetX=380&offsetY=-182.140625&pvt=1699934041285&stime=1699934048643&etime=1699934048644&viewportHeight=1200&viewportWidth=1600&adSlotLeft=1107%2C6&adSlotRight=1107%2C6
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:08 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 147ms
146ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:08 GMT
x-amzn-RequestId: c53f7830-96b0-3a43-98f3-8990a6aaf589

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame CF2F 133 B
569 B 335ms
199ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: 6713dc479b48b04f913589e21a3c39291a53f0e025864196d8f4084680083e0f

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=79b24f0915c1ca84ae46d3d9690feca5a6d8018d8aaa5ef92237624017ac708f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 328546d64562f9890887b7d6a60cce2fcfb8ec27ef348c5752098f828fb1022c
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035408Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:09 GMT
x-amzn-RequestId: dfb0bfcf-5abe-7e9f-827c-4e6e38e79a4e
Content-Length: 133
x-amz-id-2: 1rR7dYvDVqLkym0Gzv6pY5CGtUWzVwz6CPj+eVDunuippi08mzs7v2+Mr1G69oQOWmXy1LPj1iC2Mg7jrN+jkGXV/AH2qAuD
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame CF2F 0
340 B 94ms
93ms XHR
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=1217&fver=5.9.26-F36-46-52-54-59-B491&imp=3304920979415637544&plid=2521236318193655889&pvid=3406412741679615071&fmtid=52&e=11&offsetX=999999&offsetY=999999&pvt=1699934042852&stime=1699934048647&etime=1699934048648&viewportHeight=1200&viewportWidth=1600&adSlotLeft=-995625%2C-999613&adSlotRight=-995625%2C-999613
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:08 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 144ms
144ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:08 GMT
x-amzn-RequestId: e06b9fc7-12bd-8842-bda7-6e6755adeda9

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame C6D0 133 B
569 B 333ms
198ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: 3b3b39e007fc7ee1a7654936b3072e2b321f80e0c0f56edc36cd292a5da52787

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=2090ee4628cd8eb81d3e5a7e6abe297736c2bb0ac6515d83c50c8040e5ef0d93
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 9080f4272e9aa822b8add793e5320290beddd40d297e8a760d707b9205b2ec7b
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035408Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:09 GMT
x-amzn-RequestId: f0a3b15a-3655-0bc7-ad6f-40fb828129cc
Content-Length: 133
x-amz-id-2: lDQrQk0DI4MZUJfRwZSQ/Ap8Yj3xoAleK1Ss/xpxBThEO9eXac1kIchna0W16nA4AuKrA8Kfi4A+mXCqIcRMS3baM+9cdP81
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame C6D0 0
340 B 91ms
91ms XHR
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=1007&fver=5.9.26-F36-46-52-54-59-B491&imp=7315198811636959066&plid=2521236318193655889&pvid=3406412741813180597&fmtid=52&e=11&offsetX=999999&offsetY=999999&pvt=1699934042868&stime=1699934048649&etime=1699934048650&viewportHeight=1200&viewportWidth=1600&adSlotLeft=-992068%2C-999613&adSlotRight=-992068%2C-999613
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:08 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 141ms
140ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:08 GMT
x-amzn-RequestId: c2b7a1b1-212b-0b8e-9f7b-50117d684822

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 070E 133 B
569 B 338ms
335ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: 17853d0479ac7cc97531f4966a59ff770fabbf3be3a09a24d7064a3fb72bf2d1

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=f1f7851c3b00e13fd44ba795ce5a35ae3ae39f493ec32a68859f692a67d7669c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: bbdce9f36938cdd9113ef907b36d82bcc974091e369bf04463bdae13705bf983
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035408Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:09 GMT
x-amzn-RequestId: e586842b-02a2-628c-b84a-758a45b20767
Content-Length: 133
x-amz-id-2: CS4+iYViwB011i2yBa5uGzuf9/hsSzuPWnWzOAzJPZ7B03ZKVjjEPUysK6bvVqw1wa6pao2liJVFTQHJ5Nnv/AJ1iEJ/W3Sr
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 070E 0
340 B 91ms
91ms XHR
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=843&fver=5.9.26-F36-46-52-54-59-B491&imp=3037460314043235416&plid=2521236318193655889&pvid=3406412741603456321&fmtid=52&e=11&offsetX=999999&offsetY=999999&pvt=1699934042843&stime=1699934048652&etime=1699934048653&viewportHeight=1200&viewportWidth=1600&adSlotLeft=-994698%2C-999613&adSlotRight=-994698%2C-999613
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:08 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 276ms
172ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:08 GMT
x-amzn-RequestId: f38a4cf3-1c95-ae34-ae46-bd537ecc4ae5

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 64F8 133 B
569 B 200ms
183ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: cb9e8fcdd9cc38412751351e4a6bcfafa79e5d44978213ca3bb1aa04bd54054f

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=75dd64d79d45008b93335382f05f5edff3b094b9cd04a3a5a739671f498f4f0a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 963688a4e2bc36233b8e110df4ef36c45119607f51cf8bc2240c7e04d3900a9e
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035408Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:09 GMT
x-amzn-RequestId: c32f2c9b-a825-d5f5-9ee3-dd3a6a72c65f
Content-Length: 133
x-amz-id-2: CVHCKvjJRIgMJIw2rI5cGbk2tT1pXALi9HQm6+Al1ALMsIfZuAQu0dUUx+6bQw+P7rLmlyhiTnWOl6Pa9wQyTPeH1VfPbP66
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 64F8 0
340 B 88ms
88ms XHR
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=681&fver=5.9.26-F36-46-52-54-59-B491&imp=3255630530178913474&plid=2521236318193655889&pvid=3406412741603455307&fmtid=52&e=11&offsetX=999999&offsetY=999999&pvt=1699934042843&stime=1699934048654&etime=1699934048655&viewportHeight=1200&viewportWidth=1600&adSlotLeft=-996466%2C-999613&adSlotRight=-996466%2C-999613
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:08 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 275ms
172ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:08 GMT
x-amzn-RequestId: f4332871-edf4-817d-a9ff-d9d15920a376

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame CD56 133 B
569 B 337ms
135ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: 69a5d5575607b81402a209c30a9a4830383bc035cdf742d07fbc1e10f50484eb

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=f28e310a1284c8f8897ae58c8646f728bf2d6633e0a4271fa9969c3e78310af5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: a190aeaeeeb79f441675fcf75c987b5c97b040400408ab0574ddd2d0b7d3b5bb
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035408Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:09 GMT
x-amzn-RequestId: c8e61a20-ed16-3122-952a-eb8159c21329
Content-Length: 133
x-amz-id-2: CdYSpo0mD5fMMU3IHY6nPbf1JqghzqOnwEhF0zccoi8ExSxeAdHo5HMo+NwY+YMpsaQasqXQhFeQpQet4C8qc1/1Q64ANfPs
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame CD56 0
340 B 87ms
86ms XHR
text/plain 34.250.128.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=539&fver=5.9.26-F36-46-52-54-59-B491&imp=1882986022487144822&plid=2521236318193655889&pvid=3406412741804773331&fmtid=52&e=11&offsetX=999999&offsetY=999999&pvt=1699934042867&stime=1699934048656&etime=1699934048657&viewportHeight=1200&viewportWidth=1600&adSlotLeft=-992974%2C-999613&adSlotRight=-992974%2C-999613
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.128.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-128-111.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
pragma: no-cache
date: Tue, 14 Nov 2023 03:54:08 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F92D 14 KB
10 KB 72ms
72ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

b8aa275372d12dd620952a36b4129e3fd5bf0b21451559be2e47d96fd7283eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10476
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CC30 17 KB
7 KB 77ms
77ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 03:54:08 GMT

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VUAJEAGOgpV6/ Frame D1F7 0
145 B 368ms
111ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VUAJEAGOgpV6/postback?oz_pl=1&pp=2518831497914294538&dm=728x90&di=folkd.com&sr=yieldmo.com&ti=3406412741847641488&pv=4a15f476-2063-4f8b-ae11-8977b59abeed&to=3&de=2&si=2331256393946538634&md=1&bt=programmatic&ci=518423&dt=5184231558719353398000&pi=3406412741847641488&gt=ch&psv=2.112.0&_x=1
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3406412741847641488&pv=4a15f476-2063-4f8b-ae11-8977b59abeed&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3406412741847641488&bt=programmatic&gt=ch
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 14 Nov 2023 03:54:08 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.tas.yieldmo.com/2/2.112.0/ Frame D1F7 143 KB
46 KB 71ms
70ms Script
text/javascript 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.tas.yieldmo.com/2/2.112.0/main.js

Requested by

Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3406412741847641488&pv=4a15f476-2063-4f8b-ae11-8977b59abeed&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3406412741847641488&bt=programmatic&gt=ch

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-253-142-96.eu-west-1.compute.amazonaws.com

Software

Resource Hash

33d773949d1db57b1c73f8ea28ca64d9383efd3ddf71eebf1a5143ff5b376416

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 03:54:08 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 46213
Expires: Fri, 23 Jul 2055 05:26:40 GMT

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VUwbEAG_urUU/ Frame 8D1E 0
145 B 365ms
108ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VUwbEAG_urUU/postback?oz_pl=1&di=folkd.com&to=3&pi=3406412741864163421&gt=ch&ci=518423&sr=yieldmo.com&dm=728x90&bt=programmatic&dt=5184231558719353398000&ti=3406412741864163421&de=2&md=1&pp=2518831497914294538&pv=e2837ed2-fb5d-46c1-86f8-fe192e68516a&si=2331256393946538634&psv=2.112.0&_x=1
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3406412741864163421&pv=e2837ed2-fb5d-46c1-86f8-fe192e68516a&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3406412741864163421&bt=programmatic&gt=ch
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 14 Nov 2023 03:54:08 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.tas.yieldmo.com/2/2.112.0/ Frame 8D1E 143 KB
46 KB 76ms
76ms Script
text/javascript 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.tas.yieldmo.com/2/2.112.0/main.js

Requested by

Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3406412741864163421&pv=e2837ed2-fb5d-46c1-86f8-fe192e68516a&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3406412741864163421&bt=programmatic&gt=ch

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-253-142-96.eu-west-1.compute.amazonaws.com

Software

Resource Hash

33d773949d1db57b1c73f8ea28ca64d9383efd3ddf71eebf1a5143ff5b376416

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 03:54:08 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 46213
Expires: Fri, 23 Jul 2055 05:26:40 GMT

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VVUHEAEijgPo/ Frame 74AA 0
145 B 366ms
108ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VVUHEAEijgPo/postback?oz_pl=1&ti=3406412741679615071&to=3&md=1&bt=programmatic&ci=518423&dt=5184231558719353398000&pp=2518831497914294538&dm=728x90&di=folkd.com&sr=yieldmo.com&pv=f61d60d0-0b4f-4611-b831-f4e60183c08c&de=2&pi=3406412741679615071&gt=ch&si=2331256393946538634&psv=2.112.0&_x=1
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3406412741679615071&pv=f61d60d0-0b4f-4611-b831-f4e60183c08c&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3406412741679615071&bt=programmatic&gt=ch
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 14 Nov 2023 03:54:08 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.tas.yieldmo.com/2/2.112.0/ Frame 74AA 143 KB
46 KB 72ms
71ms Script
text/javascript 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.tas.yieldmo.com/2/2.112.0/main.js

Requested by

Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3406412741679615071&pv=f61d60d0-0b4f-4611-b831-f4e60183c08c&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3406412741679615071&bt=programmatic&gt=ch

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-253-142-96.eu-west-1.compute.amazonaws.com

Software

Resource Hash

33d773949d1db57b1c73f8ea28ca64d9383efd3ddf71eebf1a5143ff5b376416

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 03:54:08 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 46213
Expires: Fri, 23 Jul 2055 05:26:40 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7D48 17 KB
6 KB 83ms
83ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 03:54:08 GMT

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VXASEAGg85mq/ Frame 4151 0
145 B 365ms
110ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VXASEAGg85mq/postback?oz_pl=1&pv=ceb77ef4-6942-4245-894c-770ee57cbe67&si=2331256393946538634&pi=3406412741603456321&di=folkd.com&ti=3406412741603456321&to=3&de=2&dm=728x90&md=1&bt=programmatic&gt=ch&ci=518423&dt=5184231558719353398000&sr=yieldmo.com&pp=2518831497914294538&psv=2.112.0&_x=1
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3406412741603456321&pv=ceb77ef4-6942-4245-894c-770ee57cbe67&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3406412741603456321&bt=programmatic&gt=ch
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 14 Nov 2023 03:54:08 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.tas.yieldmo.com/2/2.112.0/ Frame 4151 143 KB
46 KB 254ms
120ms Script
text/javascript 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.tas.yieldmo.com/2/2.112.0/main.js

Requested by

Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3406412741603456321&pv=ceb77ef4-6942-4245-894c-770ee57cbe67&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3406412741603456321&bt=programmatic&gt=ch

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-253-142-96.eu-west-1.compute.amazonaws.com

Software

Resource Hash

33d773949d1db57b1c73f8ea28ca64d9383efd3ddf71eebf1a5143ff5b376416

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 03:54:08 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 46213
Expires: Fri, 23 Jul 2055 05:26:40 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1679 13 KB
10 KB 65ms
65ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

bd3a112f45d1e0ec5fdefbb3ab166f98f6066992c81774c47a64546f115ff999

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10382
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2917 17 KB
6 KB 80ms
80ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 03:54:08 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EF39 17 KB
6 KB 83ms
82ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 03:54:08 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C1F1 17 KB
6 KB 94ms
94ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 03:54:08 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0940 17 KB
6 KB 94ms
94ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 03:54:08 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 87C9 17 KB
6 KB 87ms
87ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 03:54:08 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F92D 17 KB
6 KB 71ms
71ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 03:54:08 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1679 17 KB
6 KB 171ms
170ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 03:54:08 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FDB0 13 KB
5 KB 201ms
201ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 15020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 23:43:48 GMT
expires: Tue, 12 Nov 2024 23:43:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A2B5 13 KB
5 KB 249ms
248ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 15020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 23:43:48 GMT
expires: Tue, 12 Nov 2024 23:43:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E91D 13 KB
5 KB 265ms
265ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 15021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 23:43:48 GMT
expires: Tue, 12 Nov 2024 23:43:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 39B1 13 KB
5 KB 262ms
261ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 15021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 23:43:48 GMT
expires: Tue, 12 Nov 2024 23:43:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VVUHEAEijgPo/ Frame 74AA 0
145 B 313ms
100ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VVUHEAEijgPo/postback?oz_pl=1&ti=3406412741679615071&to=3&md=1&bt=programmatic&ci=518423&dt=5184231558719353398000&pp=2518831497914294538&dm=728x90&di=folkd.com&sr=yieldmo.com&pv=f61d60d0-0b4f-4611-b831-f4e60183c08c&de=2&pi=3406412741679615071&gt=ch&si=2331256393946538634&psv=2.112.0&_x=1
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3406412741679615071&pv=f61d60d0-0b4f-4611-b831-f4e60183c08c&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3406412741679615071&bt=programmatic&gt=ch
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 14 Nov 2023 03:54:08 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VVUHEAEijgPo/ Frame 74AA 0
145 B 310ms
99ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VVUHEAEijgPo/postback?ti=3406412741679615071&to=3&md=1&bt=programmatic&ci=518423&dt=5184231558719353398000&pp=2518831497914294538&dm=728x90&di=folkd.com&sr=yieldmo.com&pv=f61d60d0-0b4f-4611-b831-f4e60183c08c&de=2&pi=3406412741679615071&gt=ch&si=2331256393946538634&sid=Al44VVUHEAEijgPo&oz_sc=306c02e7e26bc48138b77a4b&oz_df=1699934048821&oz_l=3811&cv=3
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.112.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 14 Nov 2023 03:54:08 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VUwbEAG_urUU/ Frame 8D1E 0
145 B 293ms
100ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VUwbEAG_urUU/postback?oz_pl=1&di=folkd.com&to=3&pi=3406412741864163421&gt=ch&ci=518423&sr=yieldmo.com&dm=728x90&bt=programmatic&dt=5184231558719353398000&ti=3406412741864163421&de=2&md=1&pp=2518831497914294538&pv=e2837ed2-fb5d-46c1-86f8-fe192e68516a&si=2331256393946538634&psv=2.112.0&_x=1
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3406412741864163421&pv=e2837ed2-fb5d-46c1-86f8-fe192e68516a&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3406412741864163421&bt=programmatic&gt=ch
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 14 Nov 2023 03:54:08 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VUAJEAGOgpV6/ Frame D1F7 0
145 B 279ms
98ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VUAJEAGOgpV6/postback?oz_pl=1&pp=2518831497914294538&dm=728x90&di=folkd.com&sr=yieldmo.com&ti=3406412741847641488&pv=4a15f476-2063-4f8b-ae11-8977b59abeed&to=3&de=2&si=2331256393946538634&md=1&bt=programmatic&ci=518423&dt=5184231558719353398000&pi=3406412741847641488&gt=ch&psv=2.112.0&_x=1
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3406412741847641488&pv=4a15f476-2063-4f8b-ae11-8977b59abeed&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3406412741847641488&bt=programmatic&gt=ch
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 14 Nov 2023 03:54:08 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VUwbEAG_urUU/ Frame 8D1E 0
145 B 334ms
106ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VUwbEAG_urUU/postback?di=folkd.com&to=3&pi=3406412741864163421&gt=ch&ci=518423&sr=yieldmo.com&dm=728x90&bt=programmatic&dt=5184231558719353398000&ti=3406412741864163421&de=2&md=1&pp=2518831497914294538&pv=e2837ed2-fb5d-46c1-86f8-fe192e68516a&si=2331256393946538634&sid=Al44VUwbEAG_urUU&oz_sc=d1ca25a7347e8aa66affa0b6&oz_df=1699934048855&oz_l=4864&cv=3
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.112.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 14 Nov 2023 03:54:08 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VUAJEAGOgpV6/ Frame D1F7 0
145 B 322ms
104ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VUAJEAGOgpV6/postback?pp=2518831497914294538&dm=728x90&di=folkd.com&sr=yieldmo.com&ti=3406412741847641488&pv=4a15f476-2063-4f8b-ae11-8977b59abeed&to=3&de=2&si=2331256393946538634&md=1&bt=programmatic&ci=518423&dt=5184231558719353398000&pi=3406412741847641488&gt=ch&sid=Al44VUAJEAGOgpV6&oz_sc=c2053d32c6681a196bb8d363&oz_df=1699934048868&oz_l=4870&cv=3
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.112.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 14 Nov 2023 03:54:08 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7D14 13 KB
5 KB 158ms
158ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 15021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 23:43:48 GMT
expires: Tue, 12 Nov 2024 23:43:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 11AB 13 KB
5 KB 158ms
156ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 15021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 23:43:48 GMT
expires: Tue, 12 Nov 2024 23:43:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 734F 13 KB
5 KB 163ms
161ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 15021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 23:43:48 GMT
expires: Tue, 12 Nov 2024 23:43:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 79A7 13 KB
5 KB 162ms
162ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 15021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 23:43:48 GMT
expires: Tue, 12 Nov 2024 23:43:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 200
OK 60a4a6e4-366c-48e8-b99c-f66a50030979
https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/ Frame 8D1E 817 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/60a4a6e4-366c-48e8-b99c-f66a50030979
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9f8921cd65e928a2f9f7d1f0ff5940300e8cfd7cc66c2cf569d5ba6fe1b5ad0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 817
Content-Type

GET
BLOB 200
OK 92aa44ad-22cc-4d37-9f78-8e49c7dffa81
https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/ Frame D1F7 817 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/92aa44ad-22cc-4d37-9f78-8e49c7dffa81
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9f8921cd65e928a2f9f7d1f0ff5940300e8cfd7cc66c2cf569d5ba6fe1b5ad0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 817
Content-Type

GET
BLOB 200
OK cacb6eca-6865-4f55-a825-ec7c1807eb2b
https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/ Frame 2A67 186 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/cacb6eca-6865-4f55-a825-ec7c1807eb2b
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 186
Content-Type: application/javascript

GET
BLOB 200
OK 97671fa7-0428-4823-85a2-27054a3b19fc
https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/ Frame 5783 186 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/97671fa7-0428-4823-85a2-27054a3b19fc
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 186
Content-Type: application/javascript

GET
BLOB 200
OK 121133a1-18ec-4318-81ca-9adde867c380
https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/ Frame 3149 186 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/121133a1-18ec-4318-81ca-9adde867c380
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 186
Content-Type: application/javascript

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 47B3 13 KB
5 KB 60ms
57ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 15021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 23:43:48 GMT
expires: Tue, 12 Nov 2024 23:43:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VXASEAGg85mq/ Frame 4151 0
145 B 104ms
63ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VXASEAGg85mq/postback?oz_pl=1&pv=ceb77ef4-6942-4245-894c-770ee57cbe67&si=2331256393946538634&pi=3406412741603456321&di=folkd.com&ti=3406412741603456321&to=3&de=2&dm=728x90&md=1&bt=programmatic&gt=ch&ci=518423&dt=5184231558719353398000&sr=yieldmo.com&pp=2518831497914294538&psv=2.112.0&_x=1
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/518423/analytics.js?dt=5184231558719353398000&di=folkd.com&sr=yieldmo.com&pp=2518831497914294538&ti=3406412741603456321&pv=ceb77ef4-6942-4245-894c-770ee57cbe67&to=3&de=2&md=1&si=2331256393946538634&dm=728x90&pi=3406412741603456321&bt=programmatic&gt=ch
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 14 Nov 2023 03:54:08 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VXASEAGg85mq/ Frame 4151 0
145 B 66ms
66ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VXASEAGg85mq/postback?pv=ceb77ef4-6942-4245-894c-770ee57cbe67&si=2331256393946538634&pi=3406412741603456321&di=folkd.com&ti=3406412741603456321&to=3&de=2&dm=728x90&md=1&bt=programmatic&gt=ch&ci=518423&dt=5184231558719353398000&sr=yieldmo.com&pp=2518831497914294538&sid=Al44VXASEAGg85mq&oz_sc=ccd897f701ffd25b3e7c7de6&oz_df=1699934049143&oz_l=4859&cv=3
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.112.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 14 Nov 2023 03:54:08 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK 642ede6f-c789-45ad-98e7-ed0a9894fcfd
https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/ Frame 74AA 817 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/642ede6f-c789-45ad-98e7-ed0a9894fcfd
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9f8921cd65e928a2f9f7d1f0ff5940300e8cfd7cc66c2cf569d5ba6fe1b5ad0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 817
Content-Type

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VUwbEAG_urUU/ Frame 8D1E 0
145 B 73ms
72ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VUwbEAG_urUU/postback?di=folkd.com&to=3&pi=3406412741864163421&gt=ch&ci=518423&sr=yieldmo.com&dm=728x90&bt=programmatic&dt=5184231558719353398000&ti=3406412741864163421&de=2&md=1&pp=2518831497914294538&pv=e2837ed2-fb5d-46c1-86f8-fe192e68516a&si=2331256393946538634&sid=Al44VUwbEAG_urUU&oz_sc=d1ca25a7347e8aa66affa0b6&oz_df=1699934049185&oz_l=13016&cv=3
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.112.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 14 Nov 2023 03:54:08 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VVUHEAEijgPo/ Frame 74AA 0
145 B 98ms
98ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VVUHEAEijgPo/postback?ti=3406412741679615071&to=3&md=1&bt=programmatic&ci=518423&dt=5184231558719353398000&pp=2518831497914294538&dm=728x90&di=folkd.com&sr=yieldmo.com&pv=f61d60d0-0b4f-4611-b831-f4e60183c08c&de=2&pi=3406412741679615071&gt=ch&si=2331256393946538634&sid=Al44VVUHEAEijgPo&oz_sc=306c02e7e26bc48138b77a4b&oz_df=1699934049195&oz_l=14978&cv=3
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.112.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 14 Nov 2023 03:54:08 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VUAJEAGOgpV6/ Frame D1F7 0
145 B 74ms
74ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VUAJEAGOgpV6/postback?pp=2518831497914294538&dm=728x90&di=folkd.com&sr=yieldmo.com&ti=3406412741847641488&pv=4a15f476-2063-4f8b-ae11-8977b59abeed&to=3&de=2&si=2331256393946538634&md=1&bt=programmatic&ci=518423&dt=5184231558719353398000&pi=3406412741847641488&gt=ch&sid=Al44VUAJEAGOgpV6&oz_sc=c2053d32c6681a196bb8d363&oz_df=1699934049218&oz_l=14268&cv=3
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.112.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 14 Nov 2023 03:54:08 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK 2c41a1d4-8111-49db-9abe-2acbbab5ae36
https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/ Frame 4151 817 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/2c41a1d4-8111-49db-9abe-2acbbab5ae36
Requested by: Host: ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
URL: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9f8921cd65e928a2f9f7d1f0ff5940300e8cfd7cc66c2cf569d5ba6fe1b5ad0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 817
Content-Type

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame FDB0 39 KB
15 KB 44ms
44ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:50:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 17:50:52 GMT

GET
BLOB 200
OK c117f6c4-2fd3-449e-98f9-d627e2abc08e
https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/ Frame 5D6F 186 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/c117f6c4-2fd3-449e-98f9-d627e2abc08e
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 186
Content-Type: application/javascript

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame A2B5 39 KB
15 KB 51ms
50ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:50:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 17:50:52 GMT

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 41ms
41ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=7ada6bc7-d831-4ccc-9c49-6a685d6852e0&a=p.l&u=5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 01:42:22 GMT
age: 439907
x-guploader-uploadid: ABPtcPpCkonmBGjk2dfiQa2Hgo3mEfBmcptQk_6vFkluw7dOFBMkIE8fNVKxW9vwBa_JDINMl-T2rh3GKAzhRv97Ly1w76nqU0GE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Fri, 08 Nov 2024 01:42:22 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=328040E02AED482B898BAEFB512EFEA7&RedC=c.clarity.ms&MXFR=34CD861A198265E0046195D31D826BAB
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=328040E02AED482B898BAEFB512EFEA7&MUID=0BB02B6634AD6F113CDB38AF35F66E99

42 B
467 B

67ms
67ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=328040E02AED482B898BAEFB512EFEA7&MUID=0BB02B6634AD6F113CDB38AF35F66E99
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:09 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 03B70D3C882148389F36CEDAD1B55E0D Ref B: ZRHEDGE1918 Ref C: 2023-11-14T03:54:10Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=328040E02AED482B898BAEFB512EFEA7&MUID=0BB02B6634AD6F113CDB38AF35F66E99
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 61ms
60ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

025ddcebcdf1321e5a9ffcbcf5abebebf3d0f70d4735e99346846d3a0c2ccccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12388
x-xss-protection: 0

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame E91D 39 KB
15 KB 47ms
46ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:50:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 17:50:52 GMT

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 39B1 39 KB
15 KB 50ms
50ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:50:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 17:50:52 GMT

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 7D14 39 KB
15 KB 56ms
56ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:50:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 17:50:52 GMT

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 11AB 39 KB
15 KB 59ms
58ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:50:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 17:50:52 GMT

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 734F 39 KB
15 KB 59ms
59ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:50:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 17:50:52 GMT

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 79A7 39 KB
15 KB 62ms
61ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:50:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 17:50:52 GMT

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 47B3 39 KB
15 KB 63ms
63ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:50:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 17:50:52 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 60ms
60ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 03:54:09 GMT

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VXASEAGg85mq/ Frame 4151 0
145 B 99ms
98ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VXASEAGg85mq/postback?pv=ceb77ef4-6942-4245-894c-770ee57cbe67&si=2331256393946538634&pi=3406412741603456321&di=folkd.com&ti=3406412741603456321&to=3&de=2&dm=728x90&md=1&bt=programmatic&gt=ch&ci=518423&dt=5184231558719353398000&sr=yieldmo.com&pp=2518831497914294538&sid=Al44VXASEAGg85mq&oz_sc=ccd897f701ffd25b3e7c7de6&oz_df=1699934049521&oz_l=13152&cv=3
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.112.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 14 Nov 2023 03:54:09 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VUwbEAG_urUU/ Frame 8D1E 0
145 B 72ms
72ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VUwbEAG_urUU/postback?di=folkd.com&to=3&pi=3406412741864163421&gt=ch&ci=518423&sr=yieldmo.com&dm=728x90&bt=programmatic&dt=5184231558719353398000&ti=3406412741864163421&de=2&md=1&pp=2518831497914294538&pv=e2837ed2-fb5d-46c1-86f8-fe192e68516a&si=2331256393946538634&sid=Al44VUwbEAG_urUU&oz_sc=d1ca25a7347e8aa66affa0b6&oz_df=1699934049535&oz_l=467&cv=3
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.112.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 14 Nov 2023 03:54:09 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VUAJEAGOgpV6/ Frame D1F7 0
145 B 66ms
66ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VUAJEAGOgpV6/postback?pp=2518831497914294538&dm=728x90&di=folkd.com&sr=yieldmo.com&ti=3406412741847641488&pv=4a15f476-2063-4f8b-ae11-8977b59abeed&to=3&de=2&si=2331256393946538634&md=1&bt=programmatic&ci=518423&dt=5184231558719353398000&pi=3406412741847641488&gt=ch&sid=Al44VUAJEAGOgpV6&oz_sc=c2053d32c6681a196bb8d363&oz_df=1699934049558&oz_l=72&cv=3
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.112.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 14 Nov 2023 03:54:09 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VVUHEAEijgPo/ Frame 74AA 0
145 B 65ms
65ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VVUHEAEijgPo/postback?ti=3406412741679615071&to=3&md=1&bt=programmatic&ci=518423&dt=5184231558719353398000&pp=2518831497914294538&dm=728x90&di=folkd.com&sr=yieldmo.com&pv=f61d60d0-0b4f-4611-b831-f4e60183c08c&de=2&pi=3406412741679615071&gt=ch&si=2331256393946538634&sid=Al44VVUHEAEijgPo&oz_sc=306c02e7e26bc48138b77a4b&oz_df=1699934049572&oz_l=356&cv=3
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.112.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 14 Nov 2023 03:54:09 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5EDB 13 KB
5 KB 47ms
46ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 15021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 23:43:48 GMT
expires: Tue, 12 Nov 2024 23:43:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6A20 829 B
948 B 57ms
56ms Document
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

GSE /

Resource Hash

a4d957401b6ee095b5f1d070f493f63bb01b728f68c45058d3c0a55cd4c654ed

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5XwJCTGobMgy3Jrkkj_VvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-5XwJCTGobMgy3Jrkkj_VvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 03:54:09 GMT
expires: Tue, 14 Nov 2023 03:54:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 x-mark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 222 B
549 B 50ms
50ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/x-mark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77882812956b4fa5e7fbee0491c6f732c9b61012e843a61d88d45332c63bb876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 504186
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230027-FRA, cache-mxp6971-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"de-bFmB/Ch5GN9lTNmNzsBfBB/K8bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAvHKNamDYLHu1BEFWad9VT%2BCnHt88eTW3rrmjy9PohWFHLe5HoV6ov6x9vVGkEweltrW1jVGTCQ%2FlgPC%2B3psn2csusLmvTmLwIG6EAZ7c1mv%2F4dGJQTqrWx7rDtnjbEx78%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4fc3f8ec01db-ZRH

GET
H2 200 eye.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 455 B
615 B 48ms
48ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/eye.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b72b152262183a46bdf29f00817d35dd88fef330c888814bcffed7ccde27b1b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1049627
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230079-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"1c7-2ihwUVPx/n1zQR+B36KY4usUiEA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sH4ZEa2cNVrhfH2N5XaNqf1r4buLbA7kP0w3dOTW5yyuS0e5kQ4pV9xisCDLAzz8As0NWtTLlPpY9qITHxjnFmSgrnfjk7pDYpTDRb3VzYYvi3qpClCw9p11STq1tNTF0qs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4fc408fb01db-ZRH

GET
H2 200 logo-40px.svg
1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1676897406070x914614085739208700/ 2 KB
857 B 49ms
48ms Image
image/svg+xml 104.16.137.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1676897406070x914614085739208700/logo-40px.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.137.79 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b26090b7c2ddac21b5731cd0dc5ada44fd88d3b7ee421dd8ddc0a7db2b12c70

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:09 GMT
x-amz-version-id: NoYri7j3dqGJ_o.0cuCTxKXFnTaBUSkL
content-encoding: br
cf-cache-status: HIT
content-security-policy: script-src 'none'
x-amz-request-id: ESVZW6HVHCQ6FV34
age: 2624
x-amz-server-side-encryption: AES256
x-amz-meta-app-version: test
x-amz-id-2: cV3/G8OwA020CO8bvlY8MjSnYzoZkPZMnUS8rCdNa+1YgW3Gi1Uhzh3Ml4rj9OIbRhIXx25R1jo=
x-amz-meta-appname: folkd0612
last-modified: Mon, 20 Feb 2023 12:50:07 GMT
server: cloudflare
etag: W/"98bcc0ebb1abcca0eceef4c5f8ed8d71"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=86400
cf-ray: 825c4fc40f9a24c4-ZRH

GET
H2 200 x-mark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 222 B
664 B 45ms
45ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/x-mark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77882812956b4fa5e7fbee0491c6f732c9b61012e843a61d88d45332c63bb876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 504186
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230027-FRA, cache-mxp6971-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"de-bFmB/Ch5GN9lTNmNzsBfBB/K8bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXFg5iqrZ773SDDKiJMQX12zEPjhe9mFps8nVghkZumWQK1arFWW29RzEffddWR%2FlscYrTeDqY8pvZChl1GOckzH%2BCNfOU8alvh4E8hre79ZNUdEAO5INYPjOeWwTgehyik%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4fc4190e01db-ZRH

GET
H2 200 eye.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 455 B
568 B 43ms
43ms XHR
image/svg+xml 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/eye.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b72b152262183a46bdf29f00817d35dd88fef330c888814bcffed7ccde27b1b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1049627
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230079-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"1c7-2ihwUVPx/n1zQR+B36KY4usUiEA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJr7Ltqs7lLE0aaXEaqOKB%2B%2FN98rjttjnCuB9Yd%2FbVSBiBT33lqJQa3n9VltQAtC0xRDEGQDsRNz8d%2FjzXgXKtBRKqNC0yTrc%2FyIP3BReJA0B0wqwgdkGL5u2FDDQKXToAE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 825c4fc4191001db-ZRH

GET
H2 200 ionicons.ttf
1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1499272922381x868922997266054100/ 184 KB
185 KB 155ms
69ms Font
application/x-font-ttf 104.16.137.79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1499272922381x868922997266054100/ionicons.ttf
Requested by: Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_css/569715a74d34116b109d04078ae8caebc599c2b374ae6cd41974e77a1ec5325e/folkd0612/live/index/xfalse/xfalse/run.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.137.79 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2

Request headers

Referer: https://folkd0612.bubbleapps.io/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:10 GMT
x-amz-version-id: xuz8RpJkqRZidkYFNofgAtkL0FYn15De
cf-cache-status: HIT
x-amz-request-id: NYZWGMM9MBYS65AM
age: 1119660
x-amz-meta-app-version: test
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 188508
x-amz-id-2: meQG8/zsOfXGEC7Yku1zpPx0fbowppVzxekhAXKozNxNAdz43MOnRrajhv/09c0wJPhL0xBD/bk=
x-amz-meta-appname: bubbledemo
last-modified: Wed, 05 Jul 2017 16:42:03 GMT
server: cloudflare
etag: "dd4781d1acc57ba4c4808d1b44301201"
access-control-max-age: 3000
access-control-allow-methods: GET, POST
content-type: application/x-font-ttf
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=290304000
accept-ranges: bytes
cf-ray: 825c4fc50fb424c0-ZRH

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CC30 0
58 B 85ms
85ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=COSrseXLwoIDFadkFQgdTqcMWg&bg=!i4iliMfNAAZxrfrxUa07ADQBe5WfOCpIcM5Uj9K_89SknbikDeYjdZ2A7uXpIos7zanGbgH50hlEBSL51z9z0p4IgY0EAgAAAYJSAAAAA2gBBwoADtzxP9nUxm_-Ak8TdnuqmQMcU9s9XNGXgCVgmGLOYA3XCEY6Bet8Aq6MHRzHfsPLuMDse23KpqtNyrJNfNjUI6TmZGaaNJ8oRGZmnU8dvlQzEOJ9YgH5ibvZeC5Fd0JyvIUnFBAgiUnRUQoCQldEcZ8-7icOEp8KLnCDCQEV5FCr5qe66xyXOTEpxZLGot7-HhEe2Y0j_JHQrtJ54tz0bZOGBBwTs1Lfpn9xNamtb4FPT7XiZZF2h5jggZcwltCHAMCuuMuMctDKQQ6VXdGEcCgAifo3Dle2EfNQZvidUiZrNEg_I5HbE5THT-LJxrcK6uzFd7ADR4HJNUDgJx6zuaupw-hLOQol7fJG3FvscV1nk0cgskiu6vMEe3yZOVAcGBk9K0-kwqqnoHQfY-u1xojnsALWhfN9V2BCnM8GsKhsfV2sdYVTj7MTC4WE8QKr_Wmix8n1w0REFLAtddd7umjtajnYhiD82GV77dodWdAQ39UcgvBeMuEIug0I4R7iA58qxeo9eOdyjtQTbllyJYSYBSadXukFqwvrGCGPkPVyll09FrfrQQURjlHBrAj-baIaQ2thl03ljG8VdEQoMqACCecnfHTvRBKmt0JKV0-aASItUR27AqasuhWQkV2W1DC8SuI99ZmIq2fJHSHMg-MP3zZms2JWGrAKkKWwQ63yNIz4TmFUN5cDJQDsXujd-PIuQWIYNDjBbGeEOKeWS5BfKEdfchwuEqoOHDnZz5vqAWGijKxcr8CjjoxvRx6VN3XN2c9fiSAig3C-0J_wgK_-kj7J7z2HvdmvtJxBZHI1aE5IzN4uRgNES_LSPwqThcJgOh-RhPrTYpHslYRRgnrTQEhr6AgnbPevuUPAcmakszHC5WmmbvJfFQd8ra3rUa03TWHcVJ2i-OnaFw2b1MUeWvS3Z3qXZVXiyotbtcz4eEuutMzuPGt-vJ-T7BS7jsWRuk7H5gKL0_Ve7QWNlue29iZ8y9l8iRUHkV8G_XX35R3Te8toYAehG95yC2d-Axk5wce1LXD7DH6DlM0o2nPQ0ge_bSWVvXTvJguDhBech64KnnfEadPYKVNwjw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6A20 0
0 107ms
106ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=2815995020238576&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 6587 61 KB
35 KB 80ms
74ms Document
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI&co=aHR0cHM6Ly9mb2xrZC5jb206NDQz&hl=de-CH&type=image&v=fGZmEzpfeSeqDJiApS_XZ4Y2&theme=light&size=normal&cb=h040h01kc5q2

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de_ch.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

GSE /

Resource Hash

60bf375cbcfe7653e046fd40672cb7e93394f40e0de24f09027d1490cb6a392c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3OVBaA1vADD5YQTxSJ1MiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3OVBaA1vADD5YQTxSJ1MiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 03:54:10 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 frg Show response
folkd.com/ 5 B
962 B 286ms
285ms XHR
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/frg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

X-Bubble-Fiber-ID: 1699934050095x493586163782358850
X-Bubble-PL: 1699934037577x268
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://folkd.com/
cache-control: no-cache
Referer: https://folkd.com/
X-Requested-With: XMLHttpRequest
x-coalias-route: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNjk5OTM0MDM3fQ.TyE1O7KGl_a7lCfmfZdueCTsWmQEKhMX0erIBwNvAHI
X-Bubble-Breaking-Revision: 5

Response headers

date: Tue, 14 Nov 2023 03:54:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf: {"total":9.9,"percents":{"top":{"bubble_cpu":31.6,"block":62.4,"capacity_rl":0,"other_pause":0,"pre_fiber":6.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":60.1,"fiber_queue":4.2,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":469466}}
strict-transport-security: max-age=63072000
x-bubble-appname: folkd0612
x-powered-by: Express
x-bubble-capacity-used: 0.007 unit-seconds used
x-coalias-cache: MISS
server: Vercel
x-vercel-id: fra1::9mp47-1699934050131-806c1e08a0f4
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqFVs1zllHu4s91Jfh2%2FPEHEFcNYBM1I2YJU5CUB%2B184QoznJIt5lBiI2p3ABrp8Q4E0ihIjaBQagKeeC3gulqaDff2kqQg6Dzum83ZofWxUczVb48kKZ7Xxyy%2BHDBIRPgkPZOLGc4sTtS7ZQLVZUV32n7pAaxb6p50y4Co13vpWxZghRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-bubble-request-took: 10
cache-control: no-cache
cf-ray: 825c4fc56f18bbc2-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 5EDB 39 KB
15 KB 45ms
45ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:50:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 17:50:52 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D48 0
56 B 81ms
81ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CPemkubLwoIDFaaFUAYdt74DfQ&bg=!PzylPHPNAAZxrfrxUa07ADQBe5WfOJ-UGf2R4hAZYCWWz5wKyPCyY79JFobIOzMyZhNQsS1TKEZIRNDUkUUaN0slvmtGAgAAApBSAAAAAmgBBwoATAhEgB9pu7-1FYWvC_Bp2HdOWEh91rSWMM-RyXL3YbZ-acxLCRl-PuBm7IA6daWohDvzfqBnQSIL3UdwKR528fz0p09qc_F5Em-Ud7qZAxn3m2vLPpTb_-4tX2HLr5ufjALMTeep6KKXuB75Ti_6adHKd56Ps2M0767Xq9PUKWBdViK-jVcrsXpXTJeTf1qaYyKbekquwMFzAu1x5CnkxoXIerlrfAqZ_B0jgTRfHXL2CDMpfJGI54gZNh24Otz0P7i-DDtJRy35alV0QTtX0bjWQype06Y0i5JDHy9HF9xuRA8NbU_jxzFyPpE-HXjtjYe1jylrq5nXCG8iHTKhTo1z2G7pw_BhvU68PVxqxovBUW_776Y14PXDv7AFaI6jQLIPnmVRK1pz_WEpfvqafGVCaJEn3GmgfkINL-wz-BVg9uYJfi6B7RdGJYmXIosgXuP3KxpDz1eTb5aQW0HpZ9rNUHzUA6gYJ2rctwZ1dDglH-CTrTZBItz-WWYq-ruqXBC3tazgbcRqCQg5UUxqa0T1uxUEj9NMDmkzDWmb_tm_P3E-ZKuW89z8iXwdskeUYrlXtmMDGDzby8tipyG5GtRtc6wJSWr7CnOKnRLZ0WKYHgHhsQ-aHo_PbcKMiZceF0LdasSP50Uyyc7IIadh8pNOvTBXHaP4rdI3imTEeRjrbYe8idCgPuJF0EAfCbuNdj4BHAsf5HgLISbNnD8eZCcPIHDaJoVp-LM7LCluk1_BjzqBh3LWyjsHtDoPaoCFCHRm6FzTro8dfKmdYu_v8agfFq_3bmsszIeHDjAwa8VqJ9PzJhCbyBafIssmQueB5FhjGlUI_sWMtI9m7pVlN7XlmyH1dh0INFvkT0WIIFDyby6I5DgNRcOgMV4HNvjxjFDuItrsDRvqg0CRr_6iwaDEh1mIavmpcQj6CdF2u__BtkLcO0Q1RmrMLpm_TIuh-nSEG7ZRjm2gtTpvMfskYdHkcmp_mbbEEvz4gd1Zpwskfwj8LQJx02Ddge3IX6W3iU5LXP4THrY-mGUlgxzzttcGBOLEy4-_r9Tk8dGmpeXpO126jq41qABl9fxOwT6z9N2x4BzJ_khuJe5oDGzzLdDR1Ne5LHCx2Zh0WqE-xtbIlLMqiON1vXqkVr8vnVcsn-I6q62dpq6y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F92D 0
56 B 86ms
86ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CKfNkObLwoIDFQJeFQgdB_QOWA&bg=!-fql-rXNAAZxrfrxUa07ADQBe5WfODfALXtU5V4vcs2kk5CqEXOD-CSSmCPca1zARaYVkBNupiwFfeduUHmFuRe7T-LhAgAAAttSAAAAA2gBB5kDIr4w54q1yxm8fWi_HerOr8qjIAesuri1GFux2bQ7ohYGCshixgAgC10jiImCERJLmzxhBR4Xa2SOyCaNWRaqKO0I-Pwx9SHc8rAjBbVEk6eVTvKtluSiwAwXb_6Uz8dC3KkToqXcJbD4e5cbnA58d-xnA4zzxp8KnDHDOEgm88KIiVGED-en0FWJP-dSf3thPp_BB8-Ffk-i--dyceFfVZwqjmW8VhDDNeS_zvUoVMNP633Yevsde5sHrDJccB59neRUq5bqQ68FzryaFR0dA9m09aHSbOfk8rLitnPuPdUocSZ0QVH6Ra7pmTE1XKeiFCXoIsfRtcC9i7KWOizJP14tkBh33wAuPb42vrsWc9jwCyWMM6NTa_a-svJ4bUpH64JeUKITEQK14nb1wSBjjDDpzRfM3xIWfE9hGtwEDWirdJuJTZLLvmtuXIpIP7StkFX4c7rczUF4jS8glkJv0Ztn02UhqlCoUBq3vyOatWtXqSm5q-21bVsD-mqzRSU0o4manPEktHRulL5NcEchh4350cXEYHSwqiNW0LwcVpek57D_kuHzbE0UIQt7EhsZjubZXAWzbBd3m2jeRvzKTDgkcpc7gfAkOzvszxvO4l2SYuVcmgEh6PCfMTXRX-rKUslEy-_-Opi5-Ue9f5BR_d-KMe52XSaMKhUqcnGNwzaCrciZ0SHMmqPOJ7_VgYPGo-aRW5d4VcJCWQBA-fdySDVLKMR0gCaPpgApTszWTKXZ9A3OaKpzG5D5lwk2Ik6ie5u5CmDz-0N7XIiISBBroFiMT3Utc8lWyzoAF11MXgKnVuDQwAVJkkQ0wDHBQjfFMkHYgFJSjenUctsrJBdd3NTR0SWW9RQ1fcQwixhQKQMgRLmFxK-wqxAqy-lv1y0rbjuhixTh0uSVlLXUGBc3u7ITHqgIzHb66L82eue7fXCuycimlGQi47QlFpmAVpfHOBlq4UXnRARSRqUTiQo7CAuf35dx1oAG4ABoCJFaB_MWqvlnHotbmk1lgiHsPDbm8kVKmS6_65B8U4YSy5ZcS8nuIwQ9eXV5u08JRbc6YDgHoqA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 87C9 0
56 B 82ms
81ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CMnCkObLwoIDFQGw7QodCsgPOw&bg=!Q0ClQA_NAAZxrfrxUa07ADQBe5WfOLhsJDqiMe57nw-ceFzwXruQz8zYULPcuB8J8yeToGjTBIpM0zusePQRxemby-MCAgAAAtBSAAAAA2gBBwoARvqW9vlvoYyHaLb7dqGxHf3012A9nFl5SkQ3SBvdapImcLDITUnPKiAjkkcEmWMnBRhTx59SHDu86DeKm7RtMczDdemVRd2ZAwKm2RdD__eWTM4UDayNO1c4njpzLAjd-6nvRqB7NZUS5emXr1mToJXBCs-Vvt41tyuZ_5u-2y_X_mRAOZF9ykP7JHTP4BMyZk4rxN3kzWvKP2FMmdepJ2n0DXRF_ax8x82sYaT7L86Fk39254kWmyY9Zk0d4SPXda3eEzO_zBGRlBnA92pmXikLoNWYGTYexy3WiQVGiXEo1FRfiBL3EvHBZ8t5felPRbkDO6hSZQU3ATHaRnfRL4mhRog-iPhFSf2eANVSu_6H1d98Ylo-VVkm3zbFdx-jE1zdcyI60ffRrt6smZziKo3CxoHzBHkF3vPp24a_tr8tIpNKbvoi1Z6TiYyaR8qUOKoJztfUinKuHxQvrSRnUQpN9b7yb_9Z7EwnVql1xmXwHW1qLdlyc7MaN2nO-HpxUTqTNZK-YNj_3Bhut0LyR5ZfVDD3aJKuj-zW5mXH_xHBzd-rus7OzoFMtbtzvBU9MBQAsXQltptnVwFFogiHhP7MfRabNpGVzfPvgAFtSn-5K9VbAuZ4DYe-UkCuSPeGih-CCKA1M2O0GPnHfhGYAwFfiWwWJctWx5aNIEB_tAgp-izIt08XEx6hatwBgAVVYY0I05MmJzFgru09VGi9SHdyXKNwWubzfOi6Uhu1-q98FKcXoQ-ab9zg5ldcs2X1ebuzLNdN6JqvNdBchzUUpUFc61KyyWxaIZb4E1os91-PGoP6VBD7DG_Ez9zCmLFvYM6XBUKVhuHxO8jG3fegWoovrHCxEizFSlXbonjaYLbUHxMnZYc7bzio-jTw5CyLQULy6uzad46tvKjAfVFd6NPBqwNPZSdRADP4hqQjZtxQDWVEFa3NU9xv_ziz_p1vErsr5RdMAa1Yq2miankqFcmnidm7kTDdJPWy9d32fL3v_nMuubty8oEaEhamuFmAmslfNmC22S_YL1jjqyzjr3fmFgapg6jcVCU8VBmcZ7PVlsiJQfivdbnw1neAKnO1I7OuYtUidco_ikkA6OMx6sCOTcmz14HES6OqrA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C1F1 0
56 B 83ms
83ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CIv7kebLwoIDFS1bFQgdttEOPw&bg=!OTqlOnXNAAZxrfrxUa07ADQBe5WfOHd_ZrHhcryRs2QRUjfv6KAgAtrjI7nH4s6jDlDW8CxLHesaObzMd4kmqZowWSnDAgAAAsNSAAAABmgBB5kDIY9Vx0raFmJY8KpTzq14QvROUBjh4djES5quf6tkofhz8hUWnZ7ieTZ5rPukPXntYjePZ8m-BoFSYcAqkXKbRGF2WPMoI9nMMnZLNu2xAkFcIUDTQRub__SOpJY7lDwKpW41gehfBU0zJSbIZOgcdKoP87VjM9B7OWA2he1LekbCp31JEYUpe2_gTNRLN-iBGCHbuPZLy8e3kcr462To1BtVupcfbdsIxYbwhOLR7cYc6Ns0NMpkD45LcXJ_r4qzUuIwPuhW68BoSXdgVACWJ19-nUveo6WI6W9r2G8F_Wfl1SEL2IEBnXCsxGa79T1tMmxHNnT8OSOpqVwuh2rTiHh5UZAM8v43jFeUXo4gQAHSvs-hoAFwBNJhUMStTDbdr_qG3dGH5edoGgbGp1jmCLCIZJfQ9OnPhGWDCI-uR5ye6JdqgBhOoWiOc626uiYuXaaU7E0MJYWCLWzmPaW5LtiB4GHr1Szruh-5gETu9wUtA0nnBlqDCBLQimJJ_zhg5BAS7w2CyYmNMmcim7gUlMwLBVdhTnRw0s3bGmMMZcFO5cq1z8Dhd93MfL-MLQXtkP4IP3G02L7lVf3un8eI0u--2VPciKl6tUknhCGoQF4I5g5k55rWCqtmQw4a3-PiWvg0oRNB3piL0JtVDfEdprztRr0dfSkMGCAXcYh9P6j1jv3IoqF3U8kzA_c2sPvLZW7f_UAmZh55W_hCWT8zJuErYAYIIU8_-SJa9ULSxp32tl9UYZgYR9mPAyLE3N-x5tlrDuWVJgYqHwUKa0ImHoT5y45G8GZMCoBaqUnR-sUPJg0y6hVVr11EXFZIJhHPOwJQtRI6ONA7RwcadNNfN70R3j8HMRH2Ijl38SOzw4Ggd-pEK9NNxK4Pio0G0fK5gQa_M0zS6owlOBJbHGPgkL7og29_hJkiNsqO5i9iRQH0gLAI2D7kKBtazx4UoQ5aNao7vKyjEpGiypDZliRes_11lo56zCHx16CVe5WToMnYJO7ryepyn4uffGespFNT3cIvSNWkdxaDfrPmwAcXkPPhbY3nBuHM8ucE1Q2XeLxF0A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2917 0
56 B 81ms
81ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CJa9kObLwoIDFX5bFQgdhrwCzg&bg=!1dal1pnNAAZxrfrxUa07ADQBe5WfOKCQ5VNgDkZTQqzpiC5Uc-uPfggE00xHq9B6657gxgoR2MT1CvP0R5fag4bDhQDBAgAAAyVSAAAAA2gBB5kDDUrpp8i-8ymrLHCee8MeE5vMfemYefiIkvgG2Qg9oNyfIYvMDqGxwO3C1Wm2BXbKftaE3mFfTSRk9-N2KNseI72zEwDW2Esf_QDVh_ILLK3EY-OTIu37i5zOcMI-abNneAtiZUW1FKXQkIrQxJjnMncu9aBtSXJJnapBZ0DuPnQd3wSm63WJh4gRugv-z70-4XkOIqCj4rjfXWYN1rKpL1-Togu2NBt-VzoYxhsBc14DH4gWzipTqOgKBGHZJ4x1u4EoViX2s3gLnW-K6p8wJf8eGIIMy7eSrcxtVQLPHM3Fz8rxAfJN8nhfjunGuqiq2X5JtjZxe3qW6F12gQPyWvxMWWAKOAjLXwwxE0jyX9N3UfVdrxHX6Mmvj3OlMjsX-vthGkcUSAjG3xX1yfO_LCjBcPs67Apo6NMGmTBi7DG4apHapzBk5Hi77XNhUguVPUybTfwDBZSn4s_4-LJ5aqY3-TTW5_mv5_wGAMqB58DcN5tWhp9bs_ozRz0LtGyacbyfJx1Do5-KaCdItoIEDt6g2cnB9tXHXQDadDMHBCUjy72_p02ouUlyWCPa_MkHEQtMdf1_U2KegQEp9TIQAMSi2p_Kq-9I7Kjfx3NA7yCw7PO-T7y4ugqaHSWpnwgo2M_Vcu7tXwYtfIlasdv9P5Mpz4EqL_iXI7gb9cr1B3fgk-6bAvc6WlX5b1PRF4ho7WndheDTwld2hdwYZCIPjLBUcdBHLG_5yPikSeFYSKM-x-XmnXcmV8rHC24bRKDk1jp3_5T6D3R9rIzAYUJAkcI35FE7UHPlxGpq2GKP7NMLJU42lx91gSZ6ZKe7Q2vealAN-Mr0R5aMysXLZc3AVaMqspKFhMeZ1_6p0Az3KJsw9Uy4B9ty4wWGyW0tm-zyaT4tns9eOSAdImLqLNUFCrrH1gv_vXF7SFdSjTPsR6kZCfSOAnkVWtr8hL1cCTOH7Z2tZkt2I9tn5RG2qc-dxuVOCe3F4X-BtbtmLtJQt18aC5waKDNiXg6BsVkohplMN_CHJkwYD0xFlnH1Qe4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0940 0
56 B 83ms
83ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CMeskubLwoIDFcPB5godArEO4A&bg=!iIuli8TNAAZxrfrxUa07ADQBe5WfOIBogqWxQD-ontDxWIO4xfpIM756MId3_m001NBmniuH9HWsgCgqjlG-w4i02TeaAgAAArZSAAAAAmgBB5kDDuNxadtlz-5NQjPyJ5rBHFhxNX8WG6S0HDNuVP6RDXyOl7giU4lRWfWe1oCvXqhiUdUkVSNLrk6MB0DHHMcXJrlKOD-VLdWk9yF0idx7zwgOBl95gjXuyHktHh70abVesf2OOP9_NuUoXa921CxQHza8jK-SYPV36_m6w8R6sEbreOFd3JdsT3_1ePJ9OTNf0vREvoxzo7b3G23nXfDxK6dztI-8pCmBC67pYRvuvsqH06TIUOzxXn1I5jGJCnC6wK8oLuvowFHoBRyJ6wMNhp1dFw3VNNUgA1uEjhdiyQs8eoJ2kQaFCyUsRCUZVheTEBbV5OJZuyij7hJe6cAXVuvBzeqDIVnTa1YfLg5XLWd_HA07W30upjTAadMkBTE8xdJ06ikgRjmWjtQ8jLR9aqcHisE_tR1Z6C1ZYqdf7FUJtRxMOXhFg3urhs49fTzQfwcpGk3oy07z4od4Pv4x6Yin3LOQJonH0uKfvrvM_Gz59tImhbiojWyiGvaq3QqseHXSlbvK2wV0oFkmJ20MK3M81BzQ-p_MuQ4HxSakL_Kun9fXsJeLlnbl2M0BRJywc0th1HTaXKfEaBIbA3SyHmNCuTbzn6n8Dr3i4V5bEKW-ImkpC5s87MGC1dXOi_e6H2aVZU8lveMoFeoZv4wxug4KYwNZIifzIWdB6Nm7THyzww8U5mpiL0lK0rU5lU3A-Fu0vfuqY43sACSrenEE90t72YiWhZEP6t8pS6Cp3kC9JBTNUNe7_NI6lWn-fJ5NDgONt_igRjJ75aCokEz8F1QoEHL9qgIASYKwcQBIpTB2oGudBzrA-3bvbSjgTPTAAVIw-MRmMWScbK65QeY0CXdhOY8F7wRQZ3Q9WWx0ullxZKd-01gCqQngHk5gDCae1MvYGlrMQAl2GJkCbE66wxtht2wWlVUbtBATKUFdumlxttX_F1AjjeDI-My-hdSq0M4NhBfIf-t5VU_NorrXg19rVAi_CUwoXQbQrIJjiTx5gjrlAmiUuBYue7-xazh3Vtavzq6i7avJ6I8N92pJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1679 0
56 B 83ms
82ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CM_2kebLwoIDFS-OUAYd2egBPw&bg=!VlWlVRrNAAZxrfrxUa07ADQBe5WfOI3KJS3bf9bFPp4WzoR3CvbziE_204RbBvMjfP4yJu6p-6R5xpj4BEUOCVKwe7sEAgAAAqhSAAAABGgBB5kDGXTgTBeNJEJxT0A_aq5uZmrrTgNodg0IigSNqHFiBlpE6Pb4CKEbZLF76nfQ-3paaKhDt4ZtDzMDlfqBhY5WqxzMmlgPYIB8zvRwSVmnmvcz4t3wp90fiUpdGbxO1tayAexDXwUoYTgbboAzjSB-uW0ywHHoawy7jDotM44AMk4TILaLQWdzNA3iVQ-F7J0-LTZBuAOEV-JsVNEfzeQhV-GTL5PDjf33X5GEvZDcBFUlpIAtl2F3tzM4Dyj2EnDmNUNdys_NBBC_84Vchr5le-MKhtOR3IX_2T1H1ssxgEQZ8ZDpv7iknc30u0FIOvPrswKoH2jfgHT-9AP511n1PeKNzrIVkBHchNItTGtgysKaWt5c8qeLahRE5RxNfShPgBNewrDSKpmGl-aaZeC3AIcZZ08UnX1qcpnFqIEuf6jGiWr84Lh7OgDx_Is2gpgq3YUCoe6DK-Sts0yWoHwooi5Ec0YBJ9iPGiIWEOeYTP22l-o-yM_Kxgar6H2vcdMwGlAVZuvvNeFnXcThS1ml7TJTv7KfyR2qx2cGRXzaByMZNVzPr87sq8wdi8dzVVMU-X9uTCHWoFmskiwHQmxZS2fA-vT1iG5JXMBR48fM-vOH4c9XhMzQORv0REYCuYKqOwa99xx_P4RKYwvpYl4ckn7rbuSzmGDMPCdu_Kl93enRoSW1B5Y_eWv8KbamolnWo9xlFtf2dPhbdNEE3HPJKxyhISWVgd-KbiqmG-I4fBjT3OkGLJxpBaucD60Ql6MRMdpJdHGxWGRTzLcTwf00VlIoLfzre5aiOYMuRjpwjqyL2Zlg_1FmjPGazGFE4hvWNpx9EbrPT5ExbPpB2OxMcSJX7cZl-KoCnyO9XUm6CR0qEx6x5hn8TyzNKE8_FqrBtagn8fKbfQcLoYOsdyvaHEGXrBgTgxFA7mRQpc7xAvhZEN3wOoKI8bbl0wqWSzcxhBbkmT10tIp5bG8qumvn31N_ax2XCN6fSIU-QPXekfy3rjXptf3EbH9MtTlARgACd6daWzeHWoTsx0Iy9ihRYHR1wo5c1CLsBcU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EF39 0
56 B 90ms
89ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CM37kObLwoIDFRtaFQgdGGUHiw&bg=!1dal1pnNAAZxrfrxUa07ADQBe5WfOMK5zmSZdJ-oD6XH_aNmbdoq3Wm5noShePYpLfbp4Sc8tNFHFiDn5Bpjas--jMIWAgAAAwxSAAAABGgBB5kDGrR9H_2JzLwr6AWyHC-c0RDWAlN_viYKpLqAju74tcBaKIvZ_FZKcHnZx0nFgTqTo0Lr2whXWOCRN29babOtGgtZuUiSRxBBms_UL7I1nbLJMQ2SQTdepkEMwCZnCNH99goZzD8KKb26KVKg3rENX10d3TzDnwyz88nsSlOCzCnW_puGBDhgsMfH5rnrr6bFsjJpsGKsr2dLVhSZ2vHc2upX3TwO9-EguWQeq_3YQxMszAskJGQhG3vqgET1ZoLjWzXR0w1yPmIFLbOhcoXM-FPjyfNmwiCL-G7vY5jzCq8iub_gqBoUxijMn4jRDkjp_-E5Hq_4NDY3g0xCY5-lRRWPrzvl9pT0TlT-xIUFWHJNbGxSTGtwxlcQQKrmCNihzuFveCVK1tkGzSyi2dEn85UP6Vgh6nOefyl8JB_XHUCfEE5K25rmDfoCCnQU3A2dlKY0juxhFPqqdzEoZh6e5FIrjrOvkoamdZWzydJjhp_YN88dmSsRwboEKMYzo2_PrhlmSFFV3fxtvDigHveKV9cvum2Irs7pRBjN7gFlDj8mDejAfS2vLN2VR-097OLPQpigMIXCsUdkZiYY_3abtyIPIBXsFh8hQxRxRrQ59s3xZ1y2VJjGkjUZuHK7LVcGmTHBeJ6wfwIK_LurloymyglkYQV3vzJcPhsFReEUblo8chLTM1q33Pgr6kU5p9o_6l43jZ9mpl0vuoLgqAMsX0HtDUpn3J0uDf84a54NHj2Gzc-N6CTGvFj4Iye3ZOQQTf9lz8QruCR5Nu5QwQQ5pHkyJYvj1ZEkNTIBbbdbvUHydyIS6nlbEMRDAWWZaqxWCO1QP3rKy25A5e77oPt0RTlNiau5JZIqRCyDYQ2GQ4purBbTTT595_ngSAvrEpZ4CEoa7cBYWKafOK9TIUDco1o6IUwzEPYnnvH6vgs1uwP3GevESAsLfBTtuCz6nM_W_2o1ZsDK_5rF-uOJYZZnYijjrnRJVRcp2MG5qRAZv-y8N4GnV-X88bV6cLs5nW6x645pP6XgxTG1b5RAuBXeSn37XtI_tdkhYNf8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 03:54:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 6587 55 KB
25 KB 755ms
54ms Stylesheet
text/css 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI&co=aHR0cHM6Ly9mb2xrZC5jb206NDQz&hl=de-CH&type=image&v=fGZmEzpfeSeqDJiApS_XZ4Y2&theme=light&size=normal&cb=h040h01kc5q2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 21:42:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 21:42:42 GMT

GET
H2 200 recaptcha__de_ch.js Show response
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 6587 470 KB
188 KB 760ms
61ms Script
text/javascript 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de_ch.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

d215f38ba9fc751e85b8e259a2ac223405de271f243ad65bc30a70d1edfae329

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192511
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 04:12:51 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 5EDB 0
41 B 45ms
45ms Image
text/plain 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9JVu-Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 130ms
130ms Preflight 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Tue, 14 Nov 2023 03:54:10 GMT
x-amzn-RequestId: d39778e0-4a8e-72e5-8e5b-8942fe5a50ee

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame D493 133 B
569 B 144ms
144ms XHR
application/x-amz-json-1.1 3.227.250.215
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.227.250.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-227-250-215.compute-1.amazonaws.com
Software: /
Resource Hash: e835b720cb0ec8dbd032ba7a8e1f14f0b3af30448838435e40aad007267bdd9e

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231114/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=e914e3890b9d42bab4fe03ca8354c3dd85f0afe015753ccb933abbae820fb156
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 1783524af3a382e8aedb5fdebdab0faffb3fe826154aa32dbe64e952758dce22
Cache-Control: no-cache
Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231114T035410Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Tue, 14 Nov 2023 03:54:11 GMT
x-amzn-RequestId: f25a50f0-1c93-be15-af96-a153a8479c1e
Content-Length: 133
x-amz-id-2: POKRayDhRAuoAFOzPdOW46t1+HFZMC9Zx8nBgKHluLhuf32rELakf7WZkm1I5E1i2D/UAmJ6i7C+lHORnOnJU4rJSzVKdSN+
Content-Type: application/x-amz-json-1.1

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 83ms
82ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=2815995020238576&bg=!MTKlMn3NAAZxrfrxUa07ADQBe5WfOPvhbewn6Nk89ft3-5thOifmuGwseJCaTeeXlnlbHUCNwrxLfs8eVgq7oa6Y_46mAgAAAFZSAAAAA2gBBwoASVFnNEaT4IQl4Mi5mz6VhhGLcQaj9ZZJkdm3djjknRwn388Z5HoFxBZugPau9g7DtFV5QFRVtpRBrx5GnXGuY0gRMAyW3Kawf6qZArYNxT1T-xOW9N_kuDsK8A9v7n3_ZzT2ObmX-YEsNHC8Q9rSsAeMcJojy7IxsKXFvRi9GXvjvOyfL0GLXL8hNt-zoc1XhJsoGCXrJ1PNJSZW6ofts1ICABRcj8HGrtQ28XLBmO_rPvzw66noRR1HBuVb59Of1OAVuhHcblUdds_ZAd_IRTBzqPxpvqUfx1GNJ9RylPy4DPpxYAPAbAbyjmFDS8UgmjhiXdpUJIjPp6uCEUrIym92YnJXSftQc3cAkiqpfUHeASpKM_92DRwUCsex2A2SzuKc39gGCIo3SNcZsyO8hErBblXr39S7DUeE28ijOKBYQiXb_uuTUMkKbaMR0WoXlE9ua4LmilnVzyYeEbx9ZyeeH6daJdbzBbPvRfhnDIrAp1OTM0h3L9uTNwgElbzqXBxPwpkSvFeSWo-aJlq4Rw30-AN3kfaHsLl4KLfvZKXZ555FIodZxdcA0aqkRtq1s-Ukc1rFV1sL4h8hX7cHKxnwtklY2CS_yk3VwPmY0BiHsifXXIDhwlr5znxC9mlenO_K1uyLNKwAyo8Hs1HpikVnGj4a9Gf9nyCjsPqdFagxZ0xN718Pzc1j_j3PNGL8I2SLwqIjDzPzXGqxxCgv4GXw4Ri_9D5bxcqXNVVneQlXbmKJzTiGs8yzdc3Fbp2BYdNfon3gngsvd3WKTPUNELY1dpELSMsEsv9O7ND1dbmHlxfupdrBW0zSK-Pna5Bq9SkRo-eGUJ0buOD4aaOXKmFOI2cvYw2gQMNb4qjb6kHHDWAL7fEc4xuafn10A8brrmfwFSyEA_aE7Sw5SF5jyWXi7JgllEvMbJyFfbMVoSKyEBJvETcQ4QZWIExZ8Ydio6HVf7tUA0E0g1lesuZ2NHjirtVUeMbZRwziEWGJNzM2X9pXvw0GbEeMiQVptCa5cuKj
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 6587 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6587 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 6587 2 KB
2 KB 48ms
47ms Image
image/png 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:15:26 GMT
x-content-type-options: nosniff
age: 391125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 16 Nov 2023 15:15:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6587 15 KB
15 KB 48ms
48ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:30:11 GMT
x-content-type-options: nosniff
age: 163440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Nov 2024 06:30:11 GMT

GET
H2 200 webworker.js
www.google.com/recaptcha/api2/ Frame 6587 105 B
212 B 62ms
62ms Other
text/javascript 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de-CH&v=fGZmEzpfeSeqDJiApS_XZ4Y2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

GSE /

Resource Hash

3a9fb4847bb3723f3531075b8ea697340f67208869a7aaa8f9c20ed97309aef3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI&co=aHR0cHM6Ly9mb2xrZC5jb206NDQz&hl=de-CH&type=image&v=fGZmEzpfeSeqDJiApS_XZ4Y2&theme=light&size=normal&cb=h040h01kc5q2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 03:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 14 Nov 2023 03:54:11 GMT

GET
H2 200 bframe Show response
www.google.com/recaptcha/api2/ Frame AD21 7 KB
1 KB 62ms
62ms Document
text/html 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de_ch.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

GSE /

Resource Hash

ae4729c6333cb75c997915d6d642fceadbd3f598301462582679540db11ad7d0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-H5zj2v1Qqjwe4PDZRVpZJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-H5zj2v1Qqjwe4PDZRVpZJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 03:54:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame AD21 55 KB
24 KB 45ms
44ms Stylesheet
text/css 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 21:42:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 21:42:42 GMT

GET
H2 200 recaptcha__de_ch.js Show response
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame AD21 470 KB
188 KB 49ms
49ms Script
text/javascript 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de_ch.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

d215f38ba9fc751e85b8e259a2ac223405de271f243ad65bc30a70d1edfae329

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 04:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192511
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Nov 2024 04:12:51 GMT

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
289 B 131ms
130ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.13/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://folkd.com
Date: Tue, 14 Nov 2023 03:54:12 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VUwbEAG_urUU/ Frame 8D1E 0
145 B 65ms
64ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VUwbEAG_urUU/postback?di=folkd.com&to=3&pi=3406412741864163421&gt=ch&ci=518423&sr=yieldmo.com&dm=728x90&bt=programmatic&dt=5184231558719353398000&ti=3406412741864163421&de=2&md=1&pp=2518831497914294538&pv=e2837ed2-fb5d-46c1-86f8-fe192e68516a&si=2331256393946538634&sid=Al44VUwbEAG_urUU&oz_sc=d1ca25a7347e8aa66affa0b6&oz_df=1699934054330&oz_l=588&cv=3
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.112.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 14 Nov 2023 03:54:13 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VUAJEAGOgpV6/ Frame D1F7 0
145 B 69ms
69ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VUAJEAGOgpV6/postback?pp=2518831497914294538&dm=728x90&di=folkd.com&sr=yieldmo.com&ti=3406412741847641488&pv=4a15f476-2063-4f8b-ae11-8977b59abeed&to=3&de=2&si=2331256393946538634&md=1&bt=programmatic&ci=518423&dt=5184231558719353398000&pi=3406412741847641488&gt=ch&sid=Al44VUAJEAGOgpV6&oz_sc=c2053d32c6681a196bb8d363&oz_df=1699934054347&oz_l=588&cv=3
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.112.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 14 Nov 2023 03:54:13 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VVUHEAEijgPo/ Frame 74AA 0
145 B 67ms
67ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VVUHEAEijgPo/postback?ti=3406412741679615071&to=3&md=1&bt=programmatic&ci=518423&dt=5184231558719353398000&pp=2518831497914294538&dm=728x90&di=folkd.com&sr=yieldmo.com&pv=f61d60d0-0b4f-4611-b831-f4e60183c08c&de=2&pi=3406412741679615071&gt=ch&si=2331256393946538634&sid=Al44VVUHEAEijgPo&oz_sc=306c02e7e26bc48138b77a4b&oz_df=1699934054359&oz_l=588&cv=3
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.112.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 14 Nov 2023 03:54:13 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VXASEAGg85mq/ Frame 4151 0
145 B 67ms
66ms XHR
text/plain 3.253.142.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.tas.yieldmo.com/2/2.112.0/518423/Al44VXASEAGg85mq/postback?pv=ceb77ef4-6942-4245-894c-770ee57cbe67&si=2331256393946538634&pi=3406412741603456321&di=folkd.com&ti=3406412741603456321&to=3&de=2&dm=728x90&md=1&bt=programmatic&gt=ch&ci=518423&dt=5184231558719353398000&sr=yieldmo.com&pp=2518831497914294538&sid=Al44VXASEAGg85mq&oz_sc=ccd897f701ffd25b3e7c7de6&oz_df=1699934054581&oz_l=588&cv=3
Requested by: Host: s.update.tas.yieldmo.com
URL: https://s.update.tas.yieldmo.com/2/2.112.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.253.142.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-253-142-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 14 Nov 2023 03:54:14 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: oajs.openx.net
URL: https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_hm=ZVLvXdOQZHukhhGRsBecegAABLcAAAAB&google_nid=index&google_push=AXcoOmQrvHTORZquKMIdmrlKbaGuorNzqC5yEx0-VBInNZMW7nRKvPF8VW-F09LB15hahZZc9g7sYQd32CBAPSIw2feNI5ytUof8yA

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQ6j5YP_Y4mNtvLzFH2QT3lgi_EdQFn_goXFqcdYzRMyZ-KyV61pUKg15Fphxxqo020s_GuGoerB4rxFnRrFeK4UFmo5Ih1mw&google_hm=3bb026b2-0a9f-4413-b17a-1b2d9b98551f

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRdbh3VZtKlabYol3F7kC8ehAJcxv5vUOVdd6mcKLGS9PdS-RagDuHPHhxsskewICs_dTAOpCgSGssOcXf9uruO29f-PF7Iog&google_hm=NGRSY2FnOUowWkZfYUl0QjYzMTQ=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQVvLGQt-1mwm6-O_0W9JZvMTiKCm_T2fnNyUKjU6ja8SDki1GL703GZbVvDsv1yTSZU7ntx7au92cTPAX9sr5TcJ9I5t1ADdc&google_hm=f34e9699a6bb4ca716kltk00loxsu8cf

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=N2VhMTNlMTEzY2MyMWQ3MA&google_push=AXcoOmR6SNw94mqKesn7s6gBXaoDv5VnD15kfetqTd8Ux6xrRrVP_lEhVWoMdRtUecq4knx-92aDHiKL0ZbjnG7hui_xkV3dhKnXh88

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRANOboi5Iv2fhRu7njtoDBoxmKCJk3dAAfNiYZGbec8RkBhOn9rY2FW076THrbkHBtn00dU_HSpdQROVUjU9Nj2Ac0EJ8&google_hm=ECZOh3ijRmmSvGkQe9W54w==

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQioxFIVWefCdBE6Tjj91CNbjL3W3if3Y7r24J_sXFfOJ_WU9Qdvd7m4ByYmJugDsi5WKJQLahs6qm19IcEZ4mCQUMkgmXI

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=aOGwZNJ8S_Wi-QudT_iWDw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQ-UA2cfqCyM8E3rRU77AElZndnsAovxXwhwdX34oK66kjyxM9xffIHephSKueDJeNCXKKQpIi_rWJZt75YZ76B2Rd5zbs

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_hm=ZVLvXdOQZHukhhGRsBecegAABLcAAAAB&google_nid=index&google_push=AXcoOmTMFVHudmZV2NQR3HncWTS4LY1Xutr7PsiSSXLX4nBP1UrZfhq_KWN7KvAUDuxKiiMg3gyt2feiylpsgW7NGq1aPorF6EA

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmT6ED_vDMP-50sT2Mi6P4Fz_30hh1EglpicNUyO-0y3K06jPX1JRhZOQWpfcglFhfJoU3d2bT6oeP_98DF9ZmgeGv6mNXY&google_hm=d11c3103-dc29-4b6d-9c06-9c626751255f

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkzMzAwMDk5ODE2MTc0Nzg5NzM2OA%3D%3D&google_push=AXcoOmTtbGr3EQ5ytBPymc6lpqOfNGDGh1_FL3GLovBQK-M4qvwMyA7MvYM4st9jYhIhaC874oSONdIWEg7mIHgZ1DvRwMxfpwsb

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmTaV9txLM6UDdH5ywcibD9rbsXoxgNDa9um_4O9AkE9wUdk9fs4KlDyv0Rjq13_lshucvhE1zQ0EKKU3ffJ9XLwLDMabYqR&google_hm=Pn3WGXYWRfaW3LQkbKJEWA==

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nbRp9Ch7SaCCfLfzk1i_WA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQXhL3rptoPSD57z94qxx7OzkwNHWw1W8xRamAV8MRk8uhSsa0xrsrYH4_veUCspU6BQqJAMPAIbwT_32bWim2ODrJkEhq1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_hm=ZVLvXf6gEsRT6ZwT9PMEHwAAFJ8AAAIB&google_nid=index&google_push=AXcoOmRuvktECRJdmFBebY4z0_na5Wnf7AtwZTCtYopYiUlsabkiKFQ6nyGgyZcMHB2zYOaOUWaw16vkb6mxcAxbeTww9MPUHNSy

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTtiUquCQnJqEYbTZklj7O9TigYBHqz_zhIABuLrf6vfL0RJDp6Vk-a-rFB588kUot2Ci3OXs-Fo-hu59wKcB0TwJTkGZBl&google_hm=M0ZpWjRwcGpqTHBVSnl1NUd3b2g=

Domain: sync.targeting.unrulymedia.com
URL: https://sync.targeting.unrulymedia.com/csync/RX-f48bb6d9-94ab-4124-9dd7-d07e497ee5cf-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRvdRhWP8HjQoTvbE3Wi6yFEs9Nb68EG59o2z7TuFT0-irD6cTD56woaQnn7AggkkaDXM_uUIeaWBapaNgkE5zs79daxUM%26google_hm%3DA_SLttmUq0EkndfQfkl-5c8

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk1OTU0NzU2ODM3MjA4ODIyMjUy&google_push=AXcoOmS62OehRLCIvkttKP2WO3yBq5Y6Tj2AOqTaZX8wMsW0ejM-S4kV5UTq72LOclgbwax80a9okaEP3N1N4A2EMif3pzUkIUQg

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSdAqRjpRkCsK7Qe5SMoZoKuwJvjyR3QrpE-7xKLGLhXr833fAsuJ55QcMAYEwo0aAFYtfkSZote601T0P-jg2pNYAPIJaIAg&google_hm=S-Ho14mrTNqSiEQb47a2rA==

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTdnGJp_TZzLDHOK_rwTPJcrbyVyaG4our_AAGxeXTeFNUgha3mUPwhuhCi1uyXBSOkd30P1bJ3u9ykzDIPhfdPRUSAC8RxeA

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTgGtmHM6DJZpY523WuC9Io4WX42krNmBLKyYOdPodVdoKDqEjnczB6FEelVo6fNqhEvyW1FAbMlsmWAld1lqLhx5dyoG-X6A&google_hm=M0ZpWjRwcGpqTHBVSnl1NUd3b2g=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQU37Y9fshYQNgZ476__O489BUYPwo2Wlq2l4zqTjh5TEfDkN71ZNo0nWSPGgS9RDfnLzlkBUP0qkFCpronIoxA_Ym1iPr3Xw&google_hm=A0nw0XPch0TEnJWwpY4MXhY

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Lc8Yitm_Rxaeo-UZKdoTHw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQIHakJXQ2UPGgbCyOgnbC7Vx8HG1K6LMX5u4u_d-9BTmC-4RwGTOA8g0y9qEzF1jhdiksZi9fKNXZjSKMOoE0LrCcEKoEXpg

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_hm=ZVLvXdhlxa_jmfJ1_BzSSgAACF4AAAIB&google_nid=index&google_push=AXcoOmQzvFzEpl441bgqUAabtcwVDZ7crEPpswghdCSikr4uem8OHa4f1e_Xmf2kM7JkJy4-NjSFg-ExxHmG_JZbbtX-_7vrO7TFrg

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRqdL1_dzzqVXtM5Zp5Iv2WSgOJtqMofKvFlrlaTKgnAMZYNQIp6ouPTDSzaB7WdZ7TJ7TrStRaHO2KhTyPC_6E-_uvQZLL&google_hm=A0nw0XPch0TEnJWwpY4MXhY

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ1NDMxNDI0MDEzNTQ1NDcxNDI5Mw%3D%3D&google_push=AXcoOmTI3W2xpe3uEc25ezKvhBAQyz62pdGLJX5LlMSfLMvLYp0Wcy9QVnmXaMBvfgCvqENqWFueVWd2TtxrLKTZ-mVZof4wym_M

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmS3HveI-26vjKcR3OEWLiiLdYv91GNEc6otHBbqOjOKpHwaH-apEaKW2hGJvrAtPa8rbsJdfysbABJrz3V1ciYn7j-exVg

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SgVmX0MOS0eMZrMlYOCJlw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmROYt57LhVTY1YJZg5_h0-6ZT-GMYf2WKXyvi0gDf9wEei1s2bxvJRL8NAWd7gcKiDbA74LpjuXDI8RpIN4zhfzg5ylcfU

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_hm=ZVLvXcWoY9-Lfjjl8kRqowAAFKYAAAIB&google_nid=index&google_push=AXcoOmR5lOrNWShJtoqb4bsmrh0GWG5mGCp2vB4q5d3xT2s4sezQUN1PhXVZgGUXTMsLbseLLpFhE3USxeSr_0pQR_0KPZw68fV8

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSmmc-wk9AqSqfdIsTFwPuOZ1YgzC18Ssx-dbhm9SoDl2G9yU5XCB3RgMnZpQbfrhKeDBpRsBRkg3pBWDWTvUlRLralaj4&google_hm=M0ZpWjRwcGpqTHBVSnl1NUd3b2g=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyOTM1NjQ1Njg2MjkyNDAwMFYxMA%3d%3d&mn_hm=MzQyOTM1NjQ1Njg2MjkyNDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRysJpiZYmm8vuUjPN3p2-EEz0MmPh6X5noUc-vJBU5SpfsU66ggUE3xaB5Ew8hhG8rQ2mhMS61d8mHtRJ_3JsXINvP0eeH&gdpr=&gdpr_consent=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi8v3BTJRt9zD8Xb9gjRY80nVQ3UPVnDeAA&google_push=AXcoOmSjA-NLHQewqS1aaCcjK-kMHVKj1eAiPIJEBuMUTr99OwvCdDfKBDHZ0vtGqhnzFH67wSGMCoZCxFLE8FO63irVvWmzaYUW1A

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmST6AZ7L8zuj_m0azuuJ7QubLXjm_z5rh4Tta1M_czhucJlQn8D8kmuHYdJZzju5uC7JSXmNimZHTApn9sr-kpuO99NSXGV

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-lqVQ_WdwpTYEUw9FpYyhdFOgK0awIDkhKA70hQ&google_push=AXcoOmQWtyprwiVNi105LOBTebLvWgkTnzErw0nJOUfdz7nKaFoXVcdiSDIIEbah1z4NW4dGbQZwwd-rLuuH90uaX_7Tso-905Fi

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQdG1SW0Mm4RrzBkFil3CogzUksASE1U8W6-21ZWRUcJZsGfLHcK7jcqyfyEeFps6Owuh9S2guD7SiS856SSZYV9QeqBeo&google_hm=45e33816-6768-4934-8029-a7cb8abe5f7c

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQgDJvXL_R944rZLGis8JI8upr7jQUYEloDHtkM1uyza6K6NUh2zt2reR5dSiuvMbQgXCKr2taya8nRyVaqyY1u_fNo3t4&google_hm=A3VCWSwZJkb9rR0sXkG0UA4

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk1OTU0NzU2ODM3MjA4ODIyMjUy&google_push=AXcoOmRtoG-YAXRpRP17zTMpnLw6XnPI8A8F6iN7hu3UgTDaabaPH0dhrUTpVmOcr-6L3IiJmlkoEKRE8MXV1x7Dl2Iv5vLMwRSW

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi8v3BWQqLMpQrzeNTs1Ye42NfK7oQoxQqA&google_push=AXcoOmQUUQKEyVKKBvseus0F_yymDs9xt6mTj-i5Xh_K73s0h6ByfiEbo8IqEesExxFBvI7JAquqYhV4-yPRPgtUwJWTwlh__qkD5w

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQLIlKEbsLIQQEXdSEH6Paa_pozpbP8VOVB0B4oCMHQBq5Z_JzHOag_XN95YP8R_rloT8waaHIteuToQ7IsJbqdgUgz1Eumng&google_hm=HDCQVU2GSqKEaLdqv5ypNQ==

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmSzQN0FvSH93NOotdN04LcJvSSeYkjF9isEoYizJn53tJlkQ3sqwJePGJNf81C9FTNQHWl9SoZ_-MfOloJawtZr7NUMBKQt&google_hm=M0ZpWjRwcGpqTHBVSnl1NUd3b2g=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQFjWkEJk4DIht83A3I5-7V7KVBma_UdBUPDifkPMrf8EU2c8M6SI8BFi7ZZrK2uKinnYuO0bsWzUtbq-PVHVV006fw3ud4tQ&google_hm=A_9mb8meUUq0gjLnX2ZkgCU

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyOTM1NjQ1Njg2MjkzMzAwMFYxMA%3d%3d&mn_hm=MzQyOTM1NjQ1Njg2MjkzMzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQZJAEAOxSQ4PptbyH4_zGzEP2H-74h0MYpC2e7hAvgpJ3BVspQEAuzCfGUe12T5trYuLaQyjXZRMdrZgNXiJGXQ8nNpSF-HQ&gdpr=&gdpr_consent=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi8v3BaXjJNIzanQTqx44fb3-2A6es-4vMQ&google_push=AXcoOmRsMYctX1Kcuxtjdb06pRnS0Gw6DkOXZ4jcuIbLD13jwhLjiHfpGeuduGm1mCDzOXA3nNHwakt4R_q_feq4VBMpGS84PRE7iII

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3F2DCF0A817B43E895D550A0AF49F2FA&google_push=AXcoOmRUMKFhIyy8maBnXgpziNRZiRbq4wXl7JoLZD3mGmCV9eoZyzsJC-XlzCmGvHW6FY7ZlQYd6pLaoPOEAG47G9P02wLjN5ZDKQ

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-lqVQ_WdwpTYEUw9FpYyhdFOgK0awIDkhKA70hQ&google_push=AXcoOmRZ6rmLHbUcRSmato5c7QY9IjoTwdnD4-lXAeKv_woanpFPNWPZWwxIgjxOr6Z_M2eDgBWl74wKvOSo6BGeI71ffrkWT0_gmw

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFVZGjZvodGd8-v9mr4tvB0&google_hm=ZVLvXdOQZHukhhGRsBecegAABLcAAAAB&google_nid=index&google_push=AXcoOmRmzX62k8UGQjEKH6xXxqSYCwsgEKu92YLpLsUuj4A_Pq2oIyepdVgRa9SgYd2DsVm4fC2ukCBsHAgUaygm_BTlFG_Qb1KS

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmT_cRKLosEKh0xLacfR3j6aBJLRRm7AivuhPoYEGCqJFAv0Ls4YLOU6SybYUacc1reZ2JvWdX50WpeftHsFRob1HFvwVjPd-w&google_hm=M0ZpWjRwcGpqTHBVSnl1NUd3b2g=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk1OTU0NzU2ODM3MjA4ODIyMjUy&google_push=AXcoOmSWrfA4_77I6_zRm0TcB_jf0lM1OyV9mzXb9Ytil3k1t6-ez4TIAE6cPkNpBZ4PylGl1j5YSl640cu3fnJv2y61S4dmB3KQ

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQyOTM1NjQ1Njg2Mjk0OTAwMFYxMA%3d%3d&mn_hm=MzQyOTM1NjQ1Njg2Mjk0OTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRUEJihHRqfMB3wlHowVAFD9d5rNFUZuCpYr503dDUF5VdmEnTF8FxTaBlxpRauuPmfOZVPni65BPJjaBR_oGcOylRU83X9hQ&gdpr=&gdpr_consent=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=M0ZpWjRwcGpqTHBVSnl1NUd3b2g=

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/v000/sync?userid=0fRreYpNWgjc&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/sync?pn_id=rc&id=LOXSU8S0-1-A8KT

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDJGODVCQjktQUU0MC00MkJGLThFMTAtNTI3NDhGMzAwMDg2&gdpr=-1&gdpr_consent=

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/v000/sync?userid=8149008930017261356&pn_id=an

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3FiZ4ppjjLpUJyu5Gwoh&redir=true&verify=true

Domain: ad.turn.com
URL: https://ad.turn.com/r/cs?pid=45&rndcb=5311750456

Domain: yieldmo-match.dotomi.com
URL: https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1

Domain: bttrack.com
URL: https://bttrack.com/pixel/cookiesync?source=6f15a88d-e42c-4017-8276-dff2b21d7926&secure=1

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=21

Domain: sync-openx.ads.yieldmo.com
URL: https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=c321ab4b-58a2-09c9-1aac-777b11273f60

Domain: rtb.adentifi.com
URL: https://rtb.adentifi.com/CookieSyncYieldMo

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=83f2cad0-9bea-4d6b-9a29-02ed6bc04996

Domain: cms.quantserve.com
URL: https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=yieldmo&gdpr=&gdpr_consent=

Domain: stags.bluekai.com
URL: https://stags.bluekai.com/site/26980?limit=0&id=3FiZ4ppjjLpUJyu5Gwoh

Domain: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=71&gdpr=0&gdpr_consent=

Domain: aa.agkn.com
URL: https://aa.agkn.com/adscores/g.pixel?sid=9212291508&puid=3FiZ4ppjjLpUJyu5Gwoh

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/sync/yieldmo?redir=https%3A%2F%2Fads.yieldmo.com%2Fsync%3Fuserid%3D%7B%24PARTNER_UID%7D%26pn_id%3Daa

Domain: sync-adform.ads.yieldmo.com
URL: https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=5759223980947758559

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/yieldmo/?cb=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dz%26userid%3D__ZUID__

Domain: xsync.iqzone.com
URL: https://xsync.iqzone.com/psync?t=s&e=366&cb=https%3A%2F%2Fsync-iqzone.ads.yieldmo.com%2Fsync%3Fpn_id%3Diqzone%26id%3D%25USER_ID%25

Domain: contextual.media.net
URL: https://contextual.media.net/cksync.php?cs=3&type=yld&ovsid=setstatuscode&redirect=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dmnt%26userid%3D%3Cvsid%3E

Domain: idsync.rlcdn.com
URL: https://idsync.rlcdn.com/397286.gif?partner_uid=3FiZ4ppjjLpUJyu5Gwoh

Domain: rtb.mfadsrvr.com
URL: https://rtb.mfadsrvr.com/sync?ssp=yieldmo

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/mo

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11479&redirect=https%3A%2F%2Fads.yieldmo.com%2Fsync%3Fpn_id%3Dloopme%26id%3D%7Bviewer_token%7D

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_sc&google_hm=M0ZpWjRwcGpqTHBVSnl1NUd3b2g=

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/sync?pn_id=rc&id=LOXSU8V8-5-D4M1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/v000/sync?userid=8149008930017261356&pn_id=an

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=M0ZpWjRwcGpqTHBVSnl1NUd3b2g=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0QwOTgxNEEtNDMyOC00MTU4LTlDQTQtRjk2NTM4MzNBQTg0&gdpr=-1&gdpr_consent=

Domain: ad.turn.com
URL: https://ad.turn.com/r/cs?pid=45&rndcb=1309583805

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/v000/sync?userid=BxVZ4MqfSNQh&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58259&ovsid=3FiZ4ppjjLpUJyu5Gwoh&redir=true

Domain: bttrack.com
URL: https://bttrack.com/pixel/cookiesync?source=6f15a88d-e42c-4017-8276-dff2b21d7926&secure=1

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=83f2cad0-9bea-4d6b-9a29-02ed6bc04996

Domain: sync-openx.ads.yieldmo.com
URL: https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=c321ab4b-58a2-09c9-1aac-777b11273f60

Domain: rtb.adentifi.com
URL: https://rtb.adentifi.com/CookieSyncYieldMo

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=21

Domain: yieldmo-match.dotomi.com
URL: https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1

Domain: dsp.nrich.ai
URL: https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=yieldmo&bsw_custom_parameter=3e7dd619-7616-45f6-96dc-b4246ca24458&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Domain: sync-adform.ads.yieldmo.com
URL: https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=5759223980947758559

Domain: xsync.iqzone.com
URL: https://xsync.iqzone.com/psync?t=s&e=366&cb=https%3A%2F%2Fsync-iqzone.ads.yieldmo.com%2Fsync%3Fpn_id%3Diqzone%26id%3D%25USER_ID%25

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11479&redirect=https%3A%2F%2Fads.yieldmo.com%2Fsync%3Fpn_id%3Dloopme%26id%3D%7Bviewer_token%7D

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/mo

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_sc&google_hm=M0ZpWjRwcGpqTHBVSnl1NUd3b2g=

Domain: rtb.mfadsrvr.com
URL: https://rtb.mfadsrvr.com/sync?ssp=yieldmo

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/yieldmo/?cb=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dz%26userid%3D__ZUID__

Domain: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=71&gdpr=0&gdpr_consent=

Domain: stags.bluekai.com
URL: https://stags.bluekai.com/site/26980?limit=0&id=3FiZ4ppjjLpUJyu5Gwoh

Domain: contextual.media.net
URL: https://contextual.media.net/cksync.php?cs=3&type=yld&ovsid=setstatuscode&redirect=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dmnt%26userid%3D%3Cvsid%3E

Domain: idsync.rlcdn.com
URL: https://idsync.rlcdn.com/397286.gif?partner_uid=3FiZ4ppjjLpUJyu5Gwoh

Domain: aa.agkn.com
URL: https://aa.agkn.com/adscores/g.pixel?sid=9212291508&puid=3FiZ4ppjjLpUJyu5Gwoh

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/sync/yieldmo?redir=https%3A%2F%2Fads.yieldmo.com%2Fsync%3Fuserid%3D%7B%24PARTNER_UID%7D%26pn_id%3Daa

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=M0ZpWjRwcGpqTHBVSnl1NUd3b2g=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDMxNUE1NUUtQjg3Qi00NzNBLThDNzEtNzYyNDA4RjEyMURC&gdpr=-1&gdpr_consent=

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/v000/sync?userid=ccOGRsGmkMiy&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/v000/sync?userid=8149008930017261356&pn_id=an

Domain: ad.turn.com
URL: https://ad.turn.com/r/cs?pid=45&rndcb=1858563272

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/sync?pn_id=rc&id=LOXSU8VA-X-AF3C

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3FiZ4ppjjLpUJyu5Gwoh&redir=true&verify=true

Domain: bttrack.com
URL: https://bttrack.com/pixel/cookiesync?source=6f15a88d-e42c-4017-8276-dff2b21d7926&secure=1

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=21

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=83f2cad0-9bea-4d6b-9a29-02ed6bc04996

Domain: rtb.adentifi.com
URL: https://rtb.adentifi.com/CookieSyncYieldMo

Domain: sync-openx.ads.yieldmo.com
URL: https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=c321ab4b-58a2-09c9-1aac-777b11273f60

Domain: yieldmo-match.dotomi.com
URL: https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1

Domain: u.ipw.metadsp.co.uk
URL: https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=yieldmo&bsw_user_id=${BSW_USER_UD}&bsw_param=1c309055-4d86-4aa2-8468-b76abf9ca935&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Domain: xsync.iqzone.com
URL: https://xsync.iqzone.com/psync?t=s&e=366&cb=https%3A%2F%2Fsync-iqzone.ads.yieldmo.com%2Fsync%3Fpn_id%3Diqzone%26id%3D%25USER_ID%25

Domain: contextual.media.net
URL: https://contextual.media.net/cksync.php?cs=3&type=yld&ovsid=setstatuscode&redirect=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dmnt%26userid%3D%3Cvsid%3E

Domain: rtb.mfadsrvr.com
URL: https://rtb.mfadsrvr.com/sync?ssp=yieldmo

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11479&redirect=https%3A%2F%2Fads.yieldmo.com%2Fsync%3Fpn_id%3Dloopme%26id%3D%7Bviewer_token%7D

Domain: idsync.rlcdn.com
URL: https://idsync.rlcdn.com/397286.gif?partner_uid=3FiZ4ppjjLpUJyu5Gwoh

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_sc&google_hm=M0ZpWjRwcGpqTHBVSnl1NUd3b2g=

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/yieldmo/?cb=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dz%26userid%3D__ZUID__

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/mo

Domain: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=71&gdpr=0&gdpr_consent=

Domain: sync-adform.ads.yieldmo.com
URL: https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=5759223980947758559

Domain: aa.agkn.com
URL: https://aa.agkn.com/adscores/g.pixel?sid=9212291508&puid=3FiZ4ppjjLpUJyu5Gwoh

Domain: stags.bluekai.com
URL: https://stags.bluekai.com/site/26980?limit=0&id=3FiZ4ppjjLpUJyu5Gwoh

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/sync/yieldmo?redir=https%3A%2F%2Fads.yieldmo.com%2Fsync%3Fuserid%3D%7B%24PARTNER_UID%7D%26pn_id%3Daa

Domain: sync-pm.ads.yieldmo.com
URL: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=4A05665F-430E-4B47-8C66-B32560E08997&gdpr=-1&gdpr_consent=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/v000/sync?userid=8149008930017261356&pn_id=an

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/sync?pn_id=rc&id=LOXSU8ZL-17-70VY

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58259&ovsid=3FiZ4ppjjLpUJyu5Gwoh&redir=true

Domain: ad.turn.com
URL: https://ad.turn.com/r/cs?pid=45&rndcb=7246214971

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/v000/sync?userid=0fRreYpNWgjc&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=M0ZpWjRwcGpqTHBVSnl1NUd3b2g=

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=83f2cad0-9bea-4d6b-9a29-02ed6bc04996

Domain: rtb.adentifi.com
URL: https://rtb.adentifi.com/CookieSyncYieldMo

Domain: yieldmo-match.dotomi.com
URL: https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=2c5583f31e6a16e4&is_secure=true&networkId=42851&version=1

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=21

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=yieldmo&gdpr=0&user_id=2ieEE4l0hETBdoMUiiqcQIkjiRPBKtBE3yQw3gdn

Domain: sync-openx.ads.yieldmo.com
URL: https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=c321ab4b-58a2-09c9-1aac-777b11273f60

Domain: bttrack.com
URL: https://bttrack.com/pixel/cookiesync?source=6f15a88d-e42c-4017-8276-dff2b21d7926&secure=1

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/sync?pn_id=loopme&id=d24b8f70-bf83-486f-975d-4e86f4a15cf9

Domain: rtb.mfadsrvr.com
URL: https://rtb.mfadsrvr.com/sync?ssp=yieldmo

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/v000/sync?pn_id=mnt&userid=0000EEA

Domain: sync-adform.ads.yieldmo.com
URL: https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=5759223980947758559

Domain: sync-eq.ads.yieldmo.com
URL: https://sync-eq.ads.yieldmo.com/sync?pn_id=eq&id=6175204657591028361&gdpr=0&gdpr_consent=

Domain: ads.yieldmo.com
URL: https://ads.yieldmo.com/v000/sync?pn_id=z&userid=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_sc&google_hm=M0ZpWjRwcGpqTHBVSnl1NUd3b2g=

Domain: xsync.iqzone.com
URL: https://xsync.iqzone.com/psync?t=s&e=366&cb=https%3A%2F%2Fsync-iqzone.ads.yieldmo.com%2Fsync%3Fpn_id%3Diqzone%26id%3D%25USER_ID%25

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/sync/yieldmo?redir=https%3A%2F%2Fads.yieldmo.com%2Fsync%3Fuserid%3D%7B%24PARTNER_UID%7D%26pn_id%3Daa

Domain: idsync.rlcdn.com
URL: https://idsync.rlcdn.com/397286.gif?partner_uid=3FiZ4ppjjLpUJyu5Gwoh

Domain: aa.agkn.com
URL: https://aa.agkn.com/adscores/g.pixel?sid=9212291508&puid=3FiZ4ppjjLpUJyu5Gwoh

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/mo

Verdicts & Comments Add Verdict or Comment

263 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

86 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
folkd.com/	1970-01-20 16:16:33	Name: folkd0612_live_u2main Value: 1699934037528x397155183855519400
folkd.com/	1970-01-20 16:16:33	Name: folkd0612_live_u2main.sig Value: j3lRwboCLjHsI8yT6GEWSPoqbhM
folkd.com/	1969-12-31 23:59:59	Name: folkd0612_u1main Value: 1699934037493x161505126980076450
www.clarity.ms/	1970-01-21 00:57:50	Name: CLID Value: 9912743328a04aefb94aac32e9569d58.20231114.20241113
.folkd.com/	1970-01-21 01:48:14	Name: _ga Value: GA1.1.1651993066.1699934040
.folkd.com/	1970-01-21 00:57:50	Name: _clck Value: hy9z7o\|2\|fgp\|0\|1413
folkd.com/	1970-01-21 01:48:14	Name: session Value: 7ada6bc7-d831-4ccc-9c49-6a685d6852e0
.folkd.com/	1970-01-20 16:13:40	Name: _clsk Value: 1rhbdyq\|1699934040532\|1\|1\|o.clarity.ms/collect
.folkd.com/	1970-01-21 01:33:50	Name: __gads Value: ID=09c4a9a327608928:T=1699934040:RT=1699934040:S=ALNI_MZd8FkfR7CegW4Mn6r3HpNzQX5V_Q
.folkd.com/	1970-01-21 01:33:50	Name: __gpi Value: UID=00000cc39ae70583:T=1699934040:RT=1699934040:S=ALNI_Mb0nJmvqrby3TjNCksZ9NeO8qVkZA
.doubleclick.net/	1970-01-21 01:48:14	Name: IDE Value: AHWqTUnyvSql2OGOYDSCsGjCpEzMV-7zLUKl2npPK8ux5lay8UTroeyUCbsCjLG1kxs
m.stripe.com/	1970-01-21 01:48:14	Name: m Value: e60178f3-608e-4893-ac87-efb4c8e421f84e9043
.folkd.com/	1970-01-21 00:57:50	Name: __stripe_mid Value: 1fbc2920-ea2a-49c9-a323-a5436c69f152f692b3
.folkd.com/	1970-01-20 16:12:15	Name: __stripe_sid Value: 7264802d-e459-4259-854a-b298a14b0d5a31ab8a
.openx.net/	1970-01-21 00:57:50	Name: i Value: 7486070f-6321-0c1f-1d1f-a3fd89eb1903\|1699934042
.openx.net/	1970-01-20 16:33:50	Name: pd Value: v2\|1699934042\|n0vNvQiygu
.crwdcntrl.net/	1970-01-20 22:40:59	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 22:40:59	Name: _cc_id Value: 49deba811694f08a0825500a44706771
.folkd.com/	1970-01-20 22:41:02	Name: _cc_id Value: 49deba811694f08a0825500a44706771
.folkd.com/	1970-01-20 16:22:18	Name: panoramaId_expiry Value: 1700538842942
.folkd.com/	1970-01-20 16:22:18	Name: panoramaId Value: e89f2e1c16c55284ae37fb181efe4945a7020bf25b67e724423c0b5984f77bfe
.folkd.com/	1970-01-20 16:22:18	Name: panoramaIdType Value: panoIndiv
.adform.net/	1970-01-20 16:55:26	Name: C Value: 1
.criteo.com/	1970-01-21 01:33:50	Name: uid Value: 83f2cad0-9bea-4d6b-9a29-02ed6bc04996
.adform.net/	1970-01-20 17:38:38	Name: uid Value: 5759223980947758559
.yieldmo.com/	1970-01-21 00:57:50	Name: yieldmo_id Value: 3FiZ4ppjjLpUJyu5Gwoh%7C1699920000000%7C0
.amazon-adsystem.com/	1970-01-20 21:43:26	Name: ad-id Value: A5CbmtcYt08lvOryhVDs57E
.amazon-adsystem.com/	1970-01-21 01:48:14	Name: ad-privacy Value: 0
.folkd.com/	1970-01-21 01:48:14	Name: _ga_7BR5TDFFPC Value: GS1.1.1699934039.1.0.1699934043.0.0.0
.folkd.com/	1970-01-21 01:33:50	Name: cto_bundle Value: MOUJrl9id0hKd1dZbHhGOXplNXl4VHNteGlOYVFMYWgxb09YdWlEbFdCVGI2VUhiSjBMNzJZMTZ1ZVQ2VkFuZ2hoZDNteU4yVjBQTFNGTDVPRE9QR2VCOTd5b1JtTXpRRjVvaloxeEpiMGZCRkJLaHhyUHFQZnE2bFJmUWdGdnNRaE9DcjI2ajdFTFpDQ05aYUJTOGJxZ1FOSGclM0QlM0Q
.uuidksinc.net/	1970-01-21 00:57:50	Name: jcsuuid Value: h2BBnvDMqCOaCLXg4elL
.zemanta.com/	1970-01-21 00:57:50	Name: zuid Value: 4dRcag9J0ZF_aItB6314
.bidswitch.net/	1970-01-21 00:57:50	Name: c Value: 1699934045
.ads.yieldmo.com/	1970-01-21 00:57:50	Name: re_sync Value: pp%3D1181349%7Cbsw%3D1181349%7Cadfm%3D1181349%7Cgoogle_supply%3D1181349%7Ciqzone%3D1181349%7Ctapad%3D1181349%7Cyahoo_supply%3D1181349%7Cmf%3D1181349%7Cbeeswax%3D1181349%7Cneustar%3D1181349%7Caa%3D1181349%7Cb%3D1181349%7Cc%3D1181349%7Ccriteo%3D1181349%7Cloopme%3D1181349%7Ceps%3D1181349%7Cstk%3D1181349%7Cdv360%3D1181349%7Ceq%3D1181349%7Can%3D1181349%7Crc%3D1181349%7Cunl%3D1181349%7Cmnt%3D1181349%7Cliveramp%3D1181349%7Ct%3D1181349%7Cadtrt%3D1181349%7Cbluekai%3D1181349%7Camazon_supply%3D1181349%7Cz%3D1181349%7Cpub%3D1181349%7Copenx%3D1181349
.pubmatic.com/	1970-01-20 16:13:40	Name: KTPCACOOKIE Value: YES
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.mediago.io/	1970-01-21 00:57:50	Name: __mguid_ Value: f34e9699a6bb4ca716kltk00loxsu8cf
.simpli.fi/	1970-01-21 00:59:16	Name: suid Value: 3F2DCF0A817B43E895D550A0AF49F2FA
.de17a.com/	1970-01-21 00:50:38	Name: guid Value: 1.5654671387566438763
.casalemedia.com/	1970-01-20 18:21:50	Name: CMPS Value: 1207
.gonet-ads.com/	1970-01-21 00:59:16	Name: pid Value: N2VhMTNlMTEzY2MyMWQ3MA
.onetag-sys.com/	1970-01-21 01:42:00	Name: OTP Value: nmjOWo2ptw7vi7n804VZxXZLzNOnZK_mSjFenrcA_TA
.go.sonobi.com/	1970-01-20 16:55:26	Name: __uis Value: 45e33816-6768-4934-8029-a7cb8abe5f7c
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86165\|ZVLvY
.media.net/	1970-01-21 00:57:50	Name: visitor-id Value: 3429356456862949000V10
.tapad.com/	1970-01-20 17:38:38	Name: TapAd_TS Value: 1699934046091
.tapad.com/	1970-01-20 17:38:38	Name: TapAd_DID Value: 736584b9-3d7d-44e2-98bd-da4f6fa14108
.contextweb.com/	1970-01-21 00:57:50	Name: pb_rtb_ev Value: 3-1nza\|7TZ.0.1
.contextweb.com/	1970-01-21 00:50:38	Name: V Value: 0fRreYpNWgjc
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: a57b9ae374140b5d
.adnxs.com/	1970-01-20 18:21:50	Name: uuid2 Value: 8149008930017261356
.pubmatic.com/	1970-01-20 18:21:50	Name: SyncRTB3 Value: 1701129600%3A220
.pubmatic.com/	1970-01-21 00:57:50	Name: KADUSERCOOKIE Value: 4A05665F-430E-4B47-8C66-B32560E08997
.3lift.com/	1970-01-20 18:21:50	Name: tluid Value: 3933000998161747897368
.bidswitch.net/	1970-01-20 16:12:14	Name: bsw_origin_init Value: 0
.tapad.com/	1970-01-20 17:38:38	Name: TapAd_3WAY_SYNCS Value:
.pubmatic.com/	1970-01-20 16:13:40	Name: pi Value: 160648:3
.pubmatic.com/	1970-01-20 18:21:50	Name: chkChromeAb67Sec Value: 2
.casalemedia.com/	1970-01-21 00:57:50	Name: CMID Value: ZVLvXcWoY9.Lfjjl8kRqowAA
.casalemedia.com/	1970-01-20 18:21:50	Name: CMPRO Value: 5286
.bidswitch.net/	1970-01-21 00:57:50	Name: tuuid Value: 1c309055-4d86-4aa2-8468-b76abf9ca935
.bidswitch.net/	1970-01-21 00:57:50	Name: tuuid_lu Value: 1699934046
.bidswitch.net/	1970-01-20 16:12:14	Name: google_push Value: AXcoOmQLIlKEbsLIQQEXdSEH6Paa_pozpbP8VOVB0B4oCMHQBq5Z_JzHOag_XN95YP8R_rloT8waaHIteuToQ7IsJbqdgUgz1Eumng
.rubiconproject.com/	1970-01-21 00:57:50	Name: khaos Value: LOXSU8ZL-17-70VY
.rubiconproject.com/	1970-01-21 00:57:50	Name: audit Value: 1\|jDJC03aaqWxMSrY8KsNzeCCt/QaH9IOkCWS4SNQBGtUMcumlDCkkHyHTKjDhk1s094umGJHCOopCqQ3+tQhlLHMDvubSxZCGHuE+JXf+MxDpgqNKXIhZfgGR8COepHB6bFgsqvDIo0s=
.tribalfusion.com/	1970-01-20 18:21:50	Name: ANON_ID Value: ahntuJm5ab6AyuoCTNTAZdIoWW7dlYDAsUmZbgD9td7sGGv40p4WwRTgVqMIccve1ko4VxGtwJ6aMGvoBU8ude2j0G
.1rx.io/	1970-01-21 00:57:50	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-f48bb6d9-94ab-4124-9dd7-d07e497ee5cf-003%22%2C%22zdxidn%22%3A%222069.28%22%2C%22nxtrdr%22%3Afalse%2C%22spd%22%3A%22AXcoOmRvdRhWP8HjQoTvbE3Wi6yFEs9Nb68EG59o2z7TuFT0-irD6cTD56woaQnn7AggkkaDXM_uUIeaWBapaNgkE5zs79daxUM%22%7D
.analytics.yahoo.com/	1970-01-21 00:57:50	Name: IDSYNC Value: 195t~2f1f
.csync.loopme.me/	1970-01-20 18:24:42	Name: viewer_token Value: d24b8f70-bf83-486f-975d-4e86f4a15cf9
.yahoo.com/	1970-01-21 00:58:11	Name: A3 Value: d=AQABBF7vUmUCEK4VxOgwozgS6SrWhGG1dqsFEgEBAQFAVGVcZbtP0CMA_eMAAA&S=AQAAAhZlHSPo2Qlo4NCmnVPP4_0
.dotomi.com/	1970-01-20 16:12:14	Name: DotomiTest Value: 2c5583f31e6a16e4
.targeting.unrulymedia.com/	1970-01-21 00:57:50	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-ff666fc9-9e51-4ab4-8232-e75f66648025-003%22%7D
.smartadserver.com/	1970-01-21 01:42:28	Name: pid Value: 6175204657591028361
.nrich.ai/	1970-01-21 01:48:14	Name: _nauid Value: dae732d8-ff3e-4fc6-b066-d8fcc70c7f2b
.bluekai.com/	1970-01-20 20:34:18	Name: bku Value: jsA99afFDZUjsaGt
.bluekai.com/	1970-01-20 20:34:18	Name: bkpa Value: KJy9vyeDd02pSUHknp/tmEQywthoqVk6wE9ZSVx216joVMHyzso3EcOPu7kNBD5lqtQe9YFleAX=
.quantserve.com/	1970-01-20 18:21:50	Name: d Value: EHQBDQG2Kv7KwQA
.quantserve.com/	1970-01-21 01:42:28	Name: mc Value: 6552ef5e-d25f8-ae182-8ae36
.scorecardresearch.com/	1970-01-21 01:48:14	Name: UID Value: 1CBe17632d3c45a957663fb1699934047
.bing.com/	1970-01-21 01:33:50	Name: MUID Value: 0BB02B6634AD6F113CDB38AF35F66E99
.c.bing.com/	1970-01-20 16:22:18	Name: MR Value: 0
.c.bing.com/	1970-01-21 01:33:50	Name: SRM_B Value: 0BB02B6634AD6F113CDB38AF35F66E99
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 01:33:50	Name: MUID Value: 0BB02B6634AD6F113CDB38AF35F66E99
.c.clarity.ms/	1970-01-20 16:22:18	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:12:14	Name: ANONCHK Value: 0

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
javascript	error	URL: https://folkd.com/ Message: Access to fetch at 'https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp' from origin 'https://folkd.com' has been blocked by CORS policy: Request header field x-coalias-route is not allowed by Access-Control-Allow-Headers in preflight response.
network	error	URL: https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp Message: Failed to load resource: net::ERR_FAILED
worker	error	URL: blob:https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/cacb6eca-6865-4f55-a825-ec7c1807eb2b Message: Mixed Content: The page at 'blob:https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/cacb6eca-6865-4f55-a825-ec7c1807eb2b' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/cacb6eca-6865-4f55-a825-ec7c1807eb2b Message: Mixed Content: The page at 'blob:https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/cacb6eca-6865-4f55-a825-ec7c1807eb2b' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/97671fa7-0428-4823-85a2-27054a3b19fc Message: Mixed Content: The page at 'blob:https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/97671fa7-0428-4823-85a2-27054a3b19fc' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/97671fa7-0428-4823-85a2-27054a3b19fc Message: Mixed Content: The page at 'blob:https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/97671fa7-0428-4823-85a2-27054a3b19fc' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/121133a1-18ec-4318-81ca-9adde867c380 Message: Mixed Content: The page at 'blob:https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/121133a1-18ec-4318-81ca-9adde867c380' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/121133a1-18ec-4318-81ca-9adde867c380 Message: Mixed Content: The page at 'blob:https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/121133a1-18ec-4318-81ca-9adde867c380' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/c117f6c4-2fd3-449e-98f9-d627e2abc08e Message: Mixed Content: The page at 'blob:https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/c117f6c4-2fd3-449e-98f9-d627e2abc08e' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/c117f6c4-2fd3-449e-98f9-d627e2abc08e Message: Mixed Content: The page at 'blob:https://ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com/c117f6c4-2fd3-449e-98f9-d627e2abc08e' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.turn.com
ads.yieldmo.com
b1sync.zemanta.com
b1t-eudc1.zemanta.com
bcp.crwdcntrl.net
bttrack.com
c.bing.com
c.clarity.ms
c1.adform.net
cdn.ampproject.org
cdn.confiant-integrations.net
cdn.dnse.com.vn
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
cs.admanmedia.com
cs.media.net
csync.loopme.me
cuahoangminh.com
ded8a190954bdbdaa3e5bae71d8591f9.safeframe.googlesyndication.com
dis.criteo.com
dsp.nrich.ai
esp.rtbhouse.com
eu-u.openx.net
folkd.com
folkd0612.bubbleapps.io
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
idsync.rlcdn.com
imps.monu.delivery
invstatic101.creativecdn.com
js.stripe.com
kinesis.us-east-1.amazonaws.com
ledcoms.com
m.stripe.com
m.stripe.network
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matchadsrvr.yieldmo.com
mleqzsi8gjmm.i.optimole.com
monu.delivery
o.clarity.ms
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
pixel.tapad.com
prd.storage.lit.link
protected-by.clarium.io
q.stripe.com
region1.google-analytics.com
rtb.adentifi.com
rtb.mfadsrvr.com
s.tribalfusion.com
s.update.tas.yieldmo.com
s.uuidksinc.net
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssicertify.com
stags.bluekai.com
static.criteo.net
static.tylebongdaplus.com
static.yieldmo.com
storage.googleapis.com
sync-adform.ads.yieldmo.com
sync-eq.ads.yieldmo.com
sync-openx.ads.yieldmo.com
sync-pm.ads.yieldmo.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tags.crwdcntrl.net
thietbivesinhtoto.vn
tpc.googlesyndication.com
u.ipw.metadsp.co.uk
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
widgets.outbrain.com
www.clarity.ms
www.folkd.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gravatar.com
www.gstatic.com
www.thuocdantoc.org
x.bidswitch.net
xeqe-t3lw-i7hv.n7.xano.io
xsync.iqzone.com
yieldmo-match.dotomi.com
aa.agkn.com
ad.turn.com
ads.yieldmo.com
b1sync.zemanta.com
bttrack.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
cs.admanmedia.com
csync.loopme.me
dsp.nrich.ai
idsync.rlcdn.com
match.prod.bidr.io
oajs.openx.net
rtb.adentifi.com
rtb.mfadsrvr.com
ssbsync.smartadserver.com
stags.bluekai.com
sync-adform.ads.yieldmo.com
sync-eq.ads.yieldmo.com
sync-openx.ads.yieldmo.com
sync-pm.ads.yieldmo.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
u.ipw.metadsp.co.uk
ups.analytics.yahoo.com
x.bidswitch.net
xsync.iqzone.com
yieldmo-match.dotomi.com
103.247.8.134
103.28.36.168
104.16.137.79
104.16.203.66
104.16.88.20
104.17.25.14
104.18.24.173
104.21.61.55
104.22.52.86
108.138.7.13
116.118.49.56
13.107.21.200
13.107.213.44
13.32.27.66
13.48.169.31
142.250.181.226
142.250.184.228
142.250.185.129
142.250.185.130
142.250.185.136
142.250.185.234
142.250.185.251
142.250.185.66
142.250.185.99
15.197.193.217
162.19.138.120
172.217.16.129
172.217.16.198
172.217.18.1
172.217.18.98
172.64.144.166
178.250.1.11
178.250.1.3
178.250.1.9
18.245.60.72
18.245.60.74
18.66.122.80
18.66.129.71
185.196.197.130
185.3.92.76
192.0.73.2
2.18.160.23
2.23.197.190
210.211.99.108
213.227.153.223
216.239.34.36
216.58.206.34
216.58.212.163
23.32.185.60
3.227.250.215
3.253.142.96
34.102.146.192
34.111.113.62
34.120.135.53
34.120.245.111
34.149.134.227
34.250.128.111
34.96.70.87
35.186.236.140
35.190.39.111
35.193.186.65
35.204.74.118
35.244.159.8
35.80.175.49
37.157.6.254
47.246.50.75
51.38.120.206
52.152.143.207
52.58.37.65
54.187.119.242
54.73.167.29
65.9.66.104
67.220.228.202
68.219.88.97
76.76.21.21
99.86.4.96
01bda2fd749ac411f07d9706f4e3a1eb3e3230a258075d859d240503550481fb
025ddcebcdf1321e5a9ffcbcf5abebebf3d0f70d4735e99346846d3a0c2ccccb
078d4610223b6813e0f9c323a026f8716a9d90a1c5a3419ce18a4351e606f4b5
07dc6fe01be1107d8b1be4900c68cfda7f4b5c1afcc1eea9a56870aefeecf35f
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
09fa48367ecdb31ccbb365e0428d3d7bd7f32f48890b84d2e6c6ab9d2b12e3f2
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b26090b7c2ddac21b5731cd0dc5ada44fd88d3b7ee421dd8ddc0a7db2b12c70
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd0b8c4d188dafc60ef25c01e124444ccd8387a93a8092edf85857a4c04eec8
0c42c23a0a15b19aa34fbf250c2ef3717f98169f8f123875936de604ca03070a
0d44664400782938c8c275989fa328d0a266bc98557c6f58709895ae20b13a73
15df7612b2f445f4d18846aed403d0ca0947b3f8dead95d4b167621f5faaba57
16f4deaca6ba7c9445274a0f63fcf0f04dda4192ac7fbfdc2fda220a2ce01b02
17853d0479ac7cc97531f4966a59ff770fabbf3be3a09a24d7064a3fb72bf2d1
18a847f8474bbd62b4a8e5d7fc404c2d3863b05bd4e940750f7bf3fb31c78430
18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
192980a281f2d3aad434e2e8a7a91002ac0cb9402d9e71c74da9c99a6ca2bb67
1a768ff46e14c6dd54cae5393488a39750f3850f95b7f6870c090e48631db502
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c3df57f5cb65449bf9f1059a58d62d52b79d79f3b9e988d9bef8fac92b63087
1cf7c41e9d7dc61aef73285e9157814b70eed448dc1f5a979a57da0aa7623dc2
200dc7bef742f1444cb61f8815c670559515190e8c26b22d2321d97f0b9f772b
2046d5c0db10d7198f7dafcca28561a29ed76fe1f72c1b659783c8fb59abd7dc
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
2571002d747a1f1c5d0c199660607be42e54e6b564ed2115a6ec82cc1ffb060b
26cd2d91ae3c0a816c246c61271616256a632c6e55953e61c1533f9a681f9934
27aa40da44c0868221806541a9f4a7b3fd09837e94058734ca4dcba9facdb053
28222920d9152366bfafcf1ec991d1c0ae4dbf00a49dfa055ce4f14607e2a1ce
285b1b9e068d265a58a13f21cf6a79767a5e818fd84ae73230d4943b9fc3f4f8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bd61072fddb7d64c22fa244070964af040c1ea3262f22f1594a182664e915c6
2bf11654f0ba99080488eaf18caf4510ebd34c7ac955dcffdd84bcc13827831c
2c957ef219037d5f790a542172674a137be55808ed4f7188c4cf465febb7f605
2ca721372a9f18090f544b439ec8e281d12a9ac1d38ef0fb8c0f831c1c592949
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d594049dae64a9aa9831b940983149a256867419af76e35afcf824639981592
2d770a19d3523614c3f5642d3465a68410d08f83bafc6aa34e56a63f5a27d4e5
2e8e8960170c7d85b86e47f1c026b928415b1265b18d4cc823dc89ca84b5c351
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32ef099ce9fdbb10be24996446365d8b2fcb0cc896e0e2f4170b969095798eba
33d773949d1db57b1c73f8ea28ca64d9383efd3ddf71eebf1a5143ff5b376416
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3a9fb4847bb3723f3531075b8ea697340f67208869a7aaa8f9c20ed97309aef3
3b3b39e007fc7ee1a7654936b3072e2b321f80e0c0f56edc36cd292a5da52787
3b4360ca28098a502944b07600e089919a49dbc89b4c1e3e0437ae2bf782835b
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
404bb14cbbe66db8fe9fb9c1fa83e1f2cf2e1a81924af53e108d8b5196689f3e
415e3c50a412b8fb44911ef17f8d84ba49b6a06ec66e6deb218fe070a633cbb6
432501d7bf47b128295c61f72eeee2e5c2d33755f85db43ba89188408ab9389d
43682454252b3b77206ff3343a46c626faa9d69abad4f1409c06ec74b4f85c4b
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
440d92a5a423d16775d1ba942f9e7d9c6f5521807d1085dc30e21ad1a421fded
448861b6b8131dd64ef98fb2736f97025ae210d97c046800b5dcc53f33875e44
44932693a18808f2cd2f4b83c025b3ed2ac502590447014b8c498048ba2e41f4
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b
45e048e615399b7f30441a6a39d4f5a256997943dbf832b6d98d502796b0face
468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4802186f6cb20846f699483e25a99a51ba958a3b00ec07f124c46a94800b3e4b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f60d7d9e2d49c3a8e76570a7e481c7df1a240e1061a43d50ad619fc7af2a138
509984fa6aa5e1861fd0d2805776427951bef2c38ac92ff7b812f648bc639584
50c2ee9f0874340c6f0a5608634e90fd8db10181c98467ba51ebe8dc1f7a9b50
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
51a6ca133d5532acd4b48bdb02356a1fa1db32ad440bbaeefed060ebd12a883a
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
574d92a2bcd338b2c9d8fce1981986bcdd9e54ee7569c73adada33ecba3c1c17
584879b0a17cd18983d264112020bf56288a4bc419d806f4b5a9b535657b8a6c
5b785deb1ff7d1bd60aa424b5938973a34fff3ee540532cd2fe39eb806347784
5bcdcfd85c784a73e88b9ee533d05ebac61ca7ff9daa0db56df831bdea06b912
5bd18057febebbb100420aa58be847fa5bee8e9912ae473b802a9402421209ff
5dbf49883afdf02413fd44f859601aaaf226d350a734cd5347308f81ec2f0dd9
5e2942ba2c3a97021dbef4e82a5e43cad354b730ae07ad30c0d9b81dbffe1fb3
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2
5f427fcc2499510391753f9d19089a531ff585b0e0ffff8d4ac51cb1a69af4a9
5fc4c95920416b0ef0b5aee93a90984989183a6d29f712e725a3383309806a54
60bf375cbcfe7653e046fd40672cb7e93394f40e0de24f09027d1490cb6a392c
60e1b13cfec9e429c094a59d71bb4cfbda9b80a01b1fcb130ab62b2ecb7eaf5c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63048d3da9b8ef24703db0cb353c4bec041d9acc3575b407755a5affda7eb9db
643614e29ce6d0005345eff017235d80ce746222fcb38c966c16920514ab10bf
65debb54d8aab486eea8fcb137edbb7357237097bab60718904df4b094826387
66be9d14c1815451674cb04f2de6115ee8da1d7a5acdb15c2579032e7718f2ff
66cf41a043410ebb249810ba87bf27b707cb43eb97955ccb57a2e066eeefb43c
6706e260b51739c085a4565b073295de0e32a09f58776f329162902c44c4aa98
6713dc479b48b04f913589e21a3c39291a53f0e025864196d8f4084680083e0f
676f8ccd4c1774ff8b01c14ff5bb9896a15acccd9e43610b67984e7341cc7150
679387c2f15182819b17e9f3aec3cb611bbf474b3797f72a96a4f9bb439508ef
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
69a5d5575607b81402a209c30a9a4830383bc035cdf742d07fbc1e10f50484eb
6aa8ddfb0537664c2e5fd55bb65253ee011291c109ee5801533d57a09fc00e09
6b177bcbbeaac486dd8c2c6de04b997fbc904f10b2193151f0d0ac6b6d27a422
6ba38ec9ce5d4e847dc910d167aa749b21472c8ac7e65ff4b011dbc50355cc91
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
743b203748c04045215d60f68d8c477f05b8000f320766001a2f3081fc5609be
743e13bb7a1a32def7b4f123f421fa2b9f3a91ee81801a5ac7f263629482115d
745097fdeb0ffd3d61c322f951065a79ea6cde580a5746b312028d2ab4995dd3
74e69ccf2f5cb32c175e328707c515fc9116ddd5cb3c92882d9bd53d3a742d63
765fce02c11d7f91187914b57eb79dadc36f721fec405b66d8502c4ec4297795
77882812956b4fa5e7fbee0491c6f732c9b61012e843a61d88d45332c63bb876
77b6a3fdec16d972cfad3073c0b75069447fd76f9fd55e2c867a289e6d7f156d
77d2830b02bef2b31aa6c4d7c3c903f1d82a48ad30acb8f846f1ff8944234a34
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82d365ea4963c52e2415f8015d1319c944347504b96ddcfc6478eb2df74cf532
83381dcb078fcc2ece28736451760652a4e572f8d1b17a0f4e7ac59d019b5e4e
838dea5598888a3df51395454bdea966b32e2493d0c7928f53a27363988f4332
84221e6c0c5f950b44d38a40bc19ffa9a340b2a5d207cb6f6461b84d474f2555
85b1ebb169a27c943c078d457620c02e30ee5d4eb50f9049d67b580604c118e1
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
8a3a8a7d5b8b6380de7c5b71eb6fc76ec70f45c5f578ac8f0df5b173bd9870b2
8abdd8c3dcf4c686313c667eeee1410a79d8e03be3e11c7bf385d744063b5386
8c6e026b299ce855731e413068d577b8bdcaa169f624f97c2993afd5c2cd3261
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e3f722ac8fa27dca358e50a71ed3d36b2956fd319b0c917fae24c9bdbd5a558
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92374399ef787717fc95af9a8bb4ff91978478377a8be07205206d6423a0a62c
936256ec2479e3fa0b47e0201dddcb6c6bf1fb307250d2e5c05ccd4e3abebb12
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
94c525963599ec5dee0811c11cb0ba3c5289cfbdf5335c8d68f8876756053f5a
951a43718c86a59965bf83876373339a1abdc806041408e7695546b6591666cb
9588978a232d8c8ef9c082ce5803123b60b011bb93494dcccaf5c3e2b7f3fe30
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813
985d2b656cce9486a1f152d7c4bbbc4cc1d5a65a0af9bd52e260bcc255bced06
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac86f9bf7cddd7963a2df2dfd00d5bae17aff357eeee30a091c3160d86f4202
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9d0e6e7579557120905bba43878535e5a96bd40436b5c7ecddd9f6519e2b128a
a051b3625edbbe7f15f87bf1725ffb09d38bf3b6ede278a4ef6bda4bcec38205
a0ca3935fd2f15231808c0e0f9e0eb97cb0b790ad84bb5341e7df38f8008c262
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a1e5e70f7579a338da060720b98881e4df9ed0bcf300651ce3dce736c6850d17
a2bfd9fe607d28fd07b05046e622818b8b5b94a358d53853a0d3f03e597cdc71
a4d957401b6ee095b5f1d070f493f63bb01b728f68c45058d3c0a55cd4c654ed
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a64bf8f87428ac22cacb423cc5ad41c6b280e4094418e5b2459bf2deb7e54ed6
a71016da2e5eaa43717ddb49f4e8e89c322d5212e6a68959d00b6af68f600fa5
a7d95017fa2379a4bf437aff9c95977004ffa0f3f4ab9544a685afa3120a0e6b
a9ae6543584438f6e979f85f43e01686b1f05f293cc6a44becd50c7083ac158b
a9f917bf132e6899e3b815073423c43d600dbb099e083ddb4267338788746aba
aaca2ab20c14443523a208b27319cffb365dcc51268fb9eeabfd1429a0955efe
ad5d36852bac550e2de6fd395457f8d619bb79463f4794a79802cae51fc18519
ae4729c6333cb75c997915d6d642fceadbd3f598301462582679540db11ad7d0
ae968ee76fcf8bf167ac9448bfa474d865ecaf6b0e0585ef90fc6aa8a18ec240
b02f712bafaaaf093abcbe50187969700636642c4a9b659974eae2da90b2f914
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b2f9d40677eaea428eb387e6eddf9d171187e9a7a6fc23865fea6652a11f9a5e
b35695c96c08c364bccedcc7f1e719b3c22d400420ed85fb426b689e07ce5d6d
b4e1d5fc3c32c3142db3d3c96bd3330600b824b5b5db33b22ace7b127992211b
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b62e0fff7678b78322fac55b3db3ffa3f2c404dc9868831d65c1d0673c6d4faa
b72b152262183a46bdf29f00817d35dd88fef330c888814bcffed7ccde27b1b6
b8aa275372d12dd620952a36b4129e3fd5bf0b21451559be2e47d96fd7283eed
b924c0f3cca5409ff9a2c9641e5610cee45e81ae4d315dc6bfa594dd0d5ca663
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
bcab1aa1689a2a5ca25a3b3b1cd95d3a9aaaf9c0a3071b4f38816672eeaa0b3f
bd3a112f45d1e0ec5fdefbb3ab166f98f6066992c81774c47a64546f115ff999
bfd4745fee7e2635754df4ff32e620ff7356b538283d881968cf48255db8eebc
c0db6a52aeb047a95acba920ff4ee2f98d956cdd75589cf17b5472d9884599c8
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2227dc87c387d754cc1bb374a6ec9a11748e8049c8e844906aa2fd6bf39ca04
c47b5a01db671339098d535f5e4ba9b1aea4e8f6a587115f3c5fb1c5f536c026
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c8c7dc42bcf92f233a6deaf5ccd2197589c7ab0e0c50c9223eb606d64e85420d
cb9e8fcdd9cc38412751351e4a6bcfafa79e5d44978213ca3bb1aa04bd54054f
cc1b22f3e61d086a18d61d1385e3d053f4ce0d95766ac760483795354274643b
cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59
cd779c50646cccabacfbbfb91af76704707e1d02bd0e388bbed539e4d8284255
ce658fec86c1f9a68dfdfcd3a26f13e51f5e6002c96fbfe1010b72810aa6bea8
d059e58c351f0132daf4821428d62d7492588e589b8310b42ec6010b877ce06e
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
d215f38ba9fc751e85b8e259a2ac223405de271f243ad65bc30a70d1edfae329
d6dbe2254b88fd64ccfb78c02420ca38b1d33cf395ea539f463bc40d614399f0
d8c80da029f9aff8ec3c8553783c8b5558e978f7ca898fcec03247584d8371fa
d9add174bb04a48617832df8074033e99293107b8e2270477557d3d67c46081e
dbeebff092654136321d2d1fc2a50a8fc41c0757e4cd6f59436586fa8068a949
dcae362ce48807e904785a7806347b7be8eeeb581f17ff33afeac56ec56bf06f
dd70df94316bbe24e19a15650456d8ffe1eaa5d5c3eeca8836b40630cd6b1b61
def3b35a2c5334201c1d4bb1fd5be7cbce32f1eab0b1db4e61d0984c858be5b0
df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d7c31ee0e4b0ba645fe55e508e4552c1bef8a47cdcc91cdd165c58d99d5f9f
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5a7c296feddf844007e98a9b36c02bc775fd3c1664dfb24592e019fd435039f
e835b720cb0ec8dbd032ba7a8e1f14f0b3af30448838435e40aad007267bdd9e
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e9f8921cd65e928a2f9f7d1f0ff5940300e8cfd7cc66c2cf569d5ba6fe1b5ad0
eaa5100bb799a5d116baf8c3deec425873ad9d3410f17eb4cd33aaeb1772e547
eccd397c246d4ecf65b5dec92e71c5df710a635346415da5ff36203f66045d20
ecd52e353cbf7ec6de80cd2c9c42c3b9a6518d9b743eb74e9de25d30063b2ba7
ee46bdadc83beb5e76bce18bc7cc3d169c7f0490901f6be96ec41ee2c14d3776
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f1ae93d3da658cbe1c56e31ab8499d21bce2e219b460683627689b6d23244dae
f3b6988247a9a7f88e5a4d7bba8b6a9b4d72e145140e58965edc14f8734a2470
f5778561ef1b5e28b0339618991e6e77a10bc2542d6b028d71dfc98ed2195df0
f74d4451245a797f1210b4121aa3d0e1b2d3dd59f3fb0d4f112483615094040c
f7b69275b42bf4a8c71204b1d2aff179c0f7d56130bafd988a22df93e97c05a2
f8e9bdcf6c304e14a39d88ce0bf5d985719864b15af3122ace46a1c7a470b066
fb64666fc3ede8d0e0cf538b064ba2032706d7d4b56de5a77f73b64bb467b2c5
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fe9f681cb09a5b6660eb9868e72ea12b6dc1fc5f9c96ddb3a5ee5f6c6e098fbc

folkd.com Open in urlscan Pro 76.76.21.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

854 Requests

77 %HTTPS

0 %IPv6

77 Domains

105 Subdomains

71 IPs

12 Countries

9909 kBTransfer

27587 kBSize

86 Cookies

10 Outgoing links

Page URL History

Redirected requests

854 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

folkd.com Open in urlscan Pro
76.76.21.21 Public Scan

Screenshot
Live screenshot

Full Image

854
Requests

77 %
HTTPS

0 %
IPv6

77
Domains

105
Subdomains

71
IPs

12
Countries

9909 kB
Transfer

27587 kB
Size

86
Cookies

854 HTTP transactions
13 data transactions