Submitted URL: https://www.folkd.com/submit/918kiss.xyz//
Effective URL: https://folkd.com/
Submission: On January 23 via manual from US — Scanned from CH

Summary

This website contacted 152 IPs in 16 countries across 147 domains to perform 1101 HTTP transactions. The main IP is 76.76.21.21, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is folkd.com.
TLS certificate: Issued by R3 on January 13th 2024. Valid for: 3 months.
This is the only time folkd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 18 76.76.21.21 16509 (AMAZON-02)
7 2606:4700::68... 13335 (CLOUDFLAR...)
121 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a01:7e00:1::... 63949 (AKAMAI-LI...)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:46::45 8075 (MICROSOFT...)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 152.199.21.70 15133 (EDGECAST)
1 104.16.224.78 13335 (CLOUDFLAR...)
2 10 35.193.186.65 396982 (GOOGLE-CL...)
63 2a00:1450:400... 15169 (GOOGLE)
4 13.224.95.222 16509 (AMAZON-02)
3 23.97.225.52 8075 (MICROSOFT...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 99.86.4.30 16509 (AMAZON-02)
1 18.165.183.57 16509 (AMAZON-02)
3 162.19.138.117 16276 (OVH)
12 24 37.252.173.215 29990 (ASN-APPNEX)
11 2602:803:c003... 26667 (RUBICONPR...)
1 14 145.40.97.66 54825 (PACKET)
11 34.120.63.153 396982 (GOOGLE-CL...)
1 26 46.137.85.126 16509 (AMAZON-02)
11 185.64.189.112 62713 (AS-PUBMATIC)
11 107.191.36.239 20473 (AS-CHOOPA)
20 159.89.246.130 14061 (DIGITALOC...)
5 84 172.64.151.101 13335 (CLOUDFLAR...)
1 23 35.186.253.211 15169 (GOOGLE)
11 54.76.118.59 16509 (AMAZON-02)
3 5 2620:116:800d... 16509 (AMAZON-02)
11 18.165.191.236 16509 (AMAZON-02)
2 65.9.66.104 16509 (AMAZON-02)
3 184.30.211.26 16625 (AKAMAI-AS)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:25a... 16509 (AMAZON-02)
4 20.119.174.243 8075 (MICROSOFT...)
3 6 52.210.162.23 16509 (AMAZON-02)
8 35.186.236.140 15169 (GOOGLE)
1 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
7 142.250.184.230 15169 (GOOGLE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2600:9000:225... 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
12 2a00:1450:400... 15169 (GOOGLE)
2 13 52.95.125.22 16509 (AMAZON-02)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 35.190.39.111 15169 (GOOGLE)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
1 12 35.244.159.8 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 141.193.213.10 209242 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 149.28.187.227 20473 (AS-CHOOPA)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:219... 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 2600:9000:219... 16509 (AMAZON-02)
15 15 34.252.143.149 16509 (AMAZON-02)
1 9 52.46.128.147 16509 (AMAZON-02)
4 4 70.42.32.63 13789 (INTERNAP-...)
10 40 37.157.4.28 198622 (ADFORM)
19 35.71.131.137 16509 (AMAZON-02)
29 36 142.250.181.226 15169 (GOOGLE)
2 162.19.138.82 16276 (OVH)
2 52.208.7.68 16509 (AMAZON-02)
8 95.101.149.233 16625 (AKAMAI-AS)
1 1 185.255.84.153 200271 (IGUANE-)
1 76.223.111.18 16509 (AMAZON-02)
24 2a00:1450:400... 15169 (GOOGLE)
14 34.247.233.198 16509 (AMAZON-02)
18 18 35.214.149.91 15169 (GOOGLE)
2 2 35.210.53.219 15169 (GOOGLE)
6 6 54.160.145.206 14618 (AMAZON-AES)
3 18 2a05:d018:d29... 16509 (AMAZON-02)
2 2 52.2.41.65 14618 (AMAZON-AES)
1 38.91.45.7 398989 (DEEPINTENT)
5 5 208.93.169.131 46244 (WEBMD-IDC...)
2 2 81.17.55.108 60781 (LEASEWEB-...)
2 162.19.138.120 16276 (OVH)
4 184.30.16.195 16625 (AKAMAI-AS)
1 1 124.146.153.164 2514 (INFOSPHER...)
9 9 185.184.8.90 204995 (RTB-HOUSE...)
2 2 23.56.202.187 16625 (AKAMAI-AS)
5 8 69.173.144.139 26667 (RUBICONPR...)
2 52.18.204.174 16509 (AMAZON-02)
1 85.91.45.94 27381 (CASALE-MEDIA)
6 198.47.127.19 3257 (GTT-BACKB...)
2 2 69.173.144.165 26667 (RUBICONPR...)
9 13 69.173.144.138 26667 (RUBICONPR...)
21 37.157.5.73 198622 (ADFORM)
1 1 216.200.232.249 30419 (MEDIAMATH...)
18 32 198.47.127.205 62713 (AS-PUBMATIC)
4 4 178.250.1.9 44788 (ASN-CRITE...)
13 21 185.64.191.210 62713 (AS-PUBMATIC)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 52.209.41.250 16509 (AMAZON-02)
2 3 34.91.62.186 396982 (GOOGLE-CL...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 3.64.96.203 16509 (AMAZON-02)
1 2600:9000:25a... 16509 (AMAZON-02)
10 10 3.71.149.231 16509 (AMAZON-02)
1 23.48.23.21 20940 (AKAMAI-ASN1)
2 2600:9000:25a... 16509 (AMAZON-02)
47 2a00:1450:400... 15169 (GOOGLE)
67 2606:4700:20:... 13335 (CLOUDFLAR...)
1 185.170.60.92 27381 (CASALE-MEDIA)
21 21 3.208.240.1 14618 (AMAZON-AES)
3 3 2001:678:cb4:... 56396 (AMOBEE)
14 14 13.32.27.99 16509 (AMAZON-02)
12 12 193.0.160.130 54312 (ROCKETFUEL)
8 14 35.244.174.68 15169 (GOOGLE)
4 4 54.36.150.184 16276 (OVH)
1 2 35.186.193.173 15169 (GOOGLE)
3 3 35.214.131.35 15169 (GOOGLE)
1 1 34.160.19.107 15169 (GOOGLE)
13 104.18.38.76 13335 (CLOUDFLAR...)
1 1 193.135.9.126 48314 (IP-PROJECTS)
1 217.79.187.68 24961 (MYLOC-AS ...)
1 185.170.60.134 27381 (CASALE-MEDIA)
10 2600:1f13:800... 16509 (AMAZON-02)
1 3 35.186.194.101 15169 (GOOGLE)
2 184.30.17.243 16625 (AKAMAI-AS)
1 185.170.60.145 27381 (CASALE-MEDIA)
1 85.91.45.48 27381 (CASALE-MEDIA)
1 185.170.60.62 27381 (CASALE-MEDIA)
1 85.91.45.90 27381 (CASALE-MEDIA)
2 4 69.20.43.192 27357 (RACKSPACE)
1 1 91.216.195.7 12516 (WEBORAMA ...)
4 72.251.245.181 32475 (SINGLEHOP...)
1 2 34.196.213.92 14618 (AMAZON-AES)
5 5 134.122.57.34 14061 (DIGITALOC...)
7 8 2607:ae80:4::26 26558 (FREEWHEEL)
41 2606:4700::68... 13335 (CLOUDFLAR...)
1 185.170.60.112 27381 (CASALE-MEDIA)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
10 10 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 3 45.137.176.88 60350 (VP)
1 1 3.69.181.161 16509 (AMAZON-02)
1 185.170.60.75 27381 (CASALE-MEDIA)
8 8 98.98.134.242 21859 (ZEN-ECN)
4 4 34.111.113.62 396982 (GOOGLE-CL...)
4 4 2001:678:cb4:... 56396 (AMOBEE)
1 1 35.208.249.213 19527 (GOOGLE-2)
4 4 18.158.46.130 16509 (AMAZON-02)
1 185.170.60.143 27381 (CASALE-MEDIA)
1 185.170.60.117 27381 (CASALE-MEDIA)
3 147.135.143.112 16276 (OVH)
4 13 92.123.148.9 16625 (AKAMAI-AS)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
6 8 151.101.2.49 54113 (FASTLY)
5 2a05:d018:cc3... 16509 (AMAZON-02)
1 3 52.49.110.165 16509 (AMAZON-02)
1 1 154.59.122.79 174 (COGENT-174)
3 3 34.95.81.168 396982 (GOOGLE-CL...)
2 4 72.246.169.24 16625 (AKAMAI-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 18.193.197.239 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
3 192.241.159.82 14061 (DIGITALOC...)
1 95.101.148.20 16625 (AKAMAI-AS)
5 12 198.47.127.20 62713 (AS-PUBMATIC)
1 54.36.78.116 16276 (OVH)
19 31 185.64.190.79 62713 (AS-PUBMATIC)
1 34.250.99.97 16509 (AMAZON-02)
2 13.32.99.88 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
2 2 81.17.55.117 60781 (LEASEWEB-...)
1 1 57.129.18.109 16276 (OVH)
1 51.75.86.98 16276 (OVH)
1 1 172.240.155.116 7979 (SERVERS-COM)
1 216.52.2.30 32475 (SINGLEHOP...)
1 1 2607:f350:3:2... 27630 (AS-XFERNET)
8 85.195.93.95 29066 (VELIANET-...)
6 2a01:4a0:1338... 201011 (CORE-BACK...)
2 2 18.185.42.140 16509 (AMAZON-02)
4 46.105.200.240 16276 (OVH)
5 54.154.71.202 16509 (AMAZON-02)
3 3 85.114.159.118 24961 (MYLOC-AS ...)
2 2 35.158.151.55 16509 (AMAZON-02)
4 4 213.155.156.185 1299 (TWELVE99 ...)
3 3 82.145.213.8 39832 (NO-OPERA)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.122 42697 (NETIC-AS)
1 1 141.94.170.64 16276 (OVH)
1 5 18.245.46.103 16509 (AMAZON-02)
6 130.211.44.5 396982 (GOOGLE-CL...)
1 1 8.43.72.98 26667 (RUBICONPR...)
1 1 18.195.136.197 16509 (AMAZON-02)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 1 141.94.242.226 16276 (OVH)
2 2 141.94.170.77 16276 (OVH)
1 195.5.165.20 44968 (IPROM-AS)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.88.86.2 24940 (HETZNER-AS)
4 4 46.228.174.117 56396 (AMOBEE)
1101 152
Apex Domain
Subdomains
Transfer
121 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
226 KB
117 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459
ads.pubmatic.com — Cisco Umbrella Rank: 535
image6.pubmatic.com — Cisco Umbrella Rank: 805
simage2.pubmatic.com — Cisco Umbrella Rank: 870
image2.pubmatic.com — Cisco Umbrella Rank: 912
simage4.pubmatic.com — Cisco Umbrella Rank: 1277
image8.pubmatic.com — Cisco Umbrella Rank: 664
image4.pubmatic.com — Cisco Umbrella Rank: 1237
66 KB
95 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 478
a5180.casalemedia.com — Cisco Umbrella Rank: 426905
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 497
a1161.casalemedia.com — Cisco Umbrella Rank: 420687
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
dsum.casalemedia.com — Cisco Umbrella Rank: 1367
a1203.casalemedia.com — Cisco Umbrella Rank: 436803
a1214.casalemedia.com — Cisco Umbrella Rank: 383787
a5134.casalemedia.com — Cisco Umbrella Rank: 409690
a1131.casalemedia.com — Cisco Umbrella Rank: 396552
a5176.casalemedia.com — Cisco Umbrella Rank: 430052
a1181.casalemedia.com — Cisco Umbrella Rank: 424876
a1144.casalemedia.com — Cisco Umbrella Rank: 395703
r.casalemedia.com — Cisco Umbrella Rank: 1743
a1212.casalemedia.com — Cisco Umbrella Rank: 422719
a1186.casalemedia.com — Cisco Umbrella Rank: 402073
102 KB
89 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
ad.doubleclick.net — Cisco Umbrella Rank: 163
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
424 KB
83 googlesyndication.com
428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
564 KB
67 ad4m.at
ad4m.at — Cisco Umbrella Rank: 11475
as.ad4m.at — Cisco Umbrella Rank: 29340
assets.ad4m.at — Cisco Umbrella Rank: 41583
1 MB
61 adform.net
c1.adform.net — Cisco Umbrella Rank: 583
track.adform.net — Cisco Umbrella Rank: 5048
s1.adform.net — Cisco Umbrella Rank: 9860
dmp.adform.net — Cisco Umbrella Rank: 3041
583 KB
45 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 520
eus.rubiconproject.com — Cisco Umbrella Rank: 579
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 967
token.rubiconproject.com — Cisco Umbrella Rank: 477
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2084
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1274
70 KB
41 bannerflow.net
c.bannerflow.net — Cisco Umbrella Rank: 8446
704 KB
40 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 314
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591
client.aps.amazon-adsystem.com — Cisco Umbrella Rank: 12353
aax.amazon-adsystem.com — Cisco Umbrella Rank: 395
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 801
s.amazon-adsystem.com — Cisco Umbrella Rank: 326
162 KB
37 openx.net
rtb.openx.net — Cisco Umbrella Rank: 625
oajs.openx.net — Cisco Umbrella Rank: 1736
google-bidout-d.openx.net — Cisco Umbrella Rank: 1735
eu-u.openx.net — Cisco Umbrella Rank: 2043
us-u.openx.net — Cisco Umbrella Rank: 524
bloggernetwork-d.openx.net — Cisco Umbrella Rank: 56927
6 KB
31 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 651
sync-pm.ads.yieldmo.com — Cisco Umbrella Rank: 8464
12 KB
28 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
12 KB
24 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
secure.adnxs.com — Cisco Umbrella Rank: 490
25 KB
22 liadm.com
i.liadm.com — Cisco Umbrella Rank: 550
i6.liadm.com — Cisco Umbrella Rank: 2884
13 KB
21 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 2663
sync.serverbid.com — Cisco Umbrella Rank: 11771
x.serverbid.com — Cisco Umbrella Rank: 13570
5 KB
19 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
3 KB
18 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
9 KB
18 folkd.com
www.folkd.com
folkd.com
22 KB
16 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
1 MB
16 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1478
usersync.gumgum.com — Cisco Umbrella Rank: 1988
5 KB
15 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 555
8 KB
14 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 451
2 KB
14 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1645
10 KB
14 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 851
static.adsafeprotected.com — Cisco Umbrella Rank: 721
dt.adsafeprotected.com — Cisco Umbrella Rank: 719
106 KB
14 cootlogix.com
prebid.cootlogix.com — Cisco Umbrella Rank: 5265
sync.cootlogix.com — Cisco Umbrella Rank: 3230
10 KB
14 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 740
3 KB
13 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16092
9 KB
13 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 644
cdn.indexww.com — Cisco Umbrella Rank: 1576
3 KB
12 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 604
rtb0.doubleverify.com — Cisco Umbrella Rank: 944
tps.doubleverify.com — Cisco Umbrella Rank: 650
rtbc-ew1.doubleverify.com — Cisco Umbrella Rank: 18123
tpsc-ew1.doubleverify.com — Cisco Umbrella Rank: 10979
231 KB
12 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 841
12 KB
12 media.net
prebid.media.net — Cisco Umbrella Rank: 1229
contextual.media.net — Cisco Umbrella Rank: 709
15 KB
12 monu.delivery
monu.delivery — Cisco Umbrella Rank: 30553
imps.monu.delivery — Cisco Umbrella Rank: 40111
183 KB
11 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2790
casale-match.dotomi.com — Cisco Umbrella Rank: 3039
openx2-match.dotomi.com — Cisco Umbrella Rank: 4009
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3439
4 KB
11 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3902
5 KB
10 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2253
creativecdn.com — Cisco Umbrella Rank: 564
8 KB
10 xano.io
xeqe-t3lw-i7hv.n7.xano.io
23 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
467 KB
8 gsitrix.com
a.gsitrix.com — Cisco Umbrella Rank: 562867
117 KB
8 adswizz.com
synchrobox.adswizz.com — Cisco Umbrella Rank: 8009
cdn.adswizz.com — Cisco Umbrella Rank: 14137
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2704
delivery-cdn-cf.adswizz.com — Cisco Umbrella Rank: 5493
24 KB
8 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 716
2 KB
8 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 722
5 KB
8 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 562
5 KB
8 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1005
bcp.crwdcntrl.net — Cisco Umbrella Rank: 898
sync.crwdcntrl.net — Cisco Umbrella Rank: 853
26 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 747
r.clarity.ms — Cisco Umbrella Rank: 7589
c.clarity.ms — Cisco Umbrella Rank: 1351
28 KB
7 turn.com
d.turn.com — Cisco Umbrella Rank: 1381
ad.turn.com — Cisco Umbrella Rank: 843
3 KB
7 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 423
mug.criteo.com — Cisco Umbrella Rank: 3123
dis.criteo.com — Cisco Umbrella Rank: 608
9 KB
7 id5-sync.com
api.id5-sync.com — Cisco Umbrella Rank: 13178
cdn.id5-sync.com — Cisco Umbrella Rank: 857
id5-sync.com — Cisco Umbrella Rank: 425
58 KB
7 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 18924
e3.adpushup.com — Cisco Umbrella Rank: 22147
keymap.adpushup.com — Cisco Umbrella Rank: 53764
243 KB
7 bubbleapps.io
folkd0612.bubbleapps.io
1 MB
6 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 730
3 KB
5 mediaintelligence.de
mediaintelligence.de — Cisco Umbrella Rank: 364316
data.mediaintelligence.de
90 KB
5 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1407
901 B
5 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2579
3 KB
5 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 523
4 KB
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1364
pixel.quantserve.com — Cisco Umbrella Rank: 1007
cms.quantserve.com — Cisco Umbrella Rank: 764
11 KB
4 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5298
1002 B
4 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1651
2 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 875
3 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 501
2 KB
4 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1563
1 KB
4 lkqd.net
cs.lkqd.net — Cisco Umbrella Rank: 2307
2 KB
4 mediarithmics.com
cookie-matching.mediarithmics.com — Cisco Umbrella Rank: 4071
1 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2054
3 KB
4 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 742
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669
1 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 626
1 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
2 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3060
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19240
2 KB
3 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1217
2 KB
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1552
2 KB
3 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 35110
656 B
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 239
2 KB
3 conrad.ch
www.conrad.ch — Cisco Umbrella Rank: 635077
803 B
3 tryiqos.ch
min.tryiqos.ch
9 KB
3 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1503
2 KB
3 smartclip.net
ad.sxp.smartclip.net — Cisco Umbrella Rank: 4762
917 B
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 897
723 B
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
1 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 25218
wam.solution.weborama.fr — Cisco Umbrella Rank: 18757
962 B
3 btloader.com
btloader.com — Cisco Umbrella Rank: 881
api.btloader.com — Cisco Umbrella Rank: 960
18 KB
3 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1157
88 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
storage.googleapis.com — Cisco Umbrella Rank: 286
74 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 874
s.tribalfusion.com — Cisco Umbrella Rank: 2405
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1382
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1282
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2298
1 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4277
1 KB
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1259
415 B
2 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4474
470 B
2 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 4100
ipac.ctnsnet.com — Cisco Umbrella Rank: 5784
748 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 906
958 B
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5392
750 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 914
537 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 918
1 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1463
191 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2029
304 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1373
527 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6671
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6118
276 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 33500
412 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 247
766 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 7736
346 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
63 KB
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3434
439 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 976
652 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 671
277 B
1 colossusssp.com
sync.colossusssp.com — Cisco Umbrella Rank: 1430
666 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 707
864 B
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 3537
351 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1872
174 B
1 eterna.de
ums-tr.eterna.de — Cisco Umbrella Rank: 160024
809 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1353
653 B
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1161
374 B
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 4703
595 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1515
422 B
1 adsafety.net
cm.adsafety.net — Cisco Umbrella Rank: 20357
229 B
1 smartstream.tv
ads.smartstream.tv — Cisco Umbrella Rank: 28629
823 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1683
349 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 773
319 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1495
526 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 508
35 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 349
651 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1331
739 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1525
829 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1026
44 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 412
140 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 731
358 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 662
443 B
1 2sport.tv
2sport.tv
253 KB
1 strikinglycdn.com
static-assets.strikinglycdn.com — Cisco Umbrella Rank: 130899
7 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 93
96 KB
1 wholesaleusb.com.au
wholesaleusb.com.au
38 KB
1 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 12324
84 KB
1 keochuan.tv
keochuan.tv
75 KB
1 mymodernlaw.com
mymodernlaw.com
26 KB
1 blogspot.com
1.bp.blogspot.com — Cisco Umbrella Rank: 11960
101 KB
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4356
474 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2948
3 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1833
8 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1345
636 B
1 bubble.io
1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
80 KB
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 avct.cloud Failed
ads.avct.cloud Failed
1101 147
Domain Requested by
121 cdn.jsdelivr.net folkd.com
folkd0612.bubbleapps.io
securepubads.g.doubleclick.net
428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
47 pagead2.googlesyndication.com cdn.jsdelivr.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
41 c.bannerflow.net 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
c.bannerflow.net
41 dsum-sec.casalemedia.com 3 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
37 securepubads.g.doubleclick.net cdn.adpushup.com
securepubads.g.doubleclick.net
428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
www.googletagservices.com
36 cm.g.doubleclick.net 29 redirects google-bidout-d.openx.net
rtb.gumgum.com
aax-eu.amazon-adsystem.com
googleads.g.doubleclick.net
32 simage2.pubmatic.com 18 redirects ads.pubmatic.com
folkd.com
32 track.adform.net 3 redirects cdn.jsdelivr.net
s1.adform.net
428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
31 image8.pubmatic.com 19 redirects ads.pubmatic.com
30 assets.ad4m.at as.ad4m.at
27 ad4m.at cdn.jsdelivr.net
428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
ad4m.at
ssum-sec.casalemedia.com
26 ads.yieldmo.com 1 redirects folkd.com
monu.delivery
ads.yieldmo.com
24 tpc.googlesyndication.com 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
23 rtb.openx.net 1 redirects folkd.com
bloggernetwork-d.openx.net
21 i.liadm.com 21 redirects
21 image2.pubmatic.com 13 redirects ads.pubmatic.com
21 s1.adform.net track.adform.net
s1.adform.net
folkd.com
428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
21 htlb.casalemedia.com folkd.com
21 ib.adnxs.com 9 redirects folkd.com
aax-eu.amazon-adsystem.com
19 match.adsrvr.org google-bidout-d.openx.net
rtb.gumgum.com
ads.pubmatic.com
aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
folkd.com
ads.yieldmo.com
sync.serverbid.com
18 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
bloggernetwork-d.openx.net
18 x.bidswitch.net 18 redirects
16 ssum-sec.casalemedia.com 2 redirects 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
js-sec.indexww.com
16 www.googletagservices.com 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
googleads.g.doubleclick.net
16 folkd.com 1 redirects folkd.com
folkd0612.bubbleapps.io
15 match.prod.bidr.io 15 redirects
14 idsync.rlcdn.com 8 redirects ssum-sec.casalemedia.com
14 live.rezync.com 14 redirects
14 usersync.gumgum.com rtb.gumgum.com
ads.pubmatic.com
14 prebid.a-mo.net 1 redirects folkd.com
aax-eu.amazon-adsystem.com
monu.delivery
13 www.awin1.com 4 redirects as.ad4m.at
13 pixel.rubiconproject.com 9 redirects aax-eu.amazon-adsystem.com
13 aax-eu.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
google-bidout-d.openx.net
rtb.gumgum.com
ads.pubmatic.com
12 js-sec.indexww.com ssum-sec.casalemedia.com
monu.delivery
12 p.rfihub.com 12 redirects
12 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
cdn.confiant-integrations.net
11 aax.amazon-adsystem.com c.amazon-adsystem.com
11 hb.minutemedia-prebid.com folkd.com
11 e.serverbid.com folkd.com
11 prebid.cootlogix.com folkd.com
11 hbopenbid.pubmatic.com folkd.com
11 prebid.media.net folkd.com
11 fastlane.rubiconproject.com folkd.com
10 as.ad4m.at ad4m.at
as.ad4m.at
10 dt.adsafeprotected.com 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
folkd.com
10 googleads.g.doubleclick.net cdn.jsdelivr.net
pagead2.googlesyndication.com
10 ups.analytics.yahoo.com 10 redirects
10 xeqe-t3lw-i7hv.n7.xano.io 2 redirects cdn.jsdelivr.net
9 x.serverbid.com sync.serverbid.com
ads.pubmatic.com
9 creativecdn.com 9 redirects
9 us-u.openx.net 1 redirects google-bidout-d.openx.net
bloggernetwork-d.openx.net
9 s.amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
9 fonts.gstatic.com fonts.googleapis.com
8 a.gsitrix.com min.tryiqos.ch
mediaintelligence.de
a.gsitrix.com
8 sync-tm.everesttech.net 6 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
8 pixel-sync.sitescout.com 8 redirects
8 ads.stickyadstv.com 7 redirects ssum-sec.casalemedia.com
8 token.rubiconproject.com 5 redirects eus.rubiconproject.com
8 eus.rubiconproject.com aax-eu.amazon-adsystem.com
eus.rubiconproject.com
rtb.gumgum.com
monu.delivery
sync.cootlogix.com
8 imps.monu.delivery folkd.com
7 image4.pubmatic.com 5 redirects ads.yieldmo.com
ads.pubmatic.com
7 c1.adform.net 6 redirects ads.pubmatic.com
7 folkd0612.bubbleapps.io folkd.com
folkd0612.bubbleapps.io
6 pubmatic-match.dotomi.com 6 redirects
6 cdn.doubleverify.com min.tryiqos.ch
mediaintelligence.de
cdn.doubleverify.com
folkd.com
6 image6.pubmatic.com ads.pubmatic.com
6 sync.srv.stackadapt.com 6 redirects
6 ad.doubleclick.net folkd.com
428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
5 synchroscript.deliveryengine.adswizz.com 1 redirects cdn.adswizz.com
synchroscript.deliveryengine.adswizz.com
5 sync-pm.ads.yieldmo.com ads.pubmatic.com
5 simage4.pubmatic.com ads.pubmatic.com
5 d.adroll.com ssum-sec.casalemedia.com
5 match.adsby.bidtheatre.com 5 redirects
5 bh.contextweb.com 5 redirects
4 d5p.de17a.com 4 redirects
4 data.mediaintelligence.de min.tryiqos.ch
data.mediaintelligence.de
4 x.dlx.addthis.com 2 redirects ssum-sec.casalemedia.com
4 pm.w55c.net 4 redirects
4 ad.turn.com 4 redirects
4 pixel.tapad.com 4 redirects
4 cm.adgrx.com ssum-sec.casalemedia.com
ads.pubmatic.com
4 cs.lkqd.net 2 redirects googleads.g.doubleclick.net
4 dsum.casalemedia.com ssum-sec.casalemedia.com
4 cookie-matching.mediarithmics.com 4 redirects
4 a.audrte.com 3 redirects ads.pubmatic.com
4 sync.crwdcntrl.net 3 redirects ads.pubmatic.com
4 dis.criteo.com 4 redirects
4 ads.pubmatic.com rtb.gumgum.com
ads.pubmatic.com
monu.delivery
sync.serverbid.com
4 b1sync.zemanta.com 4 redirects
4 id5-sync.com cdn.id5-sync.com
folkd.com
4 r.clarity.ms www.clarity.ms
4 c.amazon-adsystem.com cdn.adpushup.com
c.amazon-adsystem.com
4 monu.delivery folkd.com
monu.delivery
3 sync.1rx.io 3 redirects
3 t.adx.opera.com 3 redirects
3 dsp.adfarm1.adition.com 3 redirects
3 sync.cootlogix.com monu.delivery
eus.rubiconproject.com
sync.cootlogix.com
3 euexchangesync.digitaleast.mobi 3 redirects
3 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
sync.serverbid.com
3 www.conrad.ch as.ad4m.at
3 min.tryiqos.ch as.ad4m.at
min.tryiqos.ch
3 sync.adotmob.com 3 redirects
3 ad.sxp.smartclip.net 1 redirects googleads.g.doubleclick.net
3 csync.loopme.me 3 redirects
3 d.turn.com 3 redirects
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 cms.quantserve.com 3 redirects
3 secure.adnxs.com 3 redirects
3 secure.cdn.fastclick.net folkd.com
secure.cdn.fastclick.net
3 e3.adpushup.com folkd.com
3 cdn.adpushup.com folkd.com
cdn.adpushup.com
2 tpsc-ew1.doubleverify.com cdn.doubleverify.com
2 pixel-eu.onaudience.com 2 redirects
2 c.clarity.ms 1 redirects
2 tps.doubleverify.com cdn.doubleverify.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 rtb.mfadsrvr.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 openx2-match.dotomi.com 2 redirects
2 rtb-csync.smartadserver.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 r.casalemedia.com ssum-sec.casalemedia.com
2 casale-match.dotomi.com 2 redirects
2 rtb.adentifi.com 1 redirects ssum-sec.casalemedia.com
2 ad.yieldlab.net googleads.g.doubleclick.net
2 static.adsafeprotected.com pixel.adsafeprotected.com
428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 pixel-eu.rubiconproject.com 2 redirects
2 pixel.adsafeprotected.com cdn.jsdelivr.net
428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
2 secure-assets.rubiconproject.com 2 redirects
2 ssbsync.smartadserver.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 pool.admedo.com 2 redirects
2 rtb.gumgum.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
2 lb.eu-1-id5-sync.com folkd.com
2 storage.googleapis.com folkd.com
2 gum.criteo.com 1 redirects static.criteo.net
2 oajs.openx.net 1 redirects folkd.com
2 ad-delivery.net folkd.com
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 cdn.id5-sync.com folkd.com
securepubads.g.doubleclick.net
2 btloader.com 1 redirects folkd.com
2 tags.crwdcntrl.net folkd.com
securepubads.g.doubleclick.net
2 config.aps.amazon-adsystem.com monu.delivery
c.amazon-adsystem.com
2 cdn.confiant-integrations.net monu.delivery
cdn.confiant-integrations.net
2 region1.google-analytics.com www.googletagmanager.com
2 www.clarity.ms folkd.com
www.clarity.ms
2 www.google.com folkd0612.bubbleapps.io
tpc.googlesyndication.com
2 www.folkd.com 2 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 green.erne.co 1 redirects
1 c.bing.com 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 rtbc-ew1.doubleverify.com cdn.doubleverify.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 delivery-cdn-cf.adswizz.com synchroscript.deliveryengine.adswizz.com
1 rtb0.doubleverify.com cdn.doubleverify.com
1 s0.2mdn.net data.mediaintelligence.de
1 pixel.onaudience.com 1 redirects
1 mwzeom.zeotap.com ads.pubmatic.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 sync.go.sonobi.com 1 redirects
1 ap.lijit.com sync.serverbid.com
1 sync.colossusssp.com 1 redirects
1 onetag-sys.com sync.serverbid.com
1 ws.rqtrk.eu 1 redirects
1 tr.blismedia.com bloggernetwork-d.openx.net
1 cdn.adswizz.com sync.serverbid.com
1 synchrobox.adswizz.com sync.serverbid.com
1 mediaintelligence.de min.tryiqos.ch
1 contextual.media.net monu.delivery
1 bloggernetwork-d.openx.net monu.delivery
1 sync.serverbid.com monu.delivery
1 ums-tr.eterna.de as.ad4m.at
1 ums.acuityplatform.com 1 redirects
1 i6.liadm.com ssum-sec.casalemedia.com
1 a1186.casalemedia.com cdn.jsdelivr.net
1 a1212.casalemedia.com cdn.jsdelivr.net
1 trace.mediago.io 1 redirects
1 a1144.casalemedia.com cdn.jsdelivr.net
1 1f2e7.v.fwmrm.net 1 redirects
1 s.company-target.com 1 redirects
1 a1181.casalemedia.com cdn.jsdelivr.net
1 wam.solution.weborama.fr 1 redirects
1 a5176.casalemedia.com cdn.jsdelivr.net
1 a1131.casalemedia.com cdn.jsdelivr.net
1 a5134.casalemedia.com cdn.jsdelivr.net
1 a1214.casalemedia.com cdn.jsdelivr.net
1 a1203.casalemedia.com cdn.jsdelivr.net
1 cm.adsafety.net googleads.g.doubleclick.net
1 ads.smartstream.tv 1 redirects
1 dmp.brand-display.com 1 redirects
1 cm.ctnsnet.com 1 redirects
1 a1161.casalemedia.com cdn.jsdelivr.net
1 hb.yahoo.net aax-eu.amazon-adsystem.com
1 live.primis.tech aax-eu.amazon-adsystem.com
1 match.sharethrough.com aax-eu.amazon-adsystem.com
1 px.ads.linkedin.com aax-eu.amazon-adsystem.com
1 dmp.adform.net 1 redirects
1 sync.mathtag.com 1 redirects
1 a5180.casalemedia.com cdn.jsdelivr.net
1 tg.socdm.com 1 redirects
1 match.deepintent.com rtb.gumgum.com
1 eb2.3lift.com aax-eu.amazon-adsystem.com
1 visitor.omnitagjs.com 1 redirects
1 eu-u.openx.net google-bidout-d.openx.net
1 s.ad.smaato.net 1 redirects
1 2sport.tv folkd.com
1 static-assets.strikinglycdn.com folkd.com
1 i.ytimg.com folkd.com
1 wholesaleusb.com.au folkd.com
1 blogger.googleusercontent.com folkd.com
1 keochuan.tv folkd.com
1 mymodernlaw.com folkd.com
1 1.bp.blogspot.com folkd.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 mug.criteo.com folkd.com
1 esp.rtbhouse.com folkd.com
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 api.btloader.com folkd.com
1 pixel.quantserve.com folkd.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com cdn.adpushup.com
1 keymap.adpushup.com folkd.com
1 api.id5-sync.com folkd.com
1 client.aps.amazon-adsystem.com monu.delivery
1 1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io folkd.com
1 www.gstatic.com www.google.com
1 fonts.googleapis.com folkd0612.bubbleapps.io
1 www.googletagmanager.com folkd.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 ads.avct.cloud Failed ssum-sec.casalemedia.com
1101 242
Subject Issuer Validity Valid
folkd.com
R3
2024-01-13 -
2024-04-12
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-05 -
2024-05-04
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.monu.delivery
Sectigo RSA Domain Validation Secure Server CA
2023-02-23 -
2024-03-25
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
www.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2023-12-07 -
2024-12-07
a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1
2023-08-11 -
2024-07-12
a year crt.sh
bubble.io
Cloudflare Inc ECC CA-3
2023-11-16 -
2024-11-15
a year crt.sh
*.n7.xano.io
R3
2023-12-03 -
2024-03-02
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01
2023-12-30 -
2024-12-04
a year crt.sh
confiant-integrations.net
GTS CA 1P5
2024-01-17 -
2024-04-16
3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2024-01-21 -
2025-02-19
a year crt.sh
client.aps.amazon-adsystem.com
Amazon RSA 2048 M02
2023-12-20 -
2025-01-18
a year crt.sh
*.id5-sync.com
R3
2024-01-01 -
2024-03-31
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.a-mo.net
R3
2024-01-06 -
2024-04-05
3 months crt.sh
prebid.media.net
GTS CA 1D4
2023-12-24 -
2024-03-23
3 months crt.sh
*.yieldmo.com
Amazon RSA 2048 M01
2023-04-04 -
2024-05-02
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2023-04-20 -
2024-05-20
a year crt.sh
*.cootlogix.com
Sectigo RSA Domain Validation Secure Server CA
2023-10-19 -
2024-11-17
a year crt.sh
*.consumableaudio.com
R3
2024-01-16 -
2024-04-15
3 months crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3
2023-05-21 -
2024-05-20
a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.minutemedia-prebid.com
Amazon ECDSA 256 M01
2023-04-18 -
2024-05-16
a year crt.sh
quantserve.com
R3
2023-12-27 -
2024-03-26
3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-16 -
2024-03-08
a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1
2023-10-03 -
2024-10-03
a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01
2024-01-14 -
2024-06-27
5 months crt.sh
imps.monu.delivery
GTS CA 1D4
2024-01-09 -
2024-04-08
3 months crt.sh
api.btloader.com
GTS CA 1D4
2023-12-08 -
2024-03-07
3 months crt.sh
ad-delivery.net
GTS CA 1P5
2024-01-20 -
2024-04-19
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018
2023-06-09 -
2024-07-10
a year crt.sh
oa.openxcdn.net
GTS CA 1D4
2024-01-22 -
2024-04-22
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-15 -
2024-03-10
3 months crt.sh
cdn.prod.uidapi.com
R3
2023-11-02 -
2024-01-31
3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4
2023-12-23 -
2024-03-22
3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01
2024-01-13 -
2024-12-22
a year crt.sh
esp.rtbhouse.com
GTS CA 1D4
2024-01-05 -
2024-04-04
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-01 -
2024-03-01
3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
mymodernlaw.com
Cloudflare Inc ECC CA-3
2023-03-27 -
2024-03-26
a year crt.sh
keochuan.tv
GTS CA 1P5
2023-12-20 -
2024-03-19
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
wholesaleusb.com.au
R3
2023-11-29 -
2024-02-27
3 months crt.sh
edgestatic.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.strikinglycdn.com
Amazon RSA 2048 M02
2024-01-18 -
2025-02-14
a year crt.sh
2sport.tv
GTS CA 1P5
2023-12-14 -
2024-03-13
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.eu-1-id5-sync.com
R3
2024-01-01 -
2024-03-31
3 months crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01
2023-07-17 -
2024-08-14
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2023-12-01 -
2025-01-01
a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02
2023-12-18 -
2025-01-16
a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-06 -
2024-09-19
a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02
2023-03-29 -
2024-04-27
a year crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-07 -
2024-12-07
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2024-01-10 -
2024-06-26
6 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02
2023-07-07 -
2024-08-04
a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01
2024-01-01 -
2024-12-21
a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3
2023-09-05 -
2024-09-03
a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01
2023-05-09 -
2024-06-06
a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-03 -
2024-03-31
a year crt.sh
adentifi.com
Amazon RSA 2048 M01
2023-07-06 -
2024-08-03
a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-19 -
2024-05-19
a year crt.sh
min.tryiqos.ch
R3
2023-12-22 -
2024-03-21
3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1
2024-01-10 -
2025-01-10
a year crt.sh
d.adroll.com
Amazon RSA 2048 M01
2023-10-09 -
2024-11-07
a year crt.sh
sync.serverbid.com
Amazon RSA 2048 M02
2023-03-22 -
2024-04-19
a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-18
a year crt.sh
mediaintelligence.de
Thawte TLS RSA CA G1
2023-12-11 -
2025-01-10
a year crt.sh
*.adswizz.com
Amazon RSA 2048 M02
2023-06-21 -
2024-07-19
a year crt.sh
tr.blismedia.com
GTS CA 1D4
2023-12-02 -
2024-03-01
3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2023-05-06 -
2024-05-04
a year crt.sh
a.gsitrix.com
R3
2024-01-16 -
2024-04-15
3 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1
2023-05-07 -
2024-05-07
a year crt.sh
data.mediaintelligence.de
R3
2023-11-24 -
2024-02-22
3 months crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01
2023-04-04 -
2024-05-02
a year crt.sh
deliveryengine.adswizz.com
Amazon RSA 2048 M02
2023-07-04 -
2024-08-01
a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2
2023-09-29 -
2024-09-28
a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-08-11 -
2024-09-11
a year crt.sh
*.iprom.net
R3
2023-11-13 -
2024-02-11
3 months crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-13 -
2024-11-10
a year crt.sh
truffle.bid
R3
2024-01-08 -
2024-04-07
3 months crt.sh

This page contains 149 frames:

Primary Page: https://folkd.com/
Frame ID: 97DC3FC396B1E6322C26C7898196AD46
Requests: 410 HTTP requests in this frame

Frame: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: 6ED2B45E47044288F8832DD20FF0821E
Requests: 1 HTTP requests in this frame

Frame: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D8FC986F636F84C1EC4A3E6E042B89D7
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&dcc=t
Frame ID: ABD8AEC4AC256962D61F2F4D17DCE471
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=folkd.com
Frame ID: E4579D87BB39837DEFA9DC16C5369FDD
Requests: 2 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 7A30688C8AB1106DC073B9AD8C483D37
Requests: 4 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: A616665D75954E7B49946C11454DEDBB
Requests: 6 HTTP requests in this frame

Frame: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7C9A9A706FCED3ADAFCB0364CAEF4668
Requests: 8 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 2F96AF2D546BE128ECE34182D0F1CBB9
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: E12BEADB906C8AA39CA954AE89036C93
Requests: 20 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=2380373011570053850&ex=appnexus.com
Frame ID: C64E0723583C02B2F78FB9F885006068
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=adyoulike.com&id=cda9ad6ae9d89adbee8b213567150311
Frame ID: 80C4D34D79803EE9DB6FD96FA2264DA9
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
Frame ID: 4DCDDFE31E5C84F82995EE174E203354
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=7283273328877549246&gdpr=&gdpr_consent=
Frame ID: A82FB7CDE81E880693924F32356E5C0F
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9kMjY5YmIzMi0wNGJkLTQ5OWYtOTMyMS1kY2RlNzUzZDkxM2M=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 8B8860A175DA3A92C5674467210799A4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: CBB8DDCBA048BDA0CE7352488E125ADB
Requests: 16 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 63D59723ED5A26F4EE3E5FABB67498B8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Za80u8Co8YwAAEQbjwAAAAAA
Frame ID: 6D8BB942D0CC07DC93929543B90A29E3
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&pi=gumgum&tc=1
Frame ID: F8FB9498BC01A7919AF5500FE54AE657
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 12240BDBEB634DC098D8CCEE750B8317
Requests: 4 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=67903450;rtbwp=Za80uQAAAADnlrKcPX5u7ETUO0QXaT2BHJK4lw;rtbdata=W6kvuXQNu86EBnfD9JcxEfjYF229bpUjHubuMhubs0C3xMsNeaE_7YsMS1QbwXumzXPyNOGIAmqYdJkohl9Dl2Z8D7pzFqnXZP4orUHzt_MntkI1FSYiFF__U9FnlqaRKWcHZh-DE2Jp7Vto4vKAkzW0_-F-7GIsR5xeG1R90QYbDD0kU7EUclL9E4BYs1QFXShoco9Eve955yZIP-8ZplXI6hKUTkBTvo2uv1JH9j_sNBY9OFe3B2D0WqQsz4K7k0-z-cOV_gJ4J2NRz8UbEmT0lQkXAT8x0
Frame ID: DE851C96C77DE3CF99A512E2A2388CB1
Requests: 23 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:453465af-34bc-4f00-bef5-1fd5677e3338&gdpr=0&gdpr_consent=
Frame ID: D39DF68D7A63D70A7F253B68373ED536
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 7DEEC17EE0C264B01A43A489C1D65B6E
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&redir=true&gdpr=0&gdpr_consent=
Frame ID: D7E6F464CB0DD4D447C6280213510C54
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0xYvLtYXLHHIGnophhVjKoNGenDIGnd-0xtxOLQS
Frame ID: ECE744CFC4B2F596536B28F8D152D4BE
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=7BC00642-7252-4DDF-B9FE-EF913FD24BAB
Frame ID: 24F7FE56686CFF5C1D49E3624E97909A
Requests: 1 HTTP requests in this frame

Frame: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B1D19E7812E7C9664A86EEE7D4DE5460
Requests: 8 HTTP requests in this frame

Frame: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DE1C72BE20392551FDF44F3A6071E45A
Requests: 7 HTTP requests in this frame

Frame: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BDB01B1576E7B7351233730214C98018
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0&C=1
Frame ID: 6FABA7FB8F2F6A957DB24070797D79FF
Requests: 10 HTTP requests in this frame

Frame: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4F9351E52F7CE422F6585960D4863581
Requests: 7 HTTP requests in this frame

Frame: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EF46F6191A409D533A13D7A1AD8EBE54
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNXmHUB5Eo-jeDAM-YFu8gPxc59BPJEnoJBZ4HWthb7HtomLcQkKCdzNMTm-VLBm7BXam6E8M9bBiGGiGRRBafXFvjo6Mw
Frame ID: EA94DD4EE59DC6372503A22A22D7B87C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 077674157803969CD99492BF11A4FFA0
Requests: 15 HTTP requests in this frame

Frame: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 111370D174A3A493F3CF071D52F780EC
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNXsep3PQv_uhdB5qyEWO8MXuMEytqIump6wDqMtg7NlPq4f3-aHStND0b6dBGoyHe5xVk5EJU1-I2bKJ4i5-ZPHVAAnEg
Frame ID: 2743AC5E316F7891F8595012666CAD59
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: AC9E042770E2EF76E07F1C1B998B94F5
Requests: 14 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: CC2EB67607F0EA9AA19DCA0821EC3508
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2135726/13004045/13004045.js?ADFassetID=13004045&bv=257
Frame ID: E0BDC76C73E51D9927E4C5342925F4B3
Requests: 12 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=67903448;rtbwp=Za80uwAAAAA7pnV2O9a3cB7Oos5tkGOHjZSYew;rtbdata=JmhGGE0Ooy5Tbg1lboNz3LthwCTVQ9-2ou39pUlP6FPjJolEA22bjRkwoOAsi8rWzdigAwChWcnjKe-guS5X7JB_CSiecMu3VF31rLo_PT_rUBCvIMmTM_I9jq6yvuQ0yFg1YNsgsVG76FslKcgL6xMwbL2NIc_uZzFAo0AlJT3rMeRwyzzhnzZLcBQglqsM1z0UFkcNjzGyXC15ITRgAeslGEgS6KLK8YxBSGWzhUIOdTWiwKb_g9rGlAmoAVco2IfsOfphMFTGtluoRAQdE6JjdfnOlL1K0
Frame ID: DEEE344F9775BE13472D340443647F3A
Requests: 8 HTTP requests in this frame

Frame: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8423C8E7A537FE1996E57887EC974567
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNW332Ln1Q_G4XkYxyREqcCbDdM-pOH33gcYxf4VP8arCKN42F7-gpIwSBur04srcYunnKfdoy4vla-a653lDp0eprj5MQ
Frame ID: CF9C2A9DFEEA641B5C61612BE306407C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: C20C92B00CDF69D9822DD4DCFE0144F7
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNWAU2bHC1BMvwMFG0DCrL9QRSQAhOSaGOxbhifp3ekg_fYgwe2NIUFlxn_CsEsFI1tlX6bKP5169zBcrJ9dbUKcBvDEUg
Frame ID: 37B7C5DF379C0153DA46D0D2403B0D4E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: DC662847FB7039D0FB311F44F73B94D3
Requests: 14 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Frame ID: 93A4FA3D0467D5FB978456306D66EEBF
Requests: 10 HTTP requests in this frame

Frame: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3C7358AF16537F8FEBB9EF99D83F3532
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: E9AA6EAB3357090106CDCA4061AAABE6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNWCZ8J9ly2PdD6LwUTvf7_B6yHdy7u9IpYWfAdRu71HIA6gswxRG7bQd6nvdYsOzjypCnyVQBNfVSyLnzcAwQKE4O7O8A
Frame ID: 3F76C1DED11670A9046E675325AA5007
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 1C74E1124D01C22C3477A1370283AF3C
Requests: 14 HTTP requests in this frame

Frame: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4A06317A4697E084048388EA4C63D6EA
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Frame ID: 70B84D2AADABD7E1DEF203AE34C8587D
Requests: 10 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: D512022D4C1BA0A65DF3D52E921196EF
Requests: 1 HTTP requests in this frame

Frame: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6BD461E9B890775F796BE2DAC0D28251
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 00669399455667141333B89C11F5B640
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Frame ID: 4FB8D96BF507565CD2BA2876A0EA6E50
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 35A36F5C2C0127A4792D284846B89D3B
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Frame ID: FE9B002F53AEB8E8699338354DA0BCA3
Requests: 10 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=67903448;rtbwp=Za80uwAAAACDgchiK_EiuH7WqgY0wHxhbwk_pg;rtbdata=uQ15ENla1PAuTWs6fRGjRpWb7B1_9tYGM9z7z23GmwFUCvMUhi1CBP2mLURCRhgDzdigAwChWcnjKe-guS5X7JB_CSiecMu3VF31rLo_PT_rUBCvIMmTM_I9jq6yvuQ0yFg1YNsgsVG76FslKcgL6xMwbL2NIc_urPoBPhYJLBJyo15kc15lUTZLcBQglqsM1z0UFkcNjzGyXC15ITRgAeslGEgS6KLK8YxBSGWzhUIOdTWiwKb_g9rGlAmoAVco2IfsOfphMFSPkOudTSbEq6JjdfnOlL1K0
Frame ID: 66E3070B85944D2CDA5570789AC1904F
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: CFA8BFD8C277710A8AF0D1B45C968956
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=67903448;rtbwp=Za80uwAAAADDzcoFjiwRAWidLelxF8g6LGShiQ;rtbdata=mxYYoVJbhlU2reK7I6KyaDQ5xYabtQjVzpnU23oXvUaLMu3CYc99lqMg2JAXXuWqzdigAwChWcnjKe-guS5X7JB_CSiecMu3VF31rLo_PT_rUBCvIMmTM_I9jq6yvuQ0yFg1YNsgsVG76FslKcgL6xMwbL2NIc_uOAIN7GnnLT9HAJ5z-CxpsjZLcBQglqsM1z0UFkcNjzGyXC15ITRgAeslGEgS6KLK8YxBSGWzhUIOdTWiwKb_g9rGlAmoAVco2IfsOfphMFTGtluoRAQdE6JjdfnOlL1K0
Frame ID: 1CF0D68284645DA519F5F31321AB9601
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Frame ID: 2664108D7C7D1151CE93C00E3A1E3343
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Frame ID: FD7ADDA250ACB6AD7FDBBD3D7793309A
Requests: 10 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 8E74A1DBC82935C97FB38BC4EF7810F6
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 459789EFDE30A59CECF8368DAEAFF00D
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=67903448;rtbwp=Za80uwAAAACR__XWHMwaqZfgm7iMbV9rgSG1rQ;rtbdata=r_3McO8SekYTxyBNaUqfHIwCND6MZXWa2mR6cWbmUAck2YycTjff3rRSnIS1ONd5zdigAwChWcnjKe-guS5X7JB_CSiecMu3VF31rLo_PT_rUBCvIMmTM_I9jq6yvuQ0yFg1YNsgsVG76FslKcgL6xMwbL2NIc_u3l0ly9sBa3u82WG5C4V_OzZLcBQglqsM1z0UFkcNjzGyXC15ITRgAeslGEgS6KLK8YxBSGWzhUIOdTWiwKb_g9rGlAmoAVco2IfsOfphMFTQ_uTX0raTPqJjdfnOlL1K0
Frame ID: 564606455E9B9E2D3237BC67E134B850
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3F00339327F38DC78C2BD1E374CA0800
Requests: 3 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=67903448;rtbwp=Za80uwAAAAB_NCNWeg0yFd50fkoG-zlgTOoyBw;rtbdata=aoEYOKqeTUWKl8W-FYiXKjzq1xabj9JWWMkDonvolOC0woaxAoppjcsH-9DsGuo1zdigAwChWcnjKe-guS5X7JB_CSiecMu3VF31rLo_PT_rUBCvIMmTM_I9jq6yvuQ0yFg1YNsgsVG76FslKcgL6xMwbL2NIc_uS_WqCiCAGBdHAJ5z-CxpsjZLcBQglqsM1z0UFkcNjzGyXC15ITRgAeslGEgS6KLK8YxBSGWzhUIOdTWiwKb_g9rGlAmoAVco2IfsOfphMFTGtluoRAQdE6JjdfnOlL1K0
Frame ID: 8CA374D7ABC36E7B6026E82E714EF24F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: FCC8349E13AA39EE439D4B7169BEC5C0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9A4D7DF36C97D33C31A3850B57A494C4
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=335355%2C14235%2C14222&b=K13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=k53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=d5a488d10c4e6a39421ee898ea28c7f0%2F15145983664895032561&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116641&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCWcP4ujSvZY7KLu7EmLAPpbqs4AzE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0GNwD7-JLUWaf2uaDzFdZs64K6bgmKI-VkyfC2IFTX9sxfpL2PDhVbrBPXbsKW6DFpC1tb5fa9bhlEaIlvLI8gP4wE3jt8kiFgddz1P_xm6fVOPGhLGB3ldwGezjPhAuwSoTjG0JjaCfOnStGT3EECkPs8WVh8W_SJ92ScGSKCosRhBu6Y0qPRkmCWEN08CEDzZHpbu-1FwV2o3zE2ImwtFMX8q_vRC6AEtKHTG65YhvCqVeAo9ycKQnSSr3j2TJJMwgyTW5HRQwQdEgz1AyK7R8Gx2udvS6lc80ej7H9c1yMjN8pNzlBICiRErMOPrETS9dlwy7w4Gh3ifN4JuZvb__vQC4gnyamU29chRyisAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliT9tryyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_6L8TZ9aLiR_2VgnSH_FeGxSVGM_csWy0zp8toKysWP-JuLVXi2H2fIqfhXVwGAE%2526sig%253DAOD64_0ZIfhw5Q7BCmyYOLnlniG2E0-fyw%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AmiWUa22pe0pX8-jf_2QI3Ue7QgL3UKLlb9sf4jLr9CZNTuYjWp31z6GLFRRx54-WTJezB6bERqa4ZkVfQVCqrdGaQn4rJDTXyplf4D9v9PorhZEF8EOUQanpQ_q_jZlOBmdMhRPZ52llqxlz_FJoXJyt4bxeT042TQzyGbYcsPZqXZtA%2526cry%253D1%2526dbm_d%253DAKAmf-CAYfc7h0zZowfD3RQlkszqIy1z6lkgQWT0ErlXAcrCG_CzaifbtLDK_GgTotni_04ZrGFEZMBN4dxFN4lwf9PGLBkXUE-d1l5Kdwh-FTGzjMJQpNjGw-CbnWzeuzZ2G9UrjexsXuLEEyrfo9yd116-4HIKRXYhAQyeqi_KvJ19JOPNWf4ELrHLXaOGWTNmlB5vl71h6Br5aASgr1VrhMzDqzTDT5ad5BdyzION218dwByBf9JE0LFB4Tbxb1mblqJl-MoCS92uT1XGNveYdGJN0WfPc6PgIpyTUYyv7hVaH9L81K5a1LVWsMAioNt2eHrNhMcIRspP9jAOzMItJa6MRbmSsTJ5psooN9B5lvZ9TqeyqMQQ3DhdlR5sRWqvkYn_7FiLv661vw-GfNtAa27BX64e61l8FxTjtERHv7dCvMsbR0bGiSkwTAi2chFe-49lA3uxIcYeXAJQl5R90yxyM4c2227He78w3-ZxUaM_-ig9WJSJKTA-yRRmkoy69sllAo8lgW0tmu4YXpGde4aDR1_lBw%2526adurl%253D&y=1&s=&z=0
Frame ID: 2244625AFF72974CD214A8EC8CD2A88A
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Frame ID: 0E810E1C629BC277EE9CD55249FC3FE0
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Frame ID: CA5C8C938A32B62037F4E4E8FC212E12
Requests: 10 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=329291%2C14235%2C14222&b=Rx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=Qx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=aeb4625d8e949c8bf939b1f10179afd9%2F6652841475753835086&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116721&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC4e2mujSvZcerL56CmLAPitmIyAXE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0H--Mi-Gt7y4TL2OSo8j9-KkOjKySShJTOvhxFKvoGXDT7p0MeSGFbhl-P851SVR6vbIjSv6o4bv9cQwaarkB4rY_3we6CXPJIutGRA50s3aFsBJLxMz2QvcWNgTtfmDvmuEYfqdCkdzBN0xJaAanaFbDyICc97nFAKFLqbeqLynhwZUgcQsecbJDl_5Yhp1vxLP77XXWAoKKHtFUHHPfLMf1DqSY5K46SdAXumTxHIsVyOY9kBzVCRdqykpVEuhuXIEXMcqkVNf9M3K-sJPT8ZyRGMsMWCB2ZoR2EgwjjziKlYiJ4QSTDZQ_fUAzHIsdrS9khdVJS3r_szpos__N6pEtxgZl7PkpLcc32xZ_MAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljb2NvyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_67iS8AYdOINZx2XjgZW3fx7i21BL10VqHUBQbeWYuav5q_ZNoTZuvct2FQa6GAE%2526sig%253DAOD64_1byzuNCY8U2XTHyTHjB4VrV0z05A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-C2x_jqEcCzVEGCY2YfsIZc0yGEH77Owtsg_9ld_XmsznhFhrlGw6meB9OLpB2vc-1meTYHDydHxWgBcyyLc1_zLW05Vddf34LIyiua1Ka4BI2En_SG_n7ZP7cMyOb2IBpVciiypwQfuQpZzJ4LYzex5sEDw1H7fnhfsYOUoxAGoxD-Jq0%2526cry%253D1%2526dbm_d%253DAKAmf-AHoQoC9QXH9qqMbpmrNWeLxT1ZMQ2jC9ugDsQ-sjpL-KrC8-uSKJmlM2gHc_hZQcaYmlVbXWMyzXpw1T0Ia0RtzN5XQJXca-ixJzInGOQqMpW7we6r6ZMjwJmObjDaPz_agQrNct8t-5T4iGJTUiFJE22ASeOlFBuyswA7ftvz7E6fK_NwgqzovroVUzSxvghXx76Wc36L2iI7g2swnnxPWMTR73_emYnUGWXIxHCnwaENOXU_4ACdjIX21BTxRrxHgs6rSM-Q_F-fzgQvY6E1zlcQwWt8Ro9Tm6yOPtp4OdYy4mOF3-8-OsiOG8fKWhpt3ak00UcBG3SO8qruWH0_3WJQaNxUxNi-3UOsZjdHkufKGspSHtnyLc-SIdJ_FABykNdLBAC5za4tRErPhYPWCdabs6jEmIZ1I7iaKOnmlYvF9mTLSjbgZ6AFJ6fXvncyXRieHQf1ydk260RvyH2_ehXKGfxYa67PZVudCn46oPrr20wJQmY9rfHKZjU5eko9Dnx29u4K34BJnidunzexW5zwVQ%2526adurl%253D&y=1&s=&z=0
Frame ID: AD22768CE3DC23ADB5A47B703A6281A7
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Frame ID: 3B42BCDD724074740929A1FD9312B18A
Requests: 10 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14184%2C1174630%2C14231&b=YxeTrfzrEwc9P1FVH9HetQteZZFAT1TdpHr%2CdEmTEfe7dMuDMRxuEHjHwtEtABVdT3T4T5WCj%2C8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk&f=q4AcmfBKJYcbxDSZHgHDtRCwGGuPTgTJ2H3%2CK13CRfR5x2fer5wC5HMHktzCXr68a8TAT8Gaq%2CZx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ&c=728&d=90&e=&g=be7ad2aae831f2d104dbfa74c93c7ccd%2F9688348786189972242&i=17952%2C306304%2C17833&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116797&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCgp0LujSvZeesOrLJmLAPu9W6UMT-wtJop4OKpNQL-y4QASC35YQhYPWVzoHgBMgBCakChxZyOYpCsj6oAwHIA5sEqgSQAk_Q-MARynjIw2DAXL1cgw9m2fCt7VkFZXa2RS1lM4u40ReIZMxP83PLfX2jivgP7Y4lxqfaYN7G-KUib0HayE2cyWt2QAC6nvRsYBYY_S9g-k6hwUYZdB8hvsR2JfTCFONjXLF8HCoaHHNnAjqQReOT35hcf8QjG_inrF4H2jJHzCCmSEW3Ewnb9wCu5oT8wbxqcGca4SnwJIEzdnlxl4mrQdSglfoFMYViEZGqPXzktpj8A_sdAD50rqWjN-tfq5Wwd-wrrHnJ-vdMhrROgc0Ie4gcB92JpD_8kWsLbJhYTTMhnlVHBwVJlO8zh2XnNTgn2KcYZzJQIsFM4CTg0xox0x3wGopO7xlW7BcJ_BL0wASx0aXUOOAEA4gFwc_7eJAGAaAGTYAHgY7yN6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARhfMgKKAjoEgECAQEi9_cE6WMPU5vLK8oMD8ggNYmlkZGVyLTIwMTMzNoAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_mr2gDCcx2rxvT3HZ0UDOYuqbe6FpBUZ6ysTpQA_OfOw2134FEhnKLdQAnZr9GAE%2526sig%253DAOD64_37_aOjeZtYud-o-68C64nJKEVn4w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AdysAgWGq1N32-QTGjnCco2UKzz6JHYpSutanydFxMzmm-oUDNT1amp5GZpgZ0qzYYEXwqHGUWq367KFOIh-bAP4BCNHFr3KJETpwXtiJ-SHCKBhfhMtGt76wf17or2mdlGXqAFIwNmAb3SGl5k29gmFuHnPJ9cgSYW4bm4TU4f8-NH-Q%2526cry%253D1%2526dbm_d%253DAKAmf-CPdwX3SjzkrklTnw87_k7tU2EDQCFspuzMVTcDzdDQM1i864zhecfDtESBCmKRPjS2bJNdgxdGp06qSqUKu-X7g2vaeQreG4PctWcN3jtqJ1nStqvnAv2K6x_yMTlcg-UJlpBRG18e9UvBuT5hgne3d6eX89A_ULlqkg8U4meO0zHPvQxLsFlOaAc1bHD-QlHKiT0V-r_BrudiBpgiL0rE-sGnGbLjcfZkEyXzTMYL3Bac1Sj8HuyNdWhDVhL26tUG6I_NCIpKXV-GDkdWEzh14zdOB-IJ69ce4FL3O_ySFot0KqON0AVC-vJmnDs01eJRr4dVkU6viTzaVwbVta9-jpnr9dhpE-LOGAnT0Q7qZfwQeVTJJJYK8XEhrrTRBIs-dIYwWZpeWVj3nYSQn44mxRYIuBOVj9ZzTdPkns0PO9mdnMc_EFGsGNogy3GTdwgZs-RV86UpZVIZOWBJ-h_xr3eZz8TmBEWSNWtFUclTO_TOb-1sg2b09MydubRtgaeZUa0sC5Ede4eX_ImrmeoqZhYQmw%2526adurl%253D&y=1&s=&z=0
Frame ID: F8A17E234529D645D20F56304F5B1555
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=517453%2C309728%2C336262&b=xEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2C62GfefmJR6aEBZ7TeHmHYtkt91eAS2T1T3qT7%2Ce7Vu3fYPkACJE1QtjHZHet1tM3DKtjTQTK8H1&f=YxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CXxZTzfw189h2Pmgh6H4Het1CweWQhBTkT5KCJ%2CDjmU3f3qxGTmW5ka3HmH9twCemrdTWTmTY8HV&c=728&d=90&e=&g=b3eea552cbcd5e364822515b1562eceb%2F6690139865749810000&i=196936%2C108139%2C114236&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116814&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCH73QuzSvZY6SBLP7kdUPpP2ykATE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Ollsh1G-4vDCEWoP9AO8pvCkteWlXHbCZocVFvvIqGzVAizTJZZeLGMwyz_c8Ap7U7vkHOuyspGBiy2RoxoZMQw_AKNo1WnH0RanzIzuvK80A4cdJ9IJoURaDBOz954f9Faxt5DUTSZgHzraLDLxUtAJ4LB-5JDQrKe_rL2jIlGnRdUUUi90BFhEi7xoQCEK8rCwqk5J6GTKeC45Mzhmpnz1Oj4jPzRMS-0JqKl2oXmpWxvHbmYHoPPc4lnzhNgAT07Yj6dBLwWM7voZP_0iYZlYFpCapJW_kbnPDENmOeGLy6huQu6TZoxfn4J40w_mwH_0oTXuDZbGoEeCkBaRlZ_11OYlLhCuh6pian8vcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljEuu3yyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_xIDoJIpJbZCUnw4nhwP-ojpHw6AdZaBjU1DCrGWnoK8tBaX_l-bu0iXaZafLGAE%2526sig%253DAOD64_2JCWKQErPPSsLKnqQb_Q-P4FmFvQ%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-CSNjCCd0pgBoB2ESMuCI63iMCtkQMOG-R9MC7GX5l9McMGNVtRy6-DBa5XSKTAGBzLPJRZm8Fn8hueo7Iu83YRYjsDpR8sBnvZPLzlTSXC0J2XIo9bHpJqmStGK191AFvwL2HczKcGAxuaVYPJB2fa5Sm2pBVe3rLnqChpykAJbQ5OYZY%2526cry%253D1%2526dbm_d%253DAKAmf-BFhcFtKRfwRa7oy0axT9W9nTdiRVSHli-a3YeHnJBaZxIAYTd_T_p87jqTHshmZeT_areCA0L32UO9AR_KxWalDF7eMSxjrHii9AqfBazpq6eNMhjGEFiBwIGIcr1wmzOxFpq-r8fBKzxW9qSHqYQDkVJfxi9RfOi_AQZVbB7XZUhFCI-Q5k7c1JzZ-wey-JqfBG6gsHwF3mQf367iTjBf6oM0P09Y7QMrMHxgwpFI3ICxpHsOK_JlR1Qa-U2OHKTKr7S5O9_ur0dBTzsEDq8sGcJzP99sIDeeglYWEQTVaTOa0aOKSyn_WbZ_o24YG5eWXW5FG7I0qU57mcCJkunTvPDvwL3y-nm9KcDlHGYgZ1hs_vZ14ujFy7tGw76B1THSBxrxHZQY81IQnxNZS0pP0RtmuCFwOKwav4d1wdkoUtFlcVO-LcsQwXOjYjOhJd13OGndHclPkQ-FyqNla2oFNC_1uSEwpUtFre5saUhq7QtnunulVn5uDqzZJCV_PyCRJdCEq3FoRAXeXMxIlV_BT87j8A%2526adurl%253D&y=1&s=&z=0
Frame ID: 19ACFA7F797D01C00D897E478EA8F0BF
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=726385%2C543072%2C189095&b=2bEa6f642McDbxwtVHWHkt8t2wk8sWT7TgGHg%2CxEpTQfEwD3Sb4EQSPHdHztQtmMA6CJT6TKkHA%2CzmWfRf4jMkTqXJeCpHBHMtqtPJGKfJTwTQBHW&f=4rmHEf2xVYC26ZesGH9HdtzCM8ZQhZTpT76fK%2CYxeTrfzrEwc9e5DaVH9HetgC6VxYUAT1TdpHr%2C8RpaDf2P46CRgXktgHJHEtqCewZGsPTwTpJHk&c=728&d=90&e=&g=3c7d15364fd15b38b0bd5426270ab2a6%2F4129257182803659990&i=74692%2C108188%2C75077&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116816&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTeOYuzSvZZyBD7fUmLAP3Yyr2APE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Nk5mX0ZTXZZ1S2YFHwvnaUOXCwDkQf6X3KJ08ch8evWc0pJl80RjziLuLFrgvaLAP3H0HuTiG-MtQy4v162vJTK3vOzyTRTu-DnipllzVIHtWR88-7FNCYoZNleUVTcDPqVGSK-z64cTcRV7q0W5bHN7wb1rIXyv1QYIl2WbNq_pxV173jCxaYxbW0hxRsxiji7YH8mc5NTCcN-SdgIJA3DkDvJkN_fnfFiDCCTaK-Ybwx5TzJ9kGtGNUVpBTYaoRw51iQwPONIs-cB-EKW9I4xrAe_KdkxRhjrVhyo9I_8kQqtbfl-ZhaazLrJBma5_78BXJOq8hQuXPHdCML2FAWIpfH8LLULWF3UCDqCFcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliFrfjyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_TGGW2Or_djVvr6u4ETjZNWPAtbvJLXZF3VQJEI5uSI-_ygRbpa-qHOeodXfGGAE%2526sig%253DAOD64_3jLkm-UN7j-jonGkimIAIjU0790Q%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Agb5TLx385SwMUF6-r0kwTFLkVmELfIV0ovq6X2yRo5We8iLq_Ij141h5KY_uBVvTtKvgihE2FQDfBoJv_Wlf1XOlNbRht-icYE4Z9t4tE_XjWw5RK1UetbFbKfUk7DZbv4VHXdISbk4i5a_Dp5naoLIsM0gJ9F_vC2DmWxUOo0raGzRg%2526cry%253D1%2526dbm_d%253DAKAmf-CkY45fHHXYtHehsh2Sv1b43ZbZMhoLktA7XWwM5GbJpsr0h7ChFcuqohMrNStAiMururUK3Ibj-bWmj4gsGUohHiHsPuuyoPTvvUiY67jiwj0F16zHQZRVPetFwBzA3doLipyVxwXOpCJ4gz612BT5cbtZewcPcOfeJ8oul7Qw056eJaW7smG-SqKyuZkHEri_3z1VVWpwrDx1Dfz88DC3nuFyBHGyJ6L8svHFJOOkCErxjkfOovOn74tluFj8f043NxWS9EwlmnV9quCgVhGAx8AHcQgs8hf8xScmKxLA7YKTQ6K1k9vGGKWADfhvmGhp84A1dJeUyNq_beYCGACIalnJOS0H4jfiv_8vyXh9_JlA_6K9ZneB8X8XwsFCYxnkQ60y6EJL1xlkb__anumO2Y12VS6tlycjVn1--HwyHB9cbYQBYCoZnwJuFOKyS8RRsnsXMLAw9-EUdLSAPDYFYPyw16jpTM710zyEfby7KnprdRBd3TcuEY8arWKzcugD5rDV7sFadCXkGFY8yzCb0jU97g%2526adurl%253D&y=1&s=&z=0
Frame ID: EE026B4EC40E10CA8DD9AC3A8F6183CB
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Frame ID: 6B0255C5A76CFB3FB37A4035E5724B10
Requests: 10 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2135726/13212738/13212738.js?ADFassetID=13212738&bv=257
Frame ID: 31A6EFD3B3BCD0B63D9AC5E8D0D322B0
Requests: 12 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000033.html
Frame ID: 181E8C83BD834C7C1BE255514457B606
Requests: 13 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 167DBE5FAA4AAE5A23F5C8DA82CCB8EA
Requests: 6 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 6B920621BF782D5B54F36B0034057E0D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 40A9A6B81D7E70DFF8768CC43654BDCC
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Frame ID: A3845618CD6B2CCF82EBE0F59BA4DA22
Requests: 12 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A90875C4F44EE5B834CCEEC467E98195
Requests: 1 HTTP requests in this frame

Frame: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 4CAA95158548D0ED5ABA52CC8B0741B8
Requests: 2 HTTP requests in this frame

Frame: https://bloggernetwork-d.openx.net/w/1.0/pd
Frame ID: 09D1B5027F388CF54ABC7523801EB419
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=77%2C59%2C2034%2C2033%2C3012%2C2075%2C2030%2C251%2C262%2C461%2C201%2C246%2C4%2C126%2C159%2C2026%2C203%2C10000%2C338%2C459%2C108%2C9%2C109%2C97&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 3543B4FBC6E5790BB277CBA98BDFD2C1
Requests: 1 HTTP requests in this frame

Frame: https://min.tryiqos.ch/trck/ehtmlcontent/449f5b35d42da36109fb9c0488f8191a.htm?tp=onetag&subid=oneidK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaqoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0&contentonly=true&cachebuster=1705981116
Frame ID: 0D132C431740F6F6BD08DBBCE7E9C2EF
Requests: 6 HTTP requests in this frame

Frame: https://mediaintelligence.de/trck/ehtmlcontent/449f5b35d42da361c6190c55668dabcb.htm?tp=onetag&subid=oneidRx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7oneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0&contentonly=true&cachebuster=1705981116
Frame ID: 3D1C08A971B8539271C49C22BD338649
Requests: 10 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2135726/13003660/13003660.js?ADFassetID=13003660&bv=257
Frame ID: BA99D2D6E64FEFD85BB78B70B5C1DFE7
Requests: 12 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ffolkd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: AF117E6C125D981AA8D61ED4421D5B99
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: BD071AB3E0BAAF28C1355625CEF8774C
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6c68086c0c61793&gdpr=&gdpr_consent=&us_privacy=
Frame ID: 698B81C7F677EF774857E614573E9C6D
Requests: 1 HTTP requests in this frame

Frame: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/UIC_Berkant_Okt_Update/UIC_Berkant_300x250_DE/index.html?clicktag=https%3A%2F%2Fmin.tryiqos.ch%2Ftrck%2Feclick%2F449f5b35d42da36109fb9c0488f8191a%3Fsubid%3DoneidK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaqoneid__dbm_Awin_Reach02
Frame ID: DF428CBC6B584E2D1B87F900F99D1E93
Requests: 5 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
Frame ID: 53D990090632D3B169BB9A3542F2DC07
Requests: 1 HTTP requests in this frame

Frame: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
Frame ID: 5AC521D34BAA3246E1DA201B7125BF99
Requests: 1 HTTP requests in this frame

Frame: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
Frame ID: 42DB8B9B3C785F9FF1F22C533125D68D
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 717D16E2052167F910863408FA8A7B07
Requests: 1 HTTP requests in this frame

Frame: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
Frame ID: 801E2FE0AA9514EDF4D3E1041D503289
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: E65DB8A8E8D2111D7ADD718FB154EE18
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI53KJ4TNZxwNK3Bo7AAAAAAA&expiration=1706067518&nuid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&is_secure=true&gdpr_consent=&gdpr=0
Frame ID: 75777129E18B3A26281821CF80387A2E
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 6F172EA8EC0B3D8E0C4CD8B0F474D9FC
Requests: 1 HTTP requests in this frame

Frame: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
Frame ID: AC8DB77E24070E6C969F6AE6F6145F82
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
Frame ID: 990D90D55C38A9F0B25E9847378EE473
Requests: 4 HTTP requests in this frame

Frame: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Frame ID: 8B703D339B79CEC5900DAAF2B182B42B
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements5275.js
Frame ID: 83E0348055E95FDF6E2057EEE9B7E526
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements5275.js
Frame ID: 11024F3F02B1203C1946A20A56E4909A
Requests: 3 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 4DF6EE6B00FFBEA1D1137DC61B5D8DCB
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 5FEA21FD1DCD1300B0E7FD090DA31297
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: BA0F740C0D23B096DA7B7E36A8AEAC4B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tAfc8mllVrldEoksSbg9lJVYG1I&gdpr=0&gdpr_consent=
Frame ID: 6A8BD4E272555659625103920A452907
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 6D70ED42631260D1C68A594D70E2AA3D
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 094662FA22CE90F5ADAC858032FA98F4
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 6801302E8063A4FF7342BAC1FA147E31
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: E00DB3DE21E4CB50EA51E5B027493C60
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 962C5C326787104DF3F4F42E6C55BA56
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=7BC00642-7252-4DDF-B9FE-EF913FD24BAB
Frame ID: 35764791D502E46085BB20809ED6ACDB
Requests: 1 HTTP requests in this frame

Frame: blob://https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/5807da41-9797-4940-a688-dc619cc52d5b
Frame ID: 4CD51A71EE4D5C891ACA6FB48F799990
Requests: 1 HTTP requests in this frame

Frame: blob://https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/6e27bd4d-d685-4492-a2fe-ef722eaf8306
Frame ID: 729E8A8C7C52A23D4357263CB20077BC
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsoft2bet%2F63e10827ee6588a96cb203e2%2Fimages%2F99778680-4e27-4687-a836-22e7b38772e6.png&w=728&h=90&q=85&f=webp&rt=cover&x1=0&y1=512&x2=3164&y2=903
Frame ID: 3150A48894BE3F2A6367ADB986A5CB68
Requests: 4 HTTP requests in this frame

Frame: https://c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/images/718978cb-1bbe-46c8-84f6-ca71404c593b.svg
Frame ID: C3C37B1E9E431474CF87C57680834999
Requests: 4 HTTP requests in this frame

Frame: blob://https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/e3e79e37-4a44-474d-a74c-4b418274bdf2
Frame ID: DDD2B29FED05D00F7E16F9C6D3AFF070
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5D1964255269DA2AA84B2ACC2C126E6B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 963A94B4B55E263260D2F190946508EA
Requests: 2 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsoft2bet%2F63e10827ee6588a96cb203e2%2Fimages%2F99778680-4e27-4687-a836-22e7b38772e6.png&w=728&h=90&q=85&f=webp&rt=cover&x1=0&y1=512&x2=3164&y2=903
Frame ID: 0ABA34A5851F37C7D4D212EF0AFB63AE
Requests: 6 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2380373011570053850&gdpr=0&gdpr_consent=
Frame ID: 7E3D3F2ACD9F904EDDDBF18790AA4D3D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7327133105123162272&gdpr=0&gdpr_consent=
Frame ID: 53DB8F8069F27311553C015CF5C6BA7B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: C7F9C458ED9D706B916BF809123072E2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tAfc8mllVrldEoksSbg9lJVYG1I&gdpr=0&gdpr_consent=
Frame ID: DB94389B55E662C4B6F1AA4EE1294843
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAACx07LXmkAABMh1hX3Cw&gdpr=0&gdpr_consent=
Frame ID: 456DEBADD6B0C8188EF08F4E41A7CD99
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9064062763748439557
Frame ID: 4AB940F1E5880E5AA2E295B7AB392CC9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433832264167376
Frame ID: 79018CF2674C7CD199AF8D1777773A4D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdb73d62c9631481b952ab4182d9b5058
Frame ID: F36C00EDA45DA1320799C3109F39116E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 7932DAC7C78CEB0A323D1618E245B8C0
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 213EAF9FC6E1F54D21F9A3CEA28C1B2C
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: F2E26A03DCFAFB97C06539B2A8DB7D14
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0E2y59DCSnaWXSSnSjbbTQnX&gdpr=0&gdpr_consent=
Frame ID: D87F2CB4722517E752FE1955065CF253
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: A23DE350D0B12BDCCDCDD25FF22D08BD
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: DC6179A5FDA8BC697143B7C9BEDDE1B8
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: B9973A4606E5EE9BC480B7E683676462
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: E818EA9AFE65E3711E846FD90A624500
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: CF9747DC1AA3A18D446E5BE28BD41AAF
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: DF52F8A71C7478A3D0FEC6E4645CD953
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:16455E92FD404CD9B119B145B419BAA5&gdpr=0&gdpr_consent=
Frame ID: E8CF64374C5A8F8DB75EAA9EA6F23254
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7a68961c-d19d-4a2e-9a6e-42f6f3718bd4-003
Frame ID: FB6073FA19CC73FFB35125C0BF8105CE
Requests: 1 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=7BC00642-7252-4DDF-B9FE-EF913FD24BAB
Frame ID: 8B2FAC94DA225A5F60F0F99B5A2F5982
Requests: 1 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=7BC00642-7252-4DDF-B9FE-EF913FD24BAB
Frame ID: AD9B4972C9E86367B9B226F00AA7D550
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Bookmarks are ❤️🚀💯!

Page URL History Show full URLs

  1. https://www.folkd.com/submit/918kiss.xyz// HTTP 308
    https://www.folkd.com/submit/918kiss.xyz/ HTTP 307
    https://folkd.com/submit/918kiss.xyz/ HTTP 301
    https://folkd.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • swfobject.*\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

1101
Requests

85 %
HTTPS

26 %
IPv6

147
Domains

242
Subdomains

152
IPs

16
Countries

9325 kB
Transfer

25299 kB
Size

247
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.folkd.com/submit/918kiss.xyz// HTTP 308
    https://www.folkd.com/submit/918kiss.xyz/ HTTP 307
    https://folkd.com/submit/918kiss.xyz/ HTTP 301
    https://folkd.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88
  • https://btloader.com/tag?aax_id=AAX8RN661&upapi=true HTTP 302
  • https://btloader.com/tag?o=5761653252554752&upapi=true
Request Chain 118
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&dcc=t
Request Chain 119
  • https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp&cc=1
Request Chain 123
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=folkd.com&sn=ChromeSyncframe&so=0&topUrl=folkd.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Ogsf0XxtZWw0ZEZoQ1JxcmttQXR1SDRHcGQ0QW1HTWdKeFdzckxpY0M0TlZ5bzJzWUxGdlhVZjhVclN3Rkg2ZzlHQmxodnJ2RVlFd3ZkVnJYUHJRcHdTcnF3SDA4bzQzQ2NqZXpzZ3g2M2Mrd29rMkpOaDVlSzR4TjhvWWtxOXgreGdrMlBoRjhlYVBVV1d0WE5ONTBkQURNQzZWT0NHVEhtbXhtV3cxS3ZuZzZnK0dlSkJUbHZXMDIvVDFvc2hrK28vRk90VjU5UitqYlJWZlltSStyRklvRktYUzBtZFU4UTB6R2doQ2s3SDhhN0NrNG5kYVJGQWdoc2RWSEFXUU80Y2QvcEpjQU9QRG9TSHhQR3VYTWZOb2g4Vm1qSTFqd3g3cW5nZlhXdk1ZbHlOTT18&cppv=2
Request Chain 190
  • https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/9sycWjWL1zWsF1w1BLrbvV8IO8s/SS6OUQ../Vnayak+SP+-+300X300+PrologBooster.jpg HTTP 303
  • https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/9sycWjWL1zWsF1w1BLrbvV8IO8s/SS6OUQ../Vnayak%20SP%20-%20300X300%20PrologBooster.jpg
Request Chain 192
  • https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/cOqCDFa8HJ_TEP68h-Pf3ZPEAc8/an_hkw../Logo+%282%29new+Brahhhh.png HTTP 303
  • https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/cOqCDFa8HJ_TEP68h-Pf3ZPEAc8/an_hkw../Logo%20%282%29new%20Brahhhh.png
Request Chain 222
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=64df7eaaaa
Request Chain 223
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1 HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AAACx07LXmkAABMh1hX3Cw&ex=beeswax.com
Request Chain 224
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=
Request Chain 225
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7283273328877549246
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPIfjtVgJvU4Pfe9Iniw1jw&google_cver=1
Request Chain 274
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=2380373011570053850&ex=appnexus.com
Request Chain 275
  • https://visitor.omnitagjs.com/visitor/bsync?uid=ee28081dc141859df3e9c39bf89f63cf&name=AMAZON&url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dadyoulike.com%26id%3D%7BuserId%7D HTTP 307
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=adyoulike.com&id=cda9ad6ae9d89adbee8b213567150311
Request Chain 310
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=2380373011570053850
Request Chain 311
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_d269bb32-04bd-499f-9321-dcde753d913c&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_d269bb32-04bd-499f-9321-dcde753d913c&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=75dfa792-243c-4814-8e47-a1f76ddeb89e HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=75dfa792-243c-4814-8e47-a1f76ddeb89e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=98bb7d0c-135b-4588-94ce-d9c554ced3ab&user_group=1&ssp=gumgum2&bsw_param=75dfa792-243c-4814-8e47-a1f76ddeb89e HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=&gdpr_consent=&us_privacy=
Request Chain 312
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=80493234-b0b1-4a3e-a871-85b3360ddb5e
Request Chain 313
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-b407dcf2-6965-56b9-5d12-892c49b83d94$ip$149.88.27.82
Request Chain 314
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-ka57dHVE2pf2WDc7b2vtxBhjjOlY2vSxTgmC~A
Request Chain 315
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=d638ffff-2c6b-4bcc-99b2-9baedfedba95
Request Chain 317
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_d269bb32-04bd-499f-9321-dcde753d913c&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=
Request Chain 318
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=wdNRPUCkbr6Y&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Request Chain 319
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=4714513488865049119
Request Chain 337
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=7283273328877549246&gdpr=&gdpr_consent=
Request Chain 341
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Za80u8Co8YwAAEQbjwAAAAAA
Request Chain 342
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&pi=gumgum&tc=1
Request Chain 343
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 368
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&khaos=LRPT3VT0-1Y-G0V7 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=LRPT3VT0-1Y-G0V7&ex=d-rubiconproject.com&status=ok
Request Chain 384
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LRPT3VT0-1Y-G0V7 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LRPT3VT0-1Y-G0V7
Request Chain 386
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:453465af-34bc-4f00-bef5-1fd5677e3338&gdpr=0&gdpr_consent=
Request Chain 387
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 389
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0xYvLtYXLHHIGnophhVjKoNGenDIGnd-0xtxOLQS
Request Chain 391
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=e8AGQnJSTd-5_u-RP9JLqw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 393
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=919270194
Request Chain 394
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Mm05ZlVicy05MUdUNUsxTnZrdUIwbzJrUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=7283273328877549246&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 395
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0JDMDA2NDItNzI1Mi00RERGLUI5RkUtRUY5MTNGRDI0QkFC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 396
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEK3WkY1n4K7ewVg1dO4NeN0&google_cver=1
Request Chain 398
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7283273328877549246
Request Chain 417
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7x45vUvsTWS2TclJka2AtA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7x45vUvsTWS2TclJka2AtA
Request Chain 418
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRPT3VT0-1Y-G0V7
Request Chain 419
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZIggZOwqQR6LvxwIm41itQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZIggZOwqQR6LvxwIm41itQ
Request Chain 420
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODNmOTNiZjgyOWYzYzkyODVmZWQ5OWUxNmRlNzU4M2Q0Mzc5ZDRmMw
Request Chain 421
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/QuChWFeDdElCymB6W5cPEcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_ucyNNtE2oIMfnGRAwnWOGG.yeU7SesZu4firA--~A
Request Chain 422
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LRPT3VT0-1Y-G0V7&ex=d-rubiconproject.com&status=ok
Request Chain 423
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKO1KRDVYfjR7X2Ye5Pyypo&google_cver=1
Request Chain 424
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJQVDNWVDAtMVktRzBWNw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGVvr48SfLfDNR0WMwEoiFQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJQVDNWVDAtMVktRzBWNw==&google_push=
Request Chain 425
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAACx07LXmkAABMh1hX3Cw&expires=30
Request Chain 426
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRPT3VT0-1Y-G0V7
Request Chain 427
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LRPT3VT0-1Y-G0V7
Request Chain 428
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRPT3VT0-1Y-G0V7
Request Chain 429
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ae402316-816b-45b5-988c-f85dbb27b1e3&expires=30
Request Chain 430
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRPT3VT0-1Y-G0V7
Request Chain 431
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRPT3VT0-1Y-G0V7&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRPT3VT0-1Y-G0V7&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1seEtpQlhORTJ1RnQ5WFJTbndPLnp6cURpUUxzS1VidH5B&ovsid=LRPT3VT0-1Y-G0V7&dpid=58160
Request Chain 474
  • https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0&C=1
Request Chain 492
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=c7bb4041e7e54ef9a286c7845e42f86c HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3205897004932985690 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=2ba2ab41-70c6-45d7-8951-9ef87add91a7 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=a1e8553d-4939-4f92-91b7-55f53500045a%3A1705981116.6828094&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da1e8553d-4939-4f92-91b7-55f53500045a%253A1705981116.6828094%26_%3D1705981116.6842957&cb=1705981116.684327 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433832264167376&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da1e8553d-4939-4f92-91b7-55f53500045a%253A1705981116.6828094%26_%3D1705981116.6842957 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=a1e8553d-4939-4f92-91b7-55f53500045a%3A1705981116.6828094&_=1705981116.6842957 HTTP 307
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=lvr18 HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?domid=1052 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx&google_gid=CAESEM9MOCbn56jBWlnw8-z89WQ&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEM9MOCbn56jBWlnw8-z89WQ&action=GET_ID&etid=&domid=1052 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2380373011570053850&opid=apx&ops=&utidl=tech:goo:CAESEM9MOCbn56jBWlnw8-z89WQ&action=GET_ID&etid=&domid=1052 HTTP 303
  • https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A71812261663
Request Chain 493
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDS-bhrpNLZGf7A3kAf3D7s&google_cver=1
Request Chain 494
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=yQUETMwEBxPSCVFLnAZISJlVURLSCVwcyQhnJeBy
Request Chain 495
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=2336c4e51efd48c8babb93015496f537&expiration=1708573115
Request Chain 496
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=8e0620f2-9a44-4c16-9a13-166deda98989&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 497
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=04874115-f805-1d4a-7878075c
Request Chain 507
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm HTTP 302
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEO8l6kRGAW6gyI-7seFIWsA&google_cver=1 HTTP 302
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEO8l6kRGAW6gyI-7seFIWsA&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=26cbba6903e31548c981986723006a25&uid=26cbba6903e31548c981986723006a25&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0
Request Chain 531
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOilPGYPjrFuf7Qr44ZNEno&google_cver=1 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOilPGYPjrFuf7Qr44ZNEno&google_cver=1&ang_testid=1
Request Chain 532
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEB5as0qm5Kg7lSYCnxzDP6k&google_cver=1
Request Chain 561
  • https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js HTTP 301
  • https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Request Chain 571
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOilPGYPjrFuf7Qr44ZNEno&google_cver=1
Request Chain 572
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEB5as0qm5Kg7lSYCnxzDP6k&google_cver=1
Request Chain 578
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEHPoxzC9kyhEgi6IpdX2H1U&google_cver=1
Request Chain 579
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=YTFmdkMyc1pnRW8
Request Chain 580
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIHFEWS3q0MQPplEPCDI1sk&google_cver=1
Request Chain 581
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za80ux4LORIGoWQwyWak5QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIHFEWS3q0MQPplEPCDI1sk&google_cver=1
Request Chain 582
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=2ba2ab4170c645d789519ef87add91a7 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3205897004932985690 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=2ba2ab41-70c6-45d7-8951-9ef87add91a7 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=6e91cd93-5d5a-4ea2-b2e7-c8ee3088fc55%3A1705981116.8684406&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D6e91cd93-5d5a-4ea2-b2e7-c8ee3088fc55%253A1705981116.8684406%26_%3D1705981116.870299&cb=1705981116.8703332 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433832264167376&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D6e91cd93-5d5a-4ea2-b2e7-c8ee3088fc55%253A1705981116.8684406%26_%3D1705981116.870299 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=6e91cd93-5d5a-4ea2-b2e7-c8ee3088fc55%3A1705981116.8684406&_=1705981116.870299 HTTP 307
  • https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=rd&d.k=acxiom_id&d.u=https://idsync.rlcdn.com/401726.gif?partner_uid={WEBO_CID} HTTP 302
  • https://idsync.rlcdn.com/401726.gif?partner_uid=v3zS0d6CY0GO5W/MGOYBuO
Request Chain 583
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Za80ux4LORIGoWQwyWak5QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIHFEWS3q0MQPplEPCDI1sk&google_cver=1
Request Chain 585
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDS-bhrpNLZGf7A3kAf3D7s&google_cver=1
Request Chain 586
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433832264167376
Request Chain 587
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAACx07LXmkAABMh1hX3Cw&expiration=1707190716
Request Chain 606
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEHPoxzC9kyhEgi6IpdX2H1U&google_cver=1
Request Chain 607
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=V3JCLS1YalBMYTg
Request Chain 608
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIHFEWS3q0MQPplEPCDI1sk&google_cver=1
Request Chain 609
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za80ux4LORIGoWQwyWak5QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIHFEWS3q0MQPplEPCDI1sk&google_cver=1
Request Chain 611
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3133839410895057754 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=c7bb4041-e7e5-4ef9-a286-c7845e42f86c HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=9a07b014-ad2e-49a3-addd-dea1cb9e67f9%3A1705981116.816523&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D9a07b014-ad2e-49a3-addd-dea1cb9e67f9%253A1705981116.816523%26_%3D1705981116.818333&cb=1705981116.8183954 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433832264167376&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D9a07b014-ad2e-49a3-addd-dea1cb9e67f9%253A1705981116.816523%26_%3D1705981116.818333 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=9a07b014-ad2e-49a3-addd-dea1cb9e67f9%3A1705981116.816523&_=1705981116.818333 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEItnTGkuHtN0xuIXx0cOFbQ&google_cver=1
Request Chain 612
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2380373011570053850
Request Chain 614
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB
Request Chain 615
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=Za80ux4LORIGoWQwyWak5QAA%262130 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=Za80ux4LORIGoWQwyWak5QAA%262130
Request Chain 617
  • https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=Za80ux4LORIGoWQwyWak5QAA%262130 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=cc2aa801-4ca5-4833-8ef2-1f58b6885a72
Request Chain 647
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=c7bb4041-e7e5-4ef9-a286-c7845e42f86c HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=5fd43287-42d7-495b-a185-4d2beaf02b62%3A1705981116.665907&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D5fd43287-42d7-495b-a185-4d2beaf02b62%253A1705981116.665907%26_%3D1705981116.668451&cb=1705981116.6684866 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433832264167376&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D5fd43287-42d7-495b-a185-4d2beaf02b62%253A1705981116.665907%26_%3D1705981116.668451 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=5fd43287-42d7-495b-a185-4d2beaf02b62%3A1705981116.665907&_=1705981116.668451 HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=2380373011570053850
Request Chain 648
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1721705916&external_user_id=5d09b1c6-e8e0-4e1e-a1af-31b2250f8040
Request Chain 649
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=486cdbec8421875&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAI3drnKjEVPgM3lMgYAAAAAAA&expiration=1706067516&is_secure=true
Request Chain 650
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=tAfc8mllVrldEoksSbg9lJVYG1I
Request Chain 652
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB
Request Chain 653
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 654
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=f2ee90439dfd5be156428cd0f6d5d&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv1236_7327145198368286646&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 676
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=c7bb4041-e7e5-4ef9-a286-c7845e42f86c HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=97ac3f38-0990-4f21-8d06-64bd4db1b9e7%3A1705981116.6799757&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D97ac3f38-0990-4f21-8d06-64bd4db1b9e7%253A1705981116.6799757%26_%3D1705981116.6822796&cb=1705981116.6823127 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433832264167376&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D97ac3f38-0990-4f21-8d06-64bd4db1b9e7%253A1705981116.6799757%26_%3D1705981116.6822796 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=97ac3f38-0990-4f21-8d06-64bd4db1b9e7%3A1705981116.6799757&_=1705981116.6822796 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjc5N2FjM2YzOC0wOTkwLTRmMjEtOGQwNi02NGJkNGRiMWI5ZTc6MTcwNTk4MTExNi42Nzk5NzU3EAAaDQi96bytBhIFCOgHEABCAEoA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEItnTGkuHtN0xuIXx0cOFbQ&google_cver=1
Request Chain 677
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7283273328877549246&expiration=1707190716
Request Chain 678
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&gdpr=0&gdpr_consent=
Request Chain 679
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3205897004932985690
Request Chain 681
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f34e96997f25fae42w6knu00lrpt3ydq
Request Chain 682
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=P924qFnr1Rs7Cs5
Request Chain 683
  • https://rtb.adentifi.com/CookieIndex HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=188&external_user_id=cuid_e3df6b41-b9a0-11ee-b2f5-1297b61989fd
Request Chain 697
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=2ba2ab41-70c6-45d7-8951-9ef87add91a7 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=adae4bee-b6ac-4f71-aa46-78873262dd40%3A1705981116.8671312&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dadae4bee-b6ac-4f71-aa46-78873262dd40%253A1705981116.8671312%26_%3D1705981116.8688593&cb=1705981116.8689036 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433832264167376&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dadae4bee-b6ac-4f71-aa46-78873262dd40%253A1705981116.8671312%26_%3D1705981116.8688593 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=adae4bee-b6ac-4f71-aa46-78873262dd40%3A1705981116.8671312&_=1705981116.8688593 HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=2380373011570053850
Request Chain 698
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7283273328877549246&expiration=1707190716
Request Chain 699
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3205897004932985690
Request Chain 700
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&gdpr=0&gdpr_consent=
Request Chain 701
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=xHi4vbQT1Rs7Cs5
Request Chain 702
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 703
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB
Request Chain 708
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=2ba2ab41-70c6-45d7-8951-9ef87add91a7 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=8b39ea31-bc9e-4f9a-a0b9-b4858624046f%3A1705981116.9176426&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D8b39ea31-bc9e-4f9a-a0b9-b4858624046f%253A1705981116.9176426%26_%3D1705981116.920526&cb=1705981116.9205608 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433832264167376&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D8b39ea31-bc9e-4f9a-a0b9-b4858624046f%253A1705981116.9176426%26_%3D1705981116.920526 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=8b39ea31-bc9e-4f9a-a0b9-b4858624046f%3A1705981116.9176426&_=1705981116.920526 HTTP 307
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1
Request Chain 709
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2380373011570053850
Request Chain 711
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB
Request Chain 712
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 713
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=16455E92FD404CD9B119B145B419BAA5
Request Chain 714
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4714513488865049119&gdpr=0&gdpr_consent=
Request Chain 715
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAACx07LXmkAABMh1hX3Cw&expiration=1707190716
Request Chain 757
  • https://www.awin1.com/cshow.php?s=2246263&v=11467&q=346415&r=412871&pv=1&pref3=oneidJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtXoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.ch/ztpv.php?awc=11467_412871_1705981116_e4246380-b9a0-11ee-9c4b-223173d2bc6e&insert=AW&gdpr=0&gdpr_consent=
Request Chain 759
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-9chB69L3rJXE67ww_jAptQYa47KTPOB1km_8mA HTTP 303
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=2ba2ab41-70c6-45d7-8951-9ef87add91a7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=liveintent&bsw_param=75dfa792-243c-4814-8e47-a1f76ddeb89e&google_hm=NzVkZmE3OTItMjQzYy00ODE0LThlNDctYTFmNzZkZGViODll HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEGHufNc7gKLd8908-FP2oWc&google_cver=1&ssp=liveintent&bsw_param=75dfa792-243c-4814-8e47-a1f76ddeb89e HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=75dfa792-243c-4814-8e47-a1f76ddeb89e HTTP 303
  • https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=75dfa792-243c-4814-8e47-a1f76ddeb89e
Request Chain 760
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Za80vAAQh9eC1gBH HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Za80vAAQh9eC1gBH&_test=Za80vAAQh9eC1gBH
Request Chain 762
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex
Request Chain 763
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Za80ux4LORIGoWQwyWak5QAA%262130&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZjJlZTkwNDM5ZGZkNWJlMTU2NDI4Y2QwZjZkNWQ=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBmagl9gtLBlKWMWxeSsK0c&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/f2ee90439dfd5be156428cd0f6d5d?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-PkwJlRhE2oPh7uXQdRsnSmjRCrivFmNgchweEaWI~A HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Request Chain 764
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Za80ux4LORIGoWQwyWak5QAA%262130?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Za80ux4LORIGoWQwyWak5QAA%262130
Request Chain 765
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 769
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-9chB69L3rJXE67ww_jAptQYa47KTPOB1km_8mA HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Request Chain 770
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=880155358026&us_privacy=1---
Request Chain 771
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&puid=
Request Chain 772
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=2813f6eb-5f57-45cb-b1f8-ec77547ace46
Request Chain 774
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB
Request Chain 789
  • https://www.awin1.com/cshow.php?s=2246263&v=11467&q=346415&r=412871&pv=1&pref3=oneidJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtXoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.ch/ztpv.php?awc=11467_412871_1705981116_e42fd530-b9a0-11ee-b3cc-2233d0695e79&insert=AW&gdpr=0&gdpr_consent=
Request Chain 795
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-9chB69L3rJXE67ww_jAptQYa47KTPOB1km_8mA HTTP 303
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=2ba2ab41-70c6-45d7-8951-9ef87add91a7 HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=2ba2ab41-70c6-45d7-8951-9ef87add91a7&rd=Y
Request Chain 796
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Za80vAAQhl55OABU
Request Chain 798
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex
Request Chain 801
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d66a4b7b-03af-4ef7-a49c-f9a85e0344f9
Request Chain 811
  • https://www.awin1.com/cshow.php?s=2212629&v=11965&q=343054&r=412871&pv=1&pref3=oneidYxeTrfzrEwc9P1FVH9HetQteZZFAT1TdpHroneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ums-tr.eterna.de/ad.aspx?prog=216609&networkID=21&ch=RT&noredir=1
Request Chain 817
  • https://www.awin1.com/cshow.php?s=2246444&v=11482&q=346440&r=412871&pv=1&pref3=oneid8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHkoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.ch/ztpv.php?insert=AW
Request Chain 841
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Request Chain 842
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Za80vAAQiRnX7ABd HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Za80vAAQiRnX7ABd&_test=Za80vAAQiRnX7ABd
Request Chain 844
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=bd90b368-385c-40bf-b148-9adb8e6492c3&ssp=index&expires=30&user_group=5&bsw_param=75dfa792-243c-4814-8e47-a1f76ddeb89e HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=&gdpr_consent=&us_privacy=
Request Chain 847
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&puid=
Request Chain 848
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=6e1ed3db-8814-47a4-af18-bd8cd70ecd54
Request Chain 872
  • https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js HTTP 301
  • https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Request Chain 874
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&redir=true&gdpr=-1&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Lb6c4pBE2uV5c3Yp1j4IU744CLTx2FE-~A&gdpr=-1
Request Chain 875
  • https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy= HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=wdNRPUCkbr6Y&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
Request Chain 877
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEI2Y8hy9yiEaTwttRcfbX2U&google_cver=1
Request Chain 878
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LRPT3VT0-1Y-G0V7
Request Chain 882
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0&gdpr=0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Za80vAAQiRnX7ABd
Request Chain 884
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBQ3gwN0xYbWtBQUJNaDFoWDNDdw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAACx07LXmkAABMh1hX3Cw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAACx07LXmkAABMh1hX3Cw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4714513488865049119 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAACx07LXmkAABMh1hX3Cw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D4714513488865049119%26bee_sync_partners%3Dox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=4714513488865049119&bee_sync_partners=ox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAACx07LXmkAABMh1hX3Cw&pid=558502&do=add HTTP 303
  • https://us-u.openx.net/w/1.0/sd?val=AAACx07LXmkAABMh1hX3Cw&id=537125688
Request Chain 885
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=d574d2dd91918f5&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAI4nk_AITLTAMR-msDAAAAAAA&expiration=1706067517&nuid={OX_USER_ID}&is_secure=true
Request Chain 886
  • https://sync.srv.stackadapt.com/sync?nid=268&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=tAfc8mllVrldEoksSbg9lJVYG1I
Request Chain 887
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=qCIceDEiy0YpftnpLUTgog==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 889
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=openx&g=1&gdpr_pd=&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 890
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&pi=openx&gdpr=0
Request Chain 891
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=UOCr3VXhqIJL7P7aBePn2QCw_oNL7PONUO2v73Ts
Request Chain 917
  • https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5974%26spui%3D%26dpui%3D%5BUID%5D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5974&spui=&dpui=ed94d654-0e7c-4c62-aeed-999d2e7d20d0
Request Chain 919
  • https://bh.contextweb.com/bh/rtset?pid=562763&ev=1&rurl=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5548%26spui%3D%26dpui%3D%25%25VGUID%25%25 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=wdNRPUCkbr6Y&ev=1&pid=562763
Request Chain 920
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?gpp=&gpp_sid=&ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Za80ux4LORIGoWQwyWak5QAA%262130
Request Chain 921
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=2380373011570053850
Request Chain 922
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=
Request Chain 923
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=4308fdf6-0a57-4885-b68b-9ed3b6b771a1
Request Chain 924
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6985%26spui%3D%26dpui%3D%24UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6985&spui=&dpui=VE3ZpppjjLp8ImazxDqb&gdpr=&gdpr_consent=&us_privacy=
Request Chain 932
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=2ba2ab41-70c6-45d7-8951-9ef87add91a7 HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=2ba2ab41-70c6-45d7-8951-9ef87add91a7&rd=Y
Request Chain 934
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB
Request Chain 936
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=ee08e069-df66-4c1b-b47f-9a3a60ad4043&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=&gdpr_consent=&us_privacy=
Request Chain 938
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 947
  • https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js HTTP 301
  • https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Request Chain 949
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2380373011570053850&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&pi=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D7BC00642-7252-4DDF-B9FE-EF913FD24BAB%26gdpr%3D0%26gdpr_consent%3D&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
Request Chain 950
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7327133105123162272&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D7BC00642-7252-4DDF-B9FE-EF913FD24BAB%26gdpr%3D0%26gdpr_consent%3D&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
Request Chain 951
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=12759afa-0c2a-4f6f-9f4c-d3bd3772b705&ssp=pubmatic&gdpr=0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:cc2aa801-4ca5-4833-8ef2-1f58b6885a72&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 952
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tAfc8mllVrldEoksSbg9lJVYG1I&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D7BC00642-7252-4DDF-B9FE-EF913FD24BAB%26gdpr%3D0%26gdpr_consent%3D&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
Request Chain 953
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAACx07LXmkAABMh1hX3Cw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D1&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=1&ev=AAACx07LXmkAABMh1hX3Cw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAACx07LXmkAABMh1hX3Cw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=pm&bee_sync_hop_count=2&userid=4714513488865049119&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAACx07LXmkAABMh1hX3Cw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3205897004932985690&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:cc2aa801-4ca5-4833-8ef2-1f58b6885a72&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 954
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9064062763748439557 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5d408aec03351902&is_secure=true&networkId=17100&version=1&nuid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI53KJ4TNZxwNK3Bo7AAAAAAA&expiration=1706067518&nuid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 955
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433832264167376 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&pi=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=d0913bc5210176c&is_secure=true&networkId=17100&version=1&nuid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAH7PsphgEUSwMUz6FWAAAAAAA&expiration=1706067518&nuid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:cc2aa801-4ca5-4833-8ef2-1f58b6885a72&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 956
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdb73d62c9631481b952ab4182d9b5058 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D7BC00642-7252-4DDF-B9FE-EF913FD24BAB%26gdpr%3D0%26gdpr_consent%3D&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
Request Chain 958
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 959
  • https://pixel.onaudience.com/?partner=214&mapped=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 960
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Lb6c4pBE2uV5c3Yp1j4IU744CLTx2FE-~A&gdpr=0
Request Chain 961
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&pi=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&pi=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 962
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&pi=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 963
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6642307efb0d176c&is_secure=true&networkId=17100&version=1&nuid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIUjvC2ZXOhwNKMzEYAAAAAAA&expiration=1706067517&nuid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D7BC00642-7252-4DDF-B9FE-EF913FD24BAB%26gdpr%3D0%26gdpr_consent%3D&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
Request Chain 968
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=vidazoo&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
Request Chain 969
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=63ff35f40d98771db0ffa5acb0950ce0
Request Chain 984
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=vidazoo&khaos=LRPT3VT0-1Y-G0V7 HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=rubicon&userId=LRPT3VT0-1Y-G0V7
Request Chain 1003
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2380373011570053850&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1004
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7327133105123162272&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1005
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_a18b21af-1d19-4cda-95ff-827ff27ef05d&bsw_param=75dfa792-243c-4814-8e47-a1f76ddeb89e&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1006
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tAfc8mllVrldEoksSbg9lJVYG1I&gdpr=0&gdpr_consent=
Request Chain 1007
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAACx07LXmkAABMh1hX3Cw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1008
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9064062763748439557 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1009
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433832264167376 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1010
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdb73d62c9631481b952ab4182d9b5058 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1011
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 1013
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:cc2aa801-4ca5-4833-8ef2-1f58b6885a72&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 1014
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcookie%3FpartnerId%3Dgrid%26userId%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D?gdpr=0&gdpr_consent=&us_privacy=&uid=${BSW_UUID}&cookie_age=${COOKIE_AGE} HTTP 302
  • https://sync.cootlogix.com/api/cookie?partnerId=grid&userId=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1027
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=299AE613F0784A61B4BED3AE400DF202&RedC=c.clarity.ms&MXFR=124B546F0EAE60222A1040600AAE6E04 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=299AE613F0784A61B4BED3AE400DF202&MUID=38785A06DFA0652D07F74E09DE0C64ED
Request Chain 1076
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2380373011570053850&gdpr=0&gdpr_consent=
Request Chain 1077
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7327133105123162272&gdpr=0&gdpr_consent=
Request Chain 1078
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433832264167376&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 1079
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tAfc8mllVrldEoksSbg9lJVYG1I&gdpr=0&gdpr_consent=
Request Chain 1080
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAACx07LXmkAABMh1hX3Cw&gdpr=0&gdpr_consent=
Request Chain 1081
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9064062763748439557
Request Chain 1082
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433832264167376
Request Chain 1083
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdb73d62c9631481b952ab4182d9b5058
Request Chain 1084
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 1087
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=8e04288e8c117de2/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D0E2y59DCSnaWXSSnSjbbTQnX%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=1b820cc9a3dab29a3de22b1110b64b33&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D0E2y59DCSnaWXSSnSjbbTQnX%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0E2y59DCSnaWXSSnSjbbTQnX&gdpr=0&gdpr_consent=
Request Chain 1092
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 1095
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:16455E92FD404CD9B119B145B419BAA5&gdpr=0&gdpr_consent=
Request Chain 1096
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1705981121005 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4699507715 HTTP 302
  • https://sync.1rx.io/usersync/turn/3205897004932985690?dspret=1&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7a68961c-d19d-4a2e-9a6e-42f6f3718bd4-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-7a68961c-d19d-4a2e-9a6e-42f6f3718bd4-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7a68961c-d19d-4a2e-9a6e-42f6f3718bd4-003

1101 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
folkd.com/
Redirect Chain
  • https://www.folkd.com/submit/918kiss.xyz//
  • https://www.folkd.com/submit/918kiss.xyz/
  • https://folkd.com/submit/918kiss.xyz/
  • https://folkd.com/
17 KB
8 KB
Document
General
Full URL
https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Express
Resource Hash
5962b920733637e9765fe59ee5f2219b367b21cc2cdef9f2a017a466f927b891
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
849d011bc8d3b7f7-AMS
content-encoding
br
content-security-policy
frame-ancestors 'self'
content-type
text/html
date
Tue, 23 Jan 2024 03:38:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUqvMkohlsEBeyGFqJ4AeVP%2FXYRKnpYhF5BEntlZA83MpCtOV5ccb%2FEiFcVo6JkKVoZQV07FkKtZCS%2FJrt%2BmjSnVn3gjER4sVGvxqXrSIW2ELVr4AwLaTymkICUWeD3VZGN201JmgwP4Jdjuh7s1nelQ9KnS5dbJMt2gOd0PqWwi8zCmUg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
Vercel
strict-transport-security
max-age=63072000
vary
Accept-Encoding
x-bubble-capacity-limit
0 ms slower
x-bubble-capacity-used
0.133 unit-seconds used
x-bubble-perf
{"total":161.4,"percents":{"top":{"bubble_cpu":35.8,"block":64.2,"capacity_rl":0,"other_pause":0,"pre_fiber":0.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":93.6,"appserver_cache_misses_time":0,"redis":79.6,"fiber_queue":2.8,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":7,"derived_cache_memory_misses":7,"serverjson":130,"appserver_cache_attempts":3,"appserver_mem_cache_hits":0,"appserver_cache_hits":3,"appserver_cache_misses":0,"redis":123,"fiber_queue":110,"blocks":109},"misc":{"userdb_results":1,"userdb_data":629,"spent_time":8669263}}
x-coalias-cache
MISS
x-frame-options
SAMEORIGIN
x-powered-by
Express
x-vercel-id
fra1::n25vt-1705981111615-8aaa65bf78de

Redirect headers

cache-control
no-store
cf-ray
849d011b1a3e56c2-IAD
content-length
0
content-type
text/plain;charset=UTF-8
date
Tue, 23 Jan 2024 03:38:31 GMT
location
/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmZO%2FnYBMGbmkMAYZzw0iLvRrI79klX0pYApIx6faD0JU3klfA8ewb%2FNMNSBG7yzJ4gyBMFfpUB4dH9SpAtD9dmUuOqrK4EZSnIUtd5H2Vn54qo6Zg2j9rb8JVXhAs2kzJqTSJMk%2Bo1eUiksRSIQc5cPMplc8yoHKOzQArkE0dnZnTtLGg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
Vercel
strict-transport-security
max-age=63072000
vary
Accept-Encoding
x-vercel-id
fra1::42wpm-1705981111306-7b4ec24b9db8
coalias_meta.js
folkd.com/
2 KB
1 KB
Script
General
Full URL
https://folkd.com/coalias_meta.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
8f97fa5818ba52dd031853fb7ad157e88de94a21f6bb8456db694d66712fe65a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://folkd.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:32 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
fra1:fra1:fra1::t6j2w-1705981112399-7ee7f36060bc
age
2345
etag
W/"dfb47635f4287f89f6f7be3ea53647b7"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="coalias_meta.v1.min.js"
coalias_page_logic.js
folkd.com/
2 KB
753 B
Script
General
Full URL
https://folkd.com/coalias_page_logic.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
becf6fd8cb2a3a36d3d3048c5c9a76dc6accdb80d271f676295b4d55980a68c9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:32 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
fra1:fra1:fra1::2l6n4-1705981112399-745c541139c1
age
5060
etag
W/"46ea127639f56bd939ca5253878d8809"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="coalias_page_logic.v2.min.js"
coalias_static_rewrite.js
folkd.com/
666 B
925 B
Script
General
Full URL
https://folkd.com/coalias_static_rewrite.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
20ba63fa72bdbc6564881789953019784a38095e9ac87ea371498fd93333eaad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
fra1:fra1:fra1::2lgvb-1705981112399-d0483d70aebf
age
7678
etag
"4aa0abbf22845419b75d45095a6fd938"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="coalias_static_rewrite.v2.min.js"
accept-ranges
bytes
content-length
666
early.js
folkd0612.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/
24 KB
9 KB
Script
General
Full URL
https://folkd0612.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b

Request headers

Referer
https://folkd.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:32 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":8.8,"percents":{"top":{"bubble_cpu":27.6,"block":37,"capacity_rl":0,"other_pause":0,"pre_fiber":7.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":8.9,"appserver_cache_misses_time":0,"redis":35.7,"fiber_queue":3.5,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":4,"fiber_queue":5,"blocks":4},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":366397}}
server
cloudflare
age
1550490
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.006 unit-seconds used
timing-allow-origin
*
cf-ray
849d0120b92d995d-FRA
x-bubble-capacity-limit
0 ms slower
run.css
folkd0612.bubbleapps.io/package/run_css/21c0cd2a45541117206c205962b4ebb5d05701651c72fcd745112ca7f4bf0c15/folkd0612/live/index/xfalse/xfalse/
543 KB
37 KB
Stylesheet
General
Full URL
https://folkd0612.bubbleapps.io/package/run_css/21c0cd2a45541117206c205962b4ebb5d05701651c72fcd745112ca7f4bf0c15/folkd0612/live/index/xfalse/xfalse/run.css
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c73e2713d99d94dab10f137eb7e3c03d2fa05ff6f80dc56f1955aef7953486ab

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:32 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":25,"percents":{"top":{"bubble_cpu":39.7,"block":57.2,"capacity_rl":0,"other_pause":0,"pre_fiber":2.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":81.7,"appserver_cache_misses_time":0,"redis":74.4,"fiber_queue":2.4,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":15,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":17,"fiber_queue":14,"blocks":13},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1487418}}
age
21267
cf-polished
origSize=688723
x-powered-by
Express
x-bubble-capacity-used
0.023 unit-seconds used
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
849d0120ba599253-FRA
x-bubble-capacity-limit
0 ms slower
pre_run_jquery.js
folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/
88 KB
32 KB
Script
General
Full URL
https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

Referer
https://folkd.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:32 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":55.3,"percents":{"top":{"bubble_cpu":5,"block":93.1,"capacity_rl":0,"other_pause":0,"pre_fiber":1.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":90,"fiber_queue":1.8,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":3,"fiber_queue":6,"blocks":5},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":417737}}
server
cloudflare
age
4837978
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.006 unit-seconds used
timing-allow-origin
*
cf-ray
849d0120b92e995d-FRA
x-bubble-capacity-limit
0 ms slower
run.js
folkd0612.bubbleapps.io/package/run_js/23c6bfa4d6d721974774540aee387049fb2c1862bceda54cac8e43bf7c285db6/xtrue/x21/
3 MB
797 KB
Script
General
Full URL
https://folkd0612.bubbleapps.io/package/run_js/23c6bfa4d6d721974774540aee387049fb2c1862bceda54cac8e43bf7c285db6/xtrue/x21/run.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
78e5bf0f7c111d526da74e62930274c12f71ad77ded6bd6dd9193b8f48e666c2

Request headers

Referer
https://folkd.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:32 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":26,"percents":{"top":{"bubble_cpu":21.5,"block":71.1,"capacity_rl":0,"other_pause":0,"pre_fiber":2.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":18.3,"appserver_cache_misses_time":0,"redis":18.8,"fiber_queue":3.8,"capacity_wait":6.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":7,"fiber_queue":11,"blocks":10},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":838347}}
server
cloudflare
age
21253
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.013 unit-seconds used
timing-allow-origin
*
cf-ray
849d0120b92f995d-FRA
x-bubble-capacity-limit
0 ms slower
static.js
folkd0612.bubbleapps.io/package/static_js/377deb8517d287914c51e90e35e059656a6c6319cdc52538e0f95dbcad2869c8/folkd0612/live/index/xnull/xfalse/xfalse/xtrue/
1009 KB
116 KB
Script
General
Full URL
https://folkd0612.bubbleapps.io/package/static_js/377deb8517d287914c51e90e35e059656a6c6319cdc52538e0f95dbcad2869c8/folkd0612/live/index/xnull/xfalse/xfalse/xtrue/static.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8e20be163c21dbdf451e1c676883271abc29407bdaa3aa7e013b4dfd36b2c6b3

Request headers

Referer
https://folkd.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:32 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":41.4,"percents":{"top":{"bubble_cpu":58.5,"block":39.9,"capacity_rl":0,"other_pause":0,"pre_fiber":0.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":93.3,"appserver_cache_misses_time":0,"redis":46.7,"fiber_queue":1.4,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":62,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":16,"fiber_queue":17,"blocks":16},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":3628859}}
server
cloudflare
age
15153
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.056 unit-seconds used
timing-allow-origin
*
cf-ray
849d0120b930995d-FRA
x-bubble-capacity-limit
0 ms slower
dynamic.js
folkd0612.bubbleapps.io/package/dynamic_js/ede478c6b8b53f6a21e306e51937769a0aff546b563547919ae2ac1df9a6698e/folkd0612/live/index/xnull/xfalse/xtrue/en_us/xfalse/xfalse/
2 MB
171 KB
Script
General
Full URL
https://folkd0612.bubbleapps.io/package/dynamic_js/ede478c6b8b53f6a21e306e51937769a0aff546b563547919ae2ac1df9a6698e/folkd0612/live/index/xnull/xfalse/xtrue/en_us/xfalse/xfalse/dynamic.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cedf903226b3c65dd60a0ba349211ff4f6705cf3722703f1d7150e410d1923ab

Request headers

Referer
https://folkd.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:32 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":111,"percents":{"top":{"bubble_cpu":15.8,"block":83.6,"capacity_rl":0,"other_pause":0,"pre_fiber":0.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":3.1,"appserver_cache_misses_time":0,"redis":5.6,"fiber_queue":0.8,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":6,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":6,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":2623475}}
server
cloudflare
age
18553
x-powered-by
Express
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-bubble-capacity-used
0.04 unit-seconds used
timing-allow-origin
*
cf-ray
849d0120b931995d-FRA
x-bubble-capacity-limit
0 ms slower
iziToast.min.js
cdn.jsdelivr.net/npm/izitoast@1.4/dist/js/
18 KB
5 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/izitoast@1.4/dist/js/iziToast.min.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
13781
x-jsd-version
1.4.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230054-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"4836-xv1TsKSrwrc/VQJeyyjS62Xbk9Q"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWLgPx05FB0yCv5Y1sel53cBlrvbz5cUyGniu1VFbnuebdE77U40rBqw%2FpLlqabp2owh1CWKtprAdfZAsfkqmntubnxslRPGxzuQEf6gu9IjoREEF3BWJN%2F%2FBIEhiVThs616Zw5boUQ07wwzXTA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
849d0120bc6a9256-FRA
iziToast.min.css
cdn.jsdelivr.net/npm/izitoast@1.4/dist/css/
41 KB
11 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/izitoast@1.4/dist/css/iziToast.min.css
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
13054
x-jsd-version
1.4.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230024-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"a221-0sbNVM+KbAQMKIRLMGVDt27quLg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xTOTNZnK9y%2FCDl%2Bv9CaAprDKPpRfOqbFx4bdnuP3sTi0SRyKq4L%2Ff3dEA%2B42ZrdcKltbSlQjX1L5%2BqoZmENgam3%2FNfwD5mRRS1Ipbz0pvfkDw3D3sJntFy4mm3DdX3aevHEPL93uBMVaG%2F0jfTs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
849d0120bc689256-FRA
openbuild.css
cdn.jsdelivr.net/gh/matmaz99/openbuild-core@latest/
2 KB
984 B
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/gh/matmaz99/openbuild-core@latest/openbuild.css
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce658fec86c1f9a68dfdfcd3a26f13e51f5e6002c96fbfe1010b72810aa6bea8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
21335
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230102-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"610-Hhq7J7BAZ2hStZBftPx+L7C331g"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMlMixFOP6bdsbFv5QsDawjScDgzuouW4C0coUoj3sFZ3eLOwWzj80A8HMufFC7H8LmfufV%2Fr0yPDtZhF%2BExMt9KOzZBFpsRJdB5YWYeSJzx2mgndml3hnV7t0uwt8%2FzCG9aZRv83EEhUJBX2oM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
849d0120bc699256-FRA
xano.min.js
cdn.jsdelivr.net/npm/@xano/js-sdk/dist/
32 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
745097fdeb0ffd3d61c322f951065a79ea6cde580a5746b312028d2ab4995dd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
39986
x-jsd-version
1.0.21
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230023-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"816c-y4fQWjEhnwuADXqNUiHMJJo4LgE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3scH7R8e13apcwmvZmBp1T9u2lipWq0FR%2FAmRAlLMgu1DovpOIeg66Erugd%2BJgPlFAARpcQ7SdTrLey7vBGazVNPl2x7Gag7AEQ93qcPTJsWkfzgPCyictLw4fHBSg%2Bf506dgpeoIh3ndP1NOZE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
849d0120bc6b9256-FRA
js
www.googletagmanager.com/gtag/
226 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7BR5TDFFPC
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
052149bcbc8e59b32d0245b298cb6936fa56da125f4f3f7e965aee65ea436015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81542
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 03:38:32 GMT
65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
monu.delivery/site/5/d/
58 KB
15 KB
Script
General
Full URL
https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
891b68419fdd5fd644fac36a5554fc83c7d36160fbfd56eccc9cc35155d997ac

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:32 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABPtcPrdPRed2PRZliu0gJ_jl71fyMQUIjHhrzoELq72uLGDLtqTP6aRV65Y3roIlsJzTbng9QGFot9duw
transfer-encoding
chunked
x-cache
EXPIRED
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
connection
close
server
nginx
vary
Accept-Encoding
x-goog-generation
1705950905028552
content-type
application/javascript
x-goog-hash
crc32c=x5GcEg==, md5=YA6cRkkvYJ66WRNH5qbpmQ==
cache-control
max-age=7200
x-goog-stored-content-length
59236
expires
Tue, 23 Jan 2024 05:38:32 GMT
css
fonts.googleapis.com/
21 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bf5cb5cbadcbbfb5560f7a66eb69a0bc2aabab171bfc75512f5b4cbebd0880a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 Jan 2024 03:38:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 03:38:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Jan 2024 03:38:32 GMT
data
folkd.com/api/1.1/init/
706 B
2 KB
XHR
General
Full URL
https://folkd.com/api/1.1/init/data?location=https%3A%2F%2Ffolkd.com%2F
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Express
Resource Hash
8f6d694e148066e3fe90ba2f8630b2cbfc3ddb78e445ce5216f85fb5bf8f2160
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://folkd.com/
x-coalias-route
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzA1OTgxMTEyfQ.xy60wtTT6YtbklZO7xi1ao-ADSzoGLFbV3dgixJQ0yM
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
strict-transport-security
max-age=63072000
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
Vercel
x-coalias-cache
MISS
x-bubble-perf
{"total":17.1,"percents":{"top":{"bubble_cpu":30.4,"block":63.6,"capacity_rl":0,"other_pause":0,"pre_fiber":2.3},"sub":{"pp_userdb":17.5,"pp_wait_userdb":0,"http_request":0,"serverjson":13.4,"appserver_cache_misses_time":0,"redis":47.6,"fiber_queue":3.1,"capacity_wait":0}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":8,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":12,"fiber_queue":14,"blocks":13},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":6778798}}
x-vercel-id
fra1::tw5qq-1705981112472-66c9e19d9ce6
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=730XrHk88IQbxF9A0kIONgE%2FtUY%2B3cAW2HpIgRoQpeCU4HLRqDDNqjyi7rLPz%2BMmhVITPQGytsD7loTI6i13d5w6%2B7uIVC0pce3Zj865PZfk%2B5O%2FGeMxfj0ajiLVP0111tzNBABQ4jHiewNuNkowNNiPQQsa%2FpUP4TN%2FAMAYmy4Y4XG7dg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0, must-revalidate
x-bubble-capacity-used
0.104 unit-seconds used
cf-ray
849d01210bd0bbe5-FRA
x-bubble-capacity-limit
0 ms slower
va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 04:17:07 GMT
x-content-type-options
nosniff
age
602485
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23880
x-xss-protection
0
last-modified
Tue, 02 May 2023 14:50:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jan 2025 04:17:07 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:14:16 GMT
x-content-type-options
nosniff
age
523456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:14:16 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 22:07:30 GMT
x-content-type-options
nosniff
age
19862
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Jan 2025 22:07:30 GMT
o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9a6VI.woff2
fonts.gstatic.com/s/notosans/v35/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notosans/v35/o-0mIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjcz6L1SoM-jCpoiyD9A-9a6VI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae90c0029bb3718a5b2ba8022e9f669f08fbed6fbd4c5fb5e101e3ce108c9d6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 17:51:58 GMT
x-content-type-options
nosniff
age
35194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13384
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Jan 2025 17:51:58 GMT
ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2
fonts.gstatic.com/s/publicsans/v15/
26 KB
26 KB
Font
General
Full URL
https://fonts.gstatic.com/s/publicsans/v15/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
432501d7bf47b128295c61f72eeee2e5c2d33755f85db43ba89188408ab9389d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 13:34:10 GMT
x-content-type-options
nosniff
age
482662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26244
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:34:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 13:34:10 GMT
L0x-DF02iFML4hGCyMqlbS0.woff2
fonts.gstatic.com/s/urbanist/v15/
27 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/urbanist/v15/L0x-DF02iFML4hGCyMqlbS0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84221e6c0c5f950b44d38a40bc19ffa9a340b2a5d207cb6f6461b84d474f2555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 17:43:25 GMT
x-content-type-options
nosniff
age
35707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27824
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:09:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Jan 2025 17:43:25 GMT
api.js
www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/dynamic_js/ede478c6b8b53f6a21e306e51937769a0aff546b563547919ae2ac1df9a6698e/folkd0612/live/index/xnull/xfalse/xtrue/en_us/xfalse/xfalse/dynamic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4af1b1852b288b1964f61cd1a1eff6743f14f45e5b7bd5ca14721c39dbacb079
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 23 Jan 2024 03:38:32 GMT
hysaayfb9e
www.clarity.ms/tag/
650 B
1014 B
Script
General
Full URL
https://www.clarity.ms/tag/hysaayfb9e
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b32d53fc4f01372ea08505f9ba214ee30b8f7e464f03c8c7cbb3456015398fb2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
-1
date
Tue, 23 Jan 2024 03:38:33 GMT
x-azure-ref
20240123T033833Z-4we7dwbn9p2vzbhhe7wmfdg9pn0000000150000000001kwe
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
collect
region1.google-analytics.com/g/
0
250 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7BR5TDFFPC&gtm=45je41h0v9135293448&_p=1705981112747&gcd=11l1l1l1l1&dma=0&cid=1374325086.1705981113&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705981112&sct=1&seg=0&dl=https%3A%2F%2Ffolkd.com%2F&dt=Bookmarks%20are%20%E2%9D%A4%EF%B8%8F%F0%9F%9A%80%F0%9F%92%AF!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=322
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7BR5TDFFPC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://folkd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
recaptcha__de_ch.js
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/
506 KB
204 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__de_ch.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa91bf9506874bcdc8c6e193d8d3230599c4d7f55c3268ff476949d3de9b5216
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 23:17:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
534056
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207855
x-xss-protection
0
last-modified
Mon, 08 Jan 2024 05:00:33 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jan 2025 23:17:37 GMT
xdomain_cookie.min.js
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/
5 KB
2 KB
Script
General
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABPtcPoMtn-LBvA_dXgeZYkYKL1gO4j3onLzX7AQMnZzLF9fBlJuWUer3PTNlUVd1lcym5Vq2ke-aCq9pw
transfer-encoding
chunked
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
connection
close
last-modified
Tue, 25 Aug 2020 07:36:03 GMT
server
nginx
vary
Accept-Encoding
x-goog-generation
1598340963244234
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
cache-control
max-age=31104000, public
x-goog-stored-content-length
4733
expires
Fri, 17 Jan 2025 03:38:33 GMT
adpushup.js
cdn.adpushup.com/45626/
601 KB
137 KB
Script
General
Full URL
https://cdn.adpushup.com/45626/adpushup.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/332A) /
Resource Hash
caaecfe6d9db485166e9b6400fbfbadda5a6c054e578463d4bfa3d46b3dd5a7b

Request headers

Referer
https://folkd.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Tue, 23 Jan 2024 03:38:33 GMT
content-encoding
br
age
630354
x-cache
HIT
x-client-device
desktop
content-length
140094
x-ap-device
DESKTOP
last-modified
Mon, 15 Jan 2024 14:02:15 GMT
server
ECAcc (muc/332A)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Tue, 23 Jan 2024 04:38:33 GMT
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
monu.delivery/sitesplit/d3/smartzones/0.4.3/5/d/
573 KB
162 KB
Script
General
Full URL
https://monu.delivery/sitesplit/d3/smartzones/0.4.3/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
82aac3c8a0240268a317299ba5c3eb3ba1205648b3fa2a80e01f0b548d884880

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABPtcPpRAr9t-A0DV4oyVnRG-i4bpP4SUgnZjWB8HnJjniGqsDuvw9BgYJb0NPHszG2PW16aNZI
transfer-encoding
chunked
x-cache
MISS
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
connection
close
server
nginx
vary
Accept-Encoding
x-goog-generation
1705950907867213
content-type
application/javascript
x-goog-hash
crc32c=Yc3Rrg==, md5=CKM9aQuqw52UvHaG21oh1g==
cache-control
max-age=7200
x-goog-stored-content-length
586168
expires
Tue, 23 Jan 2024 05:38:33 GMT
fontawesome-webfont.woff2
folkd0612.bubbleapps.io/static/fonts/
75 KB
76 KB
Font
General
Full URL
https://folkd0612.bubbleapps.io/static/fonts/fontawesome-webfont.woff2
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_css/21c0cd2a45541117206c205962b4ebb5d05701651c72fcd745112ca7f4bf0c15/folkd0612/live/index/xfalse/xfalse/run.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://folkd0612.bubbleapps.io/package/run_css/21c0cd2a45541117206c205962b4ebb5d05701651c72fcd745112ca7f4bf0c15/folkd0612/live/index/xfalse/xfalse/run.css
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-bubble-perf
{"total":6.1,"percents":{"top":{"bubble_cpu":32.8,"block":58.9,"capacity_rl":0,"other_pause":0,"pre_fiber":6.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":54.9,"fiber_queue":3.8,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":5,"fiber_queue":7,"blocks":6},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":300306}}
age
2135130
x-powered-by
Express
x-bubble-capacity-used
0.005 unit-seconds used
content-length
77160
server
cloudflare
etag
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
849d01253af5995d-FRA
x-bubble-capacity-limit
0 ms slower
logo-40px.svg
1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1676897406070x914614085739208700/
2 KB
1 KB
Image
General
Full URL
https://1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1676897406070x914614085739208700/logo-40px.svg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.224.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b26090b7c2ddac21b5731cd0dc5ada44fd88d3b7ee421dd8ddc0a7db2b12c70
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
x-amz-version-id
NoYri7j3dqGJ_o.0cuCTxKXFnTaBUSkL
content-encoding
br
cf-cache-status
HIT
content-security-policy
script-src 'none'
x-amz-request-id
EE849956PH2J36VH
age
21267
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
wwerhB/VQOq9wJkDy0MfXvDvKtzbCLAiC5eSsof5oNMzAOzRYDXbnEM3hpp5yvAyS3a6yY7Mf2o=
x-amz-meta-appname
folkd0612
last-modified
Mon, 20 Feb 2023 12:50:07 GMT
server
cloudflare
etag
W/"98bcc0ebb1abcca0eceef4c5f8ed8d71"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
849d0125f9e50368-FRA
hi
folkd.com/user/
57 B
1 KB
XHR
General
Full URL
https://folkd.com/user/hi
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Express
Resource Hash
e818d03d9342a84db2b79ba5cc85fc6aaec66d773b93dcad734054c6f8f4dc4f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1705981113040x193887199621020500
X-Bubble-Fiber-ID
1705981113246x461503694179394400
X-Bubble-PL
1705981112188x305
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://folkd.com/
cache-control
no-cache
Referer
https://folkd.com/
X-Requested-With
XMLHttpRequest
x-coalias-route
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzA1OTgxMTEyfQ.xy60wtTT6YtbklZO7xi1ao-ADSzoGLFbV3dgixJQ0yM
X-Bubble-Breaking-Revision
5

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf
{"total":5.4,"percents":{"top":{"bubble_cpu":46.1,"block":27.4,"capacity_rl":0,"other_pause":0,"pre_fiber":12.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":9.1,"appserver_cache_misses_time":0,"redis":24.4,"fiber_queue":5.4,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":5,"fiber_queue":6,"blocks":5},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":373580}}
strict-transport-security
max-age=63072000
x-bubble-appname
folkd0612
x-powered-by
Express
x-bubble-capacity-used
0.006 unit-seconds used
x-coalias-cache
MISS
server
Vercel
x-vercel-id
fra1::c7cmp-1705981113254-c748275db769
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2FKNTNQgYISbGWK9nrtXY1afkIICaEjZ0AFtc070ATWQnffZnsBL3bp6tLazfE0v8p2JZNGi9vVO2Pbx0v6Or43Pn1taSsAxUyTDFFeTPb9J8U7%2FLAAFnBtSLjvG9XhKWVkPW5XE8m1BZ1cfUb7TpwfoUrXp6wO6pnUEbSKsbFcgUCLQlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
x-bubble-request-took
5
cache-control
no-cache
cf-ray
849d0125ea6e35e2-FRA
x-bubble-capacity-limit
0 ms slower
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
959 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753774
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5wE21xXCOLMBr6mJg7k6oAieaxOm7sU3ZhrV3ANXJAc7qP6FRkN9Wwtbl%2BicpGzD%2BNAjvYIuQmBGdertefqT%2FFLaAp0gx%2BFx5xJcac77MonITT4dyGdZrJ44pPAV9KkBjijhPhLl1wrcNTP3io%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d0125ffe75d49-FRA
client_log
folkd.com/bug/
4 B
962 B
XHR
General
Full URL
https://folkd.com/bug/client_log
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1705981113040x193887199621020500
X-Bubble-Fiber-ID
1705981113261x770591230457913300
X-Bubble-PL
1705981112188x305
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://folkd.com/
cache-control
no-cache
Referer
https://folkd.com/
X-Requested-With
XMLHttpRequest
x-coalias-route
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzA1OTgxMTEyfQ.xy60wtTT6YtbklZO7xi1ao-ADSzoGLFbV3dgixJQ0yM
X-Bubble-Breaking-Revision
5

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf
{"total":6.6,"percents":{"top":{"bubble_cpu":47.5,"block":36.3,"capacity_rl":0,"other_pause":0,"pre_fiber":10.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":21,"fiber_queue":4.4,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":5,"fiber_queue":7,"blocks":6},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":472503}}
strict-transport-security
max-age=63072000
x-bubble-appname
folkd0612
x-powered-by
Express
x-bubble-capacity-used
0.007 unit-seconds used
x-coalias-cache
MISS
server
Vercel
x-vercel-id
fra1::k7dhg-1705981113269-734ed509e824
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erSpxg862LSfaBVSi2yyoIWGf4dQbuvcsP9czf8WBy4sfRGNbfaUYsILJ9wcKimfIE0o7n7GysopTiY09WqWnzIbG8sJi%2ByePU0zX6dBKdrMMg88XbOX9NSUfcgnntd8B0V5XshiWnhDGh6cjPE4woqQkL9b5%2FdSL84%2BhCc%2F1gJUOK1YWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
x-bubble-request-took
7
cache-control
no-cache
cf-ray
849d01262d832be0-FRA
x-bubble-capacity-limit
0 ms slower
client_log
folkd.com/bug/
4 B
830 B
XHR
General
Full URL
https://folkd.com/bug/client_log
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1705981113040x193887199621020500
X-Bubble-Fiber-ID
1705981113262x929923270611129700
X-Bubble-PL
1705981112188x305
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://folkd.com/
cache-control
no-cache
Referer
https://folkd.com/
X-Requested-With
XMLHttpRequest
x-coalias-route
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzA1OTgxMTEyfQ.xy60wtTT6YtbklZO7xi1ao-ADSzoGLFbV3dgixJQ0yM
X-Bubble-Breaking-Revision
5

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf
{"total":15.5,"percents":{"top":{"bubble_cpu":26.6,"block":52.3,"capacity_rl":0,"other_pause":0,"pre_fiber":19.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":43,"fiber_queue":4,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":7,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":618221}}
strict-transport-security
max-age=63072000
x-bubble-appname
folkd0612
x-powered-by
Express
x-bubble-capacity-used
0.01 unit-seconds used
x-coalias-cache
MISS
server
Vercel
x-vercel-id
fra1::n25vt-1705981113290-0ed44f728f87
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWDbXHLCv51%2B8tp9LSAAK9lB6naPyVFwb77GYfJw91LtyNdgewZZIwSDKcaTOQ2IbRxvwmAPoxKYFoNMwtrRzk%2FrdPuXWEX9Bs%2Fl2423s4ykosu5t8e6sJvo7Jy0wRz%2FBQ0a%2F2p1qBQb3C%2FwyJKCE4hT8J5MqP%2BvuoeKyVztUmCjjzzYJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
x-bubble-request-took
15
cache-control
no-cache
cf-ray
849d01263ad27794-AMS
x-bubble-capacity-limit
0 ms slower
client_log
folkd.com/bug/
4 B
907 B
XHR
General
Full URL
https://folkd.com/bug/client_log
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1705981113040x193887199621020500
X-Bubble-Fiber-ID
1705981113263x450177147057435600
X-Bubble-PL
1705981112188x305
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://folkd.com/
cache-control
no-cache
Referer
https://folkd.com/
X-Requested-With
XMLHttpRequest
x-coalias-route
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzA1OTgxMTEyfQ.xy60wtTT6YtbklZO7xi1ao-ADSzoGLFbV3dgixJQ0yM
X-Bubble-Breaking-Revision
5

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf
{"total":239.2,"percents":{"top":{"bubble_cpu":2.2,"block":2.7,"capacity_rl":0,"other_pause":0,"pre_fiber":95},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":2.2,"fiber_queue":0.2,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":5,"fiber_queue":7,"blocks":6},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":775010}}
strict-transport-security
max-age=63072000
x-bubble-appname
folkd0612
x-powered-by
Express
x-bubble-capacity-used
0.012 unit-seconds used
x-coalias-cache
MISS
server
Vercel
x-vercel-id
fra1::bks2v-1705981113291-ee19282693a1
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tI6r9o22qX3j3l5JZxSmyvmUClxJ2hH4e%2BGJIwhmHBCDFpFsr%2FcYBv4BE%2B1DjXT4Tu12O9BYK4NnJz6cu5uMe96GSmGLbfCt3tD%2FyaGjGeoMFReFRHVy8fOO0lCEN5FXYiZZuIQIwK9a8SEA8zmCym8hBqejE0vfudCF08WIG%2BBEVwx7SA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
x-bubble-request-took
239
cache-control
no-cache
cf-ray
849d01266d1565f6-AMS
x-bubble-capacity-limit
0 ms slower
client_log
folkd.com/bug/
4 B
876 B
XHR
General
Full URL
https://folkd.com/bug/client_log
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1705981113040x193887199621020500
X-Bubble-Fiber-ID
1705981113263x366004552799948500
X-Bubble-PL
1705981112188x305
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://folkd.com/
cache-control
no-cache
Referer
https://folkd.com/
X-Requested-With
XMLHttpRequest
x-coalias-route
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzA1OTgxMTEyfQ.xy60wtTT6YtbklZO7xi1ao-ADSzoGLFbV3dgixJQ0yM
X-Bubble-Breaking-Revision
5

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf
{"total":20.7,"percents":{"top":{"bubble_cpu":31.1,"block":50.6,"capacity_rl":0,"other_pause":0,"pre_fiber":17},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":37.9,"fiber_queue":2.6,"capacity_wait":5.6}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":9,"fiber_queue":11,"blocks":10},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":967233}}
strict-transport-security
max-age=63072000
x-bubble-appname
folkd0612
x-powered-by
Express
x-bubble-capacity-used
0.015 unit-seconds used
x-coalias-cache
MISS
server
Vercel
x-vercel-id
fra1::lmjql-1705981113314-2fa0fd0a05c8
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQ%2FlvBlRLXzErtIWVC9IrSHZPpz5uDZSUgiNye6DMH1irWCExZMzDYpyuXRzkDBXVSbonBEs%2FEhgYbjJsLT1VIG6mj6XEecwWYe40coi07iUvojbc2A1q15o2Q6NyPRd5RnOhxtwmWkmArpZ%2BNKh3zNI4cEvIoUO9N65VqfqZObmV4mWuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
x-bubble-request-took
21
cache-control
no-cache
cf-ray
849d0128da1844be-SIN
x-bubble-capacity-limit
0 ms slower
client_log
folkd.com/bug/
4 B
877 B
XHR
General
Full URL
https://folkd.com/bug/client_log
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1705981113040x193887199621020500
X-Bubble-Fiber-ID
1705981113264x290724648324581760
X-Bubble-PL
1705981112188x305
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://folkd.com/
cache-control
no-cache
Referer
https://folkd.com/
X-Requested-With
XMLHttpRequest
x-coalias-route
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzA1OTgxMTEyfQ.xy60wtTT6YtbklZO7xi1ao-ADSzoGLFbV3dgixJQ0yM
X-Bubble-Breaking-Revision
5

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf
{"total":12,"percents":{"top":{"bubble_cpu":30.6,"block":59.4,"capacity_rl":0,"other_pause":0,"pre_fiber":5.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":47.6,"fiber_queue":3.3,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":7,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":551159}}
strict-transport-security
max-age=63072000
x-bubble-appname
folkd0612
x-powered-by
Express
x-bubble-capacity-used
0.008 unit-seconds used
x-coalias-cache
MISS
server
Vercel
x-vercel-id
fra1::wxf5p-1705981113319-a005b81787b1
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dX8liLSVxVmS%2B%2FyYG0lWAH9l6kJOPIKDkQ1d7G%2BLa9BMooY6iWxCstsdugOJfg8NqLpbn%2FlGycCqnNVelQpxyHKKo7L6bA8lOIVJwSpRqT1uDY9bJk1W8tly1FNH2%2BhCMVCf6%2F%2BLm2B7RTomcYPMBUiedCloU6C82RdrUJiw5UjRaTQ7Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
x-bubble-request-took
12
cache-control
no-cache
cf-ray
849d0128abfb1690-SJC
x-bubble-capacity-limit
0 ms slower
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
920 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753774
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWGDdHwnoh2fCrO0maft8WQTm7vp9p1nVSGQUTHVUZxR64igGpMFpI0r8r3RHi7dn%2BuwETXZvt1N4SOoXAUcDBE4Bx3sQhxCc3fIEcJx3DVE1v0SucRH72jw6GU45d8RArsd2KZA9twnmDidqAE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d01260fea5d49-FRA
arrow-right.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
238 B
838 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-right.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c47b5a01db671339098d535f5e4ba9b1aea4e8f6a587115f3c5fb1c5f536c026
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4842920
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230127-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"ee-sKiN6U34uU57BENu+Y1GOws6S4A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJPb7qURm%2Ffvpk0uIgjiQQPASnhgr326eJP%2B2VJiDTN%2FZFNi5gLMlecK7%2BK%2BZLB8FkO6u6tbTirede7muvJ99GJeu38tJRjy%2Fs0PMwQRzzi0tCWLQCoBIwy6%2FPrC5BZenh9t1VP5ZKZaMQE7L%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d01261ff25d49-FRA
arrow-right.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
238 B
841 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-right.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c47b5a01db671339098d535f5e4ba9b1aea4e8f6a587115f3c5fb1c5f536c026
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4842920
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230127-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"ee-sKiN6U34uU57BENu+Y1GOws6S4A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z6%2FkcoCU%2Fge238SdJKCOGkJjzga6rbEBSuqUiXnLt2haHc5%2BeiP1SG3G%2FJw%2BY1Wz1N1q0UouhBkXnGVQ%2FkZL8DG%2FHnYCrENkZ5GomX14Dn%2FNok%2BdHBHUdKhf0ENBsCs73iZP%2F9A4hnrx2yoHWt0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d01262ff55d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
929 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753774
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qn38jdWbLq9nh%2Fz36n%2FrvtU0QdLDKTfy3pdb6gUZ41yiDhOUD98vBEs6tubefIg3ebWiwSdqTj%2FhI4zQC%2BHaPdLPxyOmJ7PmX6swbjGqWWJ%2FOhIa6%2BF2UiYNgDry4mxYA%2FbLXj91E5or27dDKMY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d01262ff75d49-FRA
mget
folkd.com/elasticsearch/
734 B
1 KB
XHR
General
Full URL
https://folkd.com/elasticsearch/mget
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Express
Resource Hash
8b018f909b3b33093cf97487446278ad476fc1971f425a863384144de528afc4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1705981113040x193887199621020500
X-Bubble-Fiber-ID
1705981113301x901787401361221000
X-Bubble-PL
1705981112188x305
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://folkd.com/
cache-control
no-cache
Referer
https://folkd.com/
X-Requested-With
XMLHttpRequest
x-coalias-route
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzA1OTgxMTEyfQ.xy60wtTT6YtbklZO7xi1ao-ADSzoGLFbV3dgixJQ0yM
X-Bubble-Breaking-Revision
5

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf
{"total":14.5,"percents":{"top":{"bubble_cpu":41.5,"block":54.7,"capacity_rl":0,"other_pause":0,"pre_fiber":4.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":24.4,"appserver_cache_misses_time":0,"redis":52.2,"fiber_queue":2.9,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":9,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":11,"fiber_queue":12,"blocks":11},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":902793}}
strict-transport-security
max-age=63072000
x-bubble-appname
folkd0612
x-powered-by
Express
x-bubble-capacity-used
0.014 unit-seconds used
x-coalias-cache
MISS
server
Vercel
x-vercel-id
fra1::2l6n4-1705981113316-5ce51e8d9393
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ySt98Gv3zIY63GNTE%2FtIsHCjzu8Ez5M85ycxVF19ScjknvMw7znumyamZqKvrbm0mjbLycXEs3CUfNccVX6P4fonzZsvCyMTSgeqS%2FXxWJV%2F1s07IPSjY3oslr9oKjCLbLkLDVl3QhBE7eWzfFX8ZOxnjRX5%2FMuQ%2FQ80NpkpGZBtTYimRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
x-bubble-request-took
14
cache-control
no-cache
cf-ray
849d012649e81c40-FRA
x-bubble-capacity-limit
0 ms slower
me
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/ Frame
0
0
Preflight
General
Full URL
https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/me
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.186.193.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-data-source
Access-Control-Request-Method
GET
Origin
https://folkd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 03:38:33 GMT
expires
Sat, 25 Jan 2014 03:38:33 GMT
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains;
x-app
hit
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
suggestedTagsNew
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ Frame
0
0
Preflight
General
Full URL
https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/suggestedTagsNew?perPage=10
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.186.193.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-data-source
Access-Control-Request-Method
GET
Origin
https://folkd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 03:38:33 GMT
expires
Sat, 25 Jan 2014 03:38:33 GMT
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains;
x-app
hit
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
post_index_feed
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ Frame
0
0
Preflight
General
Full URL
https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=1&latestDate=1705981113256
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.186.193.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-data-source
Access-Control-Request-Method
GET
Origin
https://folkd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 03:38:33 GMT
expires
Sat, 25 Jan 2014 03:38:33 GMT
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains;
x-app
hit
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
me
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/
162 B
691 B
XHR
General
Full URL
https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/me
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.186.193.35.bc.googleusercontent.com
Software
/
Resource Hash
b924c0f3cca5409ff9a2c9641e5610cee45e81ae4d315dc6bfa594dd0d5ca663
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
X-Data-Source
live
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
Authorization
Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
x-app
hit
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
deny
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
*
expires
Sat, 25 Jan 2014 03:38:34 GMT
suggestedTagsNew
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/
4 KB
2 KB
XHR
General
Full URL
https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/suggestedTagsNew?perPage=10
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.186.193.35.bc.googleusercontent.com
Software
/
Resource Hash
0c48fe60a78a5e0d7a84099de90259f8a75e58f9a6e2aee649d82fc42b82b79a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
X-Data-Source
live
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
Authorization
Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
x-query-cache
1
x-app
hit
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
deny
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
*
expires
Sat, 25 Jan 2014 03:38:34 GMT
post_index_feed
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/
38 KB
10 KB
XHR
General
Full URL
https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=1&latestDate=1705981113256
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.186.193.35.bc.googleusercontent.com
Software
/
Resource Hash
3d23336dceed6581535bdba4d8065059fbb2ec11d6538f04221e6019f53fe581
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
X-Data-Source
live
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
Authorization
Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
x-query-cache
1
x-app
hit
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
deny
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
*
expires
Sat, 25 Jan 2014 03:38:33 GMT
link.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
365 B
878 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/link.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
200dc7bef742f1444cb61f8815c670559515190e8c26b22d2321d97f0b9f772b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4844718
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230033-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-7SIfGbMr0v+LWC1mugpE30WyzaY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1NAL8%2F6z42FGHeS1hZv8XKY52rQ%2FHL40MrfAGGWpImW4o%2FAtkK2HsZmr4470ZrN9GlJV0fW2nQvOxTrz3Pm28kDJ3iuFSiXtCVsugpdL%2BLYYrQ3AAJmIHvNyLisjCyVlXfKWGEXp98RQC%2B0%2BLAg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d0126982b5d49-FRA
link.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
365 B
873 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/link.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
200dc7bef742f1444cb61f8815c670559515190e8c26b22d2321d97f0b9f772b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4844718
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230033-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-7SIfGbMr0v+LWC1mugpE30WyzaY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fbx2vdMmrK1etLyzIc8W1CPqtbEsUXSV%2BWtvrFbjlNB94XfudzwJs%2F6MN8i86Oa9CiiD7fAx8Buu5xxooRnPpuTZuqfDhkFqAWkBGQjY4n8wnEl0FCFhc8DyoauzaS3vI2lHrl1qMC1QooozF%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d0126982c5d49-FRA
pb.45626.1704194335010.js
cdn.adpushup.com/prebid/
349 KB
104 KB
Script
General
Full URL
https://cdn.adpushup.com/prebid/pb.45626.1704194335010.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45626/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3322) /
Resource Hash
dc4975745b326c02a0e5589f352a2f1954eba6dcc7425844d153e737d1bfd434

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Tue, 23 Jan 2024 03:38:33 GMT
content-encoding
br
age
1768004
x-cache
HIT
x-client-device
desktop
content-length
106125
last-modified
Tue, 02 Jan 2024 11:17:13 GMT
server
ECAcc (muc/3322)
etag
W/"6593f0b9-57410"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 03:38:33 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/
450 B
452 B
Script
General
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45626/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/330F) /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Tue, 23 Jan 2024 03:38:33 GMT
content-encoding
br
age
14243380
x-cache
HIT
x-client-device
desktop
content-length
211
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
ECAcc (muc/330F)
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 03:38:33 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
97 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45626/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ee699170258d031d0517044298de09587516a0afc4bf0ff58f774774e0d7a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29644
x-xss-protection
0
server
cafe
etag
846 / 19745 / m202401180101 / config-hash: 18080187960036651006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 03:38:33 GMT
apstag.js
c.amazon-adsystem.com/aax2/
283 KB
71 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/45626/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-222.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f7735fce76148ac8c6e0b5e52174312873694d58501188d7c517689343d8775

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:37:42 GMT
content-encoding
gzip
via
1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 b103085320b440f2b61bad94c412ff70.cloudfront.net (CloudFront)
last-modified
Mon, 22 Jan 2024 17:22:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, ZRH50-C1
age
52
etag
W/"40d0d68b26a97aab8ab324d2c4d4ad42"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
wjVAY9RZnr0j9mEo-0PDvOdPbeAXcQeGZse99OM9lyXZ4IKJSHcyQA==
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/
70 B
316 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MDU5ODExMTMzOTQsInBhY2tldElkIjoiMDAwMEIyM0EtMzk5YjU4OTMtNmE0Yi00ZDM5LTg0NzktMWY2ODg3ZGExMjc2Iiwic2l0ZUlkIjo0NTYyNiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vZm9sa2QuY29tLyIsInVybCI6Imh0dHBzOi8vZm9sa2QuY29tLyIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=798
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:33 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://folkd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/
70 B
363 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:33 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://folkd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/
70 B
317 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDU5ODExMTM0MDAsInBhY2tldElkIjoiMDAwMEIyM0EtMzk5YjU4OTMtNmE0Yi00ZDM5LTg0NzktMWY2ODg3ZGExMjc2Iiwic2l0ZUlkIjo0NTYyNiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vZm9sa2QuY29tLyIsInVybCI6Imh0dHBzOi8vZm9sa2QuY29tLyIsIm1vZGUiOjIsImVycm9yQ29kZSI6NywicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJwYWdlR3JvdXAiOiJIT01FIiwiY291bnRyeSI6IkNIIn0%3D&c_b=803
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:33 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://folkd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
clarity.js
www.clarity.ms/s/0.7.20/
60 KB
25 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/hysaayfb9e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
content-encoding
br
last-modified
Thu, 18 Jan 2024 15:10:56 GMT
etag
W/"0x8DC1837ABBF2420"
vary
Accept-Encoding
x-azure-ref
20240123T033833Z-4we7dwbn9p2vzbhhe7wmfdg9pn0000000150000000001kwt
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
94cd686f-801e-0005-7e42-4bfc00000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
config.js
cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/
488 KB
99 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baa8bc545f507b98ebfc8d1bc7a40f0f059c2fe50a86b00150587edf31d542e5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Jan 2024 00:28:59 GMT
server
cloudflare
x-amz-request-id
4CS94SXCJTFD89EW
age
547
etag
W/"1ef298bbaef78e9cb52be0978ecb6976"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
849d01274d05915c-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
8YRSJTd8fucD/KVSY089q6I0A3+ElT/pVz12yvfYt/zvrk5dVELvKiCbC6k2HoJZkbAsg9Zdo3s=
76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
config.aps.amazon-adsystem.com/configs/
564 B
838 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-30.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
4967efe234c6de8d030bacf88cb0a9ec28fda81ab575c77c549393be8658656f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:13:47 GMT
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
1486
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
yvwgIU-dWmcBaXTSYxqcJso6vrnV6bt30uPRS8X3st1GlyFzHSbhww==
publisher.js
client.aps.amazon-adsystem.com/
261 KB
60 KB
Script
General
Full URL
https://client.aps.amazon-adsystem.com/publisher.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-57.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
650f0298a438d1d94ade810ce788458fe92afe47f29a7e14509cdaa813191a99

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:25:45 GMT
content-encoding
br
via
1.1 6678c1810851ff197cbe3fe4c41e86a6.cloudfront.net (CloudFront)
last-modified
Thu, 18 Jan 2024 20:22:26 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P1
age
769
x-amz-server-side-encryption
AES256
etag
W/"5fe3ec08752f6a0a6b19fc890a4f5214"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
MJjBe82KSEohuD8z3CpPXgpmG62sxHqKWhVkWSj9BDwWEw5zK3pbEw==
pbjs
api.id5-sync.com/analytics/1013/
70 B
303 B
Fetch
General
Full URL
https://api.id5-sync.com/analytics/1013/pbjs
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
ba8451f39b0887dfff955335e5bf9007d350bf5c2d9f5ef697e07275ecbc331a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 23 Jan 2024 03:38:32 GMT
cache-control
max-age=300, public
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
prebid
ib.adnxs.com/ut/v3/
138 B
823 B
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4c3dd56744d5eb14af9d4c6da2ff9c0268421d8853e64c4ac13c3722d20e25ad
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:33 GMT
an-x-request-uuid
acb31853-cece-4c2d-82fc-0b8908bf648d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://folkd.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
149.88.27.82; 149.88.27.82; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
461 B
974 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=15&alt_size_ids=9%2C10&rp_schain=1.0,1!monumetric.com,5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7,1,,,&eid_pubcid.org=e7e38ac1-9171-4bdb-9809-cc3a95321041%5E1&rf=https%3A%2F%2Ffolkd.com%2F&tg_i.domain=folkd.com&tg_i.page=https%3A%2F%2Ffolkd.com%2F&tg_i.cat=239%2C264&tg_i.cattax=6&tg_i.id=5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2FJYM01M%2FJYM01M-DDS.B%23sidebar-2&tk_flint=pbjs_lite_v8.12.0&x_source.tid=be17c8bd-3e5b-4437-a882-de519f1b338a&l_pb_bid_id=4e03f6141ed1c9&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=fdb29ec6-8c5a-4b88-920b-190024cbfe55&rp_maxbids=1&p_gpid=%2F20842576%2FJYM01M%2FJYM01M-DDS.B%23sidebar-2&slots=1&rand=0.16042145720397305
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3fa691dbdac3f7fda5ec9d0553907c9bea66ee693833d2891ea709ebadd8202d

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:33 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
461
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/
0
351 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:32 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
prebid
prebid.media.net/rtb/
1 KB
963 B
Fetch
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
5cf4546ecf02750cf89b46a3f1773cd00ddeda2e39281a43502666990a2ec3c7

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:32 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://folkd.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
57
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 03:38:33 GMT
prebid
ads.yieldmo.com/exchange/
0
221 B
Fetch
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-28f81968-7637-4e59-b276-64fe8525c1dc_1_1_ad%22%2C%22callback_id%22%3A%2212d55c5d8429127%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B160%2C600%5D%2C%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%223361241939151101975%22%2C%22gpid%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDS.B%23sidebar-2%22%2C%22tid%22%3A%22fdb29ec6-8c5a-4b88-920b-190024cbfe55%22%2C%22auctionId%22%3A%22be17c8bd-3e5b-4437-a882-de519f1b338a%22%7D%5D&page_url=https%3A%2F%2Ffolkd.com%2F&bust=1705981113449&dnt=false&description=Folkd%20is%20a%20leading%20social%20bookmarking%20app.%20Since%202006%2C%20over%208%20million%20people%20have%20used%20Folkd%20to%20store%2C%20organize%20and%20share%20their%20favorite%20links.%20Join%20them%20today%20for%20free.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Bookmarks%20are%20%E2%9D%A4%EF%B8%8F%F0%9F%9A%80%F0%9F%92%AF!&w=1600&h=1200&pubcid=e7e38ac1-9171-4bdb-9809-cc3a95321041&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%225d65a9fa-c3bc-4e73-b569-1a8af1e68dc7%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e7e38ac1-9171-4bdb-9809-cc3a95321041%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:33 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
translator
hbopenbid.pubmatic.com/
0
109 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/
0
792 B
Fetch
General
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.191.36.239 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
107.191.36.239.vultrusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:33 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
v2
e.serverbid.com/api/
16 B
385 B
Fetch
General
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
pbjs
htlb.casalemedia.com/openrtb/
5 KB
2 KB
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=242369
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5502c36815c77ea729793a5b03c99e2868605a59c64f7d4fe8e7721f705a14b5

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRlNRvVXTBAucWrba9tfh7MrOI4Q4X%2BW6sXjTb0AXHUS3BjWzdBBM%2FAFdBb3n0oJlN64%2FhhbBIJb60WaNk29pvjLhWgvy7xXPlW3MsQlpnWPF8D9SNc8Glp0EUjKVcJWCpSCRVZH"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
849d01276a77bb71-FRA
alt-svc
h3=":443"; ma=86400
expires
0
prebidjs
rtb.openx.net/openrtbb/
53 B
336 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
1930bf2d8033d1d4fc246a7af852b98f8b81432a7753468dd0f780d7ba11d211

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
hb-mm-multi
hb.minutemedia-prebid.com/
83 B
420 B
Fetch
General
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.76.118.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-118-59.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
dfd251cb9efcc375ca2b4edb240bc6deb399ce53798c217afbc0a33cb195cb61

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
server
istio-envoy
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://folkd.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
83
2883dc9e14674531e45e881cdfe71bf7f95d17f8.json
keymap.adpushup.com/urlutmmapping/45626/UrlMapping/
60 B
303 B
Fetch
General
Full URL
https://keymap.adpushup.com/urlutmmapping/45626/UrlMapping/2883dc9e14674531e45e881cdfe71bf7f95d17f8.json
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (muc/3307) /
Resource Hash
4687434dc03b141993982445f5276c6317f1e1a2b92e3032b91f6901dd6592be

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
x-ms-blob-type
BlockBlob
date
Tue, 23 Jan 2024 03:38:33 GMT
age
72738
x-cache
HIT
x-client-device
desktop
content-length
60
x-ms-lease-status
unlocked
last-modified
Mon, 22 Jan 2024 07:13:26 GMT
server
ECAcc (muc/3307)
etag
0x8DC1B19A07D0A40
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
041d0f86-f01e-002d-2c04-4d645a000000
cache-control
max-age=31536000
x-ms-version
2009-09-19
accept-ranges
bytes
expires
Wed, 22 Jan 2025 03:38:33 GMT
14899ee5-1551-4d8e-b861-ceeca425865d
https://folkd.com/
2 KB
0
Other
General
Full URL
blob:https://folkd.com/14899ee5-1551-4d8e-b861-ceeca425865d
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
645c58677e2bfe285d26f92ad76260b7e17c1099970fb4833dd338230ddb2a64

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
1601
Content-Type
application/javascript
xdomain_cookie.html
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame 6ED2
3 KB
2 KB
Document
General
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
nginx /
Resource Hash
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
age
0
cache-control
max-age=31104000 public
connection
close
content-encoding
gzip
content-type
text/html
date
Tue, 23 Jan 2024 03:38:33 GMT
expires
Fri, 17 Jan 2025 03:38:33 GMT
last-modified
Tue, 25 Aug 2020 07:36:09 GMT
server
nginx
transfer-encoding
chunked
vary
Accept-Encoding
x-cache
HIT
x-goog-generation
1598340969597109
x-goog-hash
crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
3440
x-guploader-uploadid
ABPtcPoOigfQnmPvyZ9l4zzqWu7bUPwLEiaCkCFM_sdjnBCY4sRntnEpyLIV6i8xjJF78PcvZi14sC45_Q
m
folkd.com/user/
4 B
905 B
XHR
General
Full URL
https://folkd.com/user/m
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

X-Bubble-Fiber-ID
1705981113475x173470112291521660
X-Bubble-PL
1705981112188x305
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://folkd.com/
cache-control
no-cache
Referer
https://folkd.com/
X-Requested-With
XMLHttpRequest
x-coalias-route
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzA1OTgxMTEyfQ.xy60wtTT6YtbklZO7xi1ao-ADSzoGLFbV3dgixJQ0yM
X-Bubble-Breaking-Revision
5

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
strict-transport-security
max-age=63072000
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
Vercel
x-coalias-cache
MISS
x-bubble-perf
{"total":12.2,"percents":{"top":{"bubble_cpu":20.9,"block":58.9,"capacity_rl":0,"other_pause":0,"pre_fiber":5.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":56.3,"fiber_queue":3.2,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":7,"fiber_queue":8,"blocks":7},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":381813}}
x-vercel-id
fra1::c7cmp-1705981113484-f39d98a01fe4
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tkzfo8fu32bVeY3IEgIluon5sZeavkyEjhPBD5cvJGIix4lM41a2lyU1o0oWqxx9sYPD87SHp%2FcMtlV7j7bpDg82%2BTWKZmvBWhd38puKTmh9yEc3jbCqCLwYTEEC5SxtLDxUBZQprirBrhuOCaaIAk%2FUemxoSUv2Zed6KIYb%2B%2F4GxShZ4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0, must-revalidate
x-bubble-capacity-used
0.006 unit-seconds used
cf-ray
849d01277a78f18f-CDG
x-bubble-capacity-limit
0 ms slower
quant.js
secure.quantserve.com/
23 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 30 Jan 2024 03:38:33 GMT
2e7e1587-d92f-46dd-8721-80b53eccb87e
config.aps.amazon-adsystem.com/configs/
564 B
828 B
Script
General
Full URL
https://config.aps.amazon-adsystem.com/configs/2e7e1587-d92f-46dd-8721-80b53eccb87e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-30.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
66ddc5fe01fd1008308e249e4269310b0c44f2ff169996a930c47d55f9413577

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:53:36 GMT
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
2697
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
564
x-amz-cf-id
zli25avy0a8qbaaf7fQ8CiezUnM1kAZFVyY_TBeRJRGnGgXJrXgFiQ==
config
c.amazon-adsystem.com/cdn/prod/
2 KB
2 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ffolkd.com&pubid=2e7e1587-d92f-46dd-8721-80b53eccb87e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-222.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
7e7827217a94d1d1020058638a3ebc7d637615bbe0696879d60dd75ca50a07f8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 00:18:01 GMT
via
1.1 b103085320b440f2b61bad94c412ff70.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
age
12031
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2120
x-amz-cf-id
kb-QFFeWVoyPSGtJOljRbEpBHmHv_imTpBd1wAn7pNW_G5nfgw5pQw==
bid
aax.amazon-adsystem.com/e/dtb/
163 B
599 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffolkd.com%2F&pid=W2vWDuHlvDr26&cb=0&ws=1600x1200&v=24.117.1925&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-28f81968-7637-4e59-b276-64fe8525c1dc_1_1_ad%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDS.B%22%7D%5D&schain=1.0%2C1!adpushup.com%2C8907fc9c6f7a7ef639cb5332cb90f07d%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
b9b4a80560fbd7a4f13bdac9fbc0b330a43ab3bf6079724362cd1c0cd3ec2527
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 df9ce120cad525bdb160f75cd7b807c2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
XZZ6H9YHYP6SKQ37SWVV
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
163
x-amz-cf-id
vLOACzarrF06bS8MKm0Uht00TyNAog-am3cLNJeg4ojAmmsXT_8Dag==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-222.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 7245e91891539560c1f484b1e46159c8.cloudfront.net (CloudFront)
date
Mon, 22 Jan 2024 08:10:27 GMT
x-amz-cf-pop
ZRH50-C1
age
70087
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
ZcokYyY0-x6fbasxQaw3c1Ltf7h6etE5v7-RLhAgdZdg9yJ6eDq8qw==
config
c.amazon-adsystem.com/cdn/prod/
1 KB
2 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ffolkd.com&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-222.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
1ea6ee0237253d9114205128f9cd7e154f617d144ef478d7f50e388aaba13151

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 00:18:01 GMT
via
1.1 b103085320b440f2b61bad94c412ff70.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
age
12031
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1322
x-amz-cf-id
-0qao8SoQcjZy8DOruY9i_dtjaCX-r0t0xivrUoqBbYIAvKevW9tXw==
sync.min.js
tags.crwdcntrl.net/lt/c/16576/
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 02:12:54 GMT
content-encoding
gzip
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
5140
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
O1zd58LQJXnMBiELdRG5juSR2BlGkzeVGUOYNvhu1eIsqRhS_7YHbA==
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/
14 KB
5 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Tue, 23 Jan 2024 03:53:33 GMT
tag
btloader.com/
Redirect Chain
  • https://btloader.com/tag?aax_id=AAX8RN661&upapi=true
  • https://btloader.com/tag?o=5761653252554752&upapi=true
53 KB
18 KB
Script
General
Full URL
https://btloader.com/tag?o=5761653252554752&upapi=true
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb6a4ede18ce3ace0904a7aa83afccc0b8de437d72cf65bb991bfabce211580d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 23 Jan 2024 03:07:39 GMT
server
cloudflare
age
1747
etag
"49740719c99c348edcee558c4722e14f"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
849d0128092439c2-FRA
content-length
18210

Redirect headers

date
Tue, 23 Jan 2024 03:38:33 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
1747
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
location
/tag?o=5761653252554752&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
849d0127d90d39c2-FRA
id5-api.js
cdn.id5-sync.com/api/1.0/
113 KB
28 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
1DK5WE39BY1AMNWF
age
2542
etag
W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
849d0127dd9d2c2a-FRA
x-amz-id-2
O5k2X7F/+G+TL/g+xKSj5wLwGGuV5X2hOYrz0nz2DIDbvGRMwHPjkVXETl3XxE4LjH5rrFdJl4A=
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/
160 B
636 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:9a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:11:14 GMT
via
1.1 2177a1d449a3e8dc7269040f15d81cb0.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
age
1641
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
_RbVJuWKWELpVSIB3dnQCX0vqaSNaqz2XdMFWXLyR4FTnIO-51vMbg==
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202401101304/
302 KB
93 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab685c3c71fa770524de722fadfa61021debdaf0c7678e24a4ee113779bf7f21

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Jan 2024 18:05:23 GMT
server
cloudflare
x-amz-request-id
803YE505WDKHBGT1
age
1067843
etag
W/"5aabb710020a401097c59bf9249caa6c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
849d0127cd46915c-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
w7hkkDyz91lzzw6MoS55iw0ROM18tQMH2ZZeGODOz319U5l7lqW73aXhp8bd1R7I2kdYMFWB1lQBCWpXvYznQqRTkORjCwk661tUWrT3Bmo=
collect
r.clarity.ms/
0
289 B
XHR
General
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://folkd.com
Date
Tue, 23 Jan 2024 03:38:33 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/
430 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dd0b5724f4bbac4bd58de274236fce36135ce302364b3b8ff5c4c3631e81139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 13:04:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
52437
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138095
x-xss-protection
0
server
cafe
etag
16105826302836755247
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 21 Jan 2025 13:04:36 GMT
map
bcp.crwdcntrl.net/6/
156 B
610 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.162.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-162-23.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ee8470de2e9f9887af0298cbcc9a1f14608993023959bbc6b5957febb917d65f

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:33 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://folkd.com
cache-control
no-cache
x-server
10.45.17.217
access-control-allow-credentials
true
content-length
156
expires
0
pixel;r=222816579;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Ffolkd.com%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-846339850-1705981113552;pbc=;ns=0;ce=...
pixel.quantserve.com/
35 B
372 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=222816579;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Ffolkd.com%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-846339850-1705981113552;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=folkd.com;dst=1;et=1705981113599;tzo=-60;ogl=title.folkd%252Ecom%20-%20Social%20bookmarking%2Csite_name.Folkd%2Cdescription.Folkd%20is%20a%20leading%20social%20bookmarking%20app%252E%20Since%202006%252C%20over%208%20million%20people%20hav%2Cimage.https%3A%2F%2F1bccd00f7acd03ac6a93123768d650c0%252Ecdn%252Ebubble%252Eio%2Ff1676897158315x1747649849%2Curl.https%3A%2F%2Ffolkd%252Ecom%2F%2Ctype.website;ses=4148ee8d-27ad-49eb-aece-24d7a65a2517;mdl=
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/
49 KB
17 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Tue, 23 Jan 2024 03:53:33 GMT
mmt.gif
imps.monu.delivery/
37 B
99 B
Image
General
Full URL
https://imps.monu.delivery/mmt.gif?s=ad49ae27-d15b-4257-8401-f34bde665c73&a=p.d.l&u=JYM01M&d=%7B%22c%22%3A%22CH%22%2C%22r%22%3A%22ZH%22%2C%22p%22%3A%22%2F%22%7D
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:42:44 GMT
age
1025749
x-guploader-uploadid
ABPtcPpyAdN4_5cyjkgyDCfHtCF5sMz4DPCtcIqOUA3clytEehCPIJvhla44gIKzd6KVSzPzHdC_kimNRJClLZ63tiGVlA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 10 Jan 2025 06:42:44 GMT
mmt.gif
imps.monu.delivery/
37 B
531 B
Image
General
Full URL
https://imps.monu.delivery/mmt.gif?s=ad49ae27-d15b-4257-8401-f34bde665c73&a=b.r&u=28f81968-7637-4e59-b276-64fe8525c1dc&d=%7B%22utm%22%3A%7B%7D%7D
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:42:44 GMT
age
1025749
x-guploader-uploadid
ABPtcPpyAdN4_5cyjkgyDCfHtCF5sMz4DPCtcIqOUA3clytEehCPIJvhla44gIKzd6KVSzPzHdC_kimNRJClLZ63tiGVlA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 10 Jan 2025 06:42:44 GMT
state
api.btloader.com/mw/
0
101 B
Fetch
General
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 23 Jan 2024 03:38:33 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/
43 B
339 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1907850
x-guploader-uploadid
ABPtcPpIYU9GYWA9d34v55U3xtuPZwpzH-8zlNuoZeC48JgUSin9ojWXWINElBv9r-OXw11U0tgCQpYCow
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzJXw4oY7cunPNvj2uAN%2BuUEPCDE2ZzgiioBpo2Bd9pqAhWqfGZqesEmn9x6j9r0aSpfIACVuJN39QImuCdE4FdRCOxcFdB8HDyCuiFolm6PgdF9%2F3uawU2uDDld8%2BfqIVTqjMrUDsn%2FRGsFGw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
849d0128abce4d1f-FRA
expires
Mon, 01 Jan 2024 01:46:10 GMT
favicon.ico
ad.doubleclick.net/
1 KB
571 B
Image
General
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 12:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52827
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Jan 2024 12:58:06 GMT
px.gif
ad-delivery.net/
43 B
918 B
Image
General
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.8185082169755082
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1907850
x-guploader-uploadid
ABPtcPpIYU9GYWA9d34v55U3xtuPZwpzH-8zlNuoZeC48JgUSin9ojWXWINElBv9r-OXw11U0tgCQpYCow
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kRlUwpIeZWi8GKyiLth3wrvCcgq2SgQfN9PCbjWmYcoAdQUNUMsqOpz4T%2FvpQnRdIo93XQoeKx1X9B1RzlkbuNntOwGURfTMkjsNL8mjkR5CV1z2bedT%2BPgrl2UTdzGzBvLyHS1wiALRSjY23g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
849d0128abcd4d1f-FRA
expires
Mon, 01 Jan 2024 01:46:10 GMT
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/
190 B
459 B
XHR
General
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:21::1780 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Tue, 23 Jan 2024 04:08:33 GMT
mmt.gif
imps.monu.delivery/
37 B
99 B
Image
General
Full URL
https://imps.monu.delivery/mmt.gif?s=ad49ae27-d15b-4257-8401-f34bde665c73&a=i.r&u=JYM01M&d=%7B%22auPath%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDW.A%22%7D
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:42:44 GMT
age
1025749
x-guploader-uploadid
ABPtcPpyAdN4_5cyjkgyDCfHtCF5sMz4DPCtcIqOUA3clytEehCPIJvhla44gIKzd6KVSzPzHdC_kimNRJClLZ63tiGVlA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 10 Jan 2025 06:42:44 GMT
mmt.gif
imps.monu.delivery/
37 B
99 B
Image
General
Full URL
https://imps.monu.delivery/mmt.gif?s=ad49ae27-d15b-4257-8401-f34bde665c73&a=s.d&u=28f81968-7637-4e59-b276-64fe8525c1dc
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:42:44 GMT
age
1025749
x-guploader-uploadid
ABPtcPpyAdN4_5cyjkgyDCfHtCF5sMz4DPCtcIqOUA3clytEehCPIJvhla44gIKzd6KVSzPzHdC_kimNRJClLZ63tiGVlA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 10 Jan 2025 06:42:44 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
788 B
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
33372
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230100-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tR33tKCLvmEUK21jS0DxuuQ4tGjTtUBl6nD6rkPHEMsudpnBCPpVeYtTx1x75oCdli09yYJPyffBK%2BhgHmQWDFFsftujXABuG63ek%2BCJ%2F7%2FZHuJttPGZMAFqpim3qjtRetbVXYJW7ALxZnWj%2BOs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
849d01289ef89256-FRA
esp.js
cdn.id5-sync.com/api/1.0/
114 KB
28 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
0G7T486CMBRB1J2G
age
1543
etag
W/"3732dd6fc229ed015d7d7eddf157953f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
849d01289ddc2c2a-FRA
x-amz-id-2
bQE5hqVCxgSceTi0PtIPphbPFftyVjgDh7Jd7NIah1bgXd5sNiJa73lARt0LEfIMB11H168PCytFwfnY1fxGtg==
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 20:59:49 GMT
content-encoding
gzip
age
1319924
x-guploader-uploadid
ABPtcPpQMMNmlDFdmPhboX89b1AyXhC6i8onZKp37136uz_RjC3Gkk2_v8ATGNMU0gJgfz0tdXyrVT8BRVMwnkI9IoqkpOY2mloK
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Mon, 06 Jan 2025 20:59:49 GMT
publishertag.ids.js
static.criteo.net/js/ld/
41 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 18 Jan 2024 07:12:05 GMT
server
nginx
etag
W/"65a8cf45-a585"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 24 Jan 2024 03:38:33 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 05:37:13 GMT
content-encoding
gzip
via
1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
79281
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
gwvrhUhTZffSkw7upLda7S1NA9YvWP0xBsnau34CeOlmnyPzSSCjzQ==
uid2SecureSignal.js
cdn.prod.uidapi.com/
3 KB
3 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:fc00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Mon, 22 Jan 2024 06:52:39 GMT
Via
1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
74755
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
i5iHZpaNQhlmDXZNYPckQTzxJJocEZxGAUJ97NBJGWV3iDgLTusf7g==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/
1 KB
1 KB
Script
General
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
d1ed1ba0648e2c4d2e08f815d88ed433
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
ads
securepubads.g.doubleclick.net/gampad/
1 KB
675 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3801837833584460&correlator=387683368193334&eid=31079957%2C31080496%2C31079724&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fifs&iu_parts=20842576%2CJYM01M%2CJYM01M-DDW.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1705981113685&lmt=1705981113&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1374325086.1705981113&ga_sid=1705981114&ga_hid=827497303&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY0-qXo9MxSABSAghkEhkKCnB1YmNpZC5vcmcY0-qXo9MxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGNPql6PTMUgAUgIIZBIUCgVvcGVueBjT6pej0zFIAFICCGQSGQoKdWlkYXBpLmNvbRjT6pej0zFIAFICCGQSFwoIcnRiaG91c2UY0-qXo9MxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjT6pej0zFIAFICCGQ.&prev_scp=sesspv_refresh%3D0_0%26refresh_count%3D0%26pos%3D1%26tabVisibilityState%3Dvisible&cust_params=page_num%3D0%26big4%3Dfalse%26iabCategory%3D264%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse&adks=3006380593&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8c9720ff7b127eeb29eed4649047707162f0d1c57aa8d217f4fb4a47264ed12f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
644
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D8FC
6 KB
3 KB
Document
General
Full URL
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:33 GMT
expires
Wed, 22 Jan 2025 03:38:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/
41 KB
14 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5292e19f60a4ef4b168fc470b7d5c6e0e6d7380d5bde9c0459c65a8efb1cba1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 16:14:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
41022
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13944
x-xss-protection
0
server
cafe
etag
17367371506333809698
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 21 Jan 2025 16:14:51 GMT
map
bcp.crwdcntrl.net/6/
156 B
528 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.162.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-162-23.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c047a1f80d80d4157a386e058ba6df0d836a3e33966744c49746480d2f5fd628

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:33 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://folkd.com
cache-control
no-cache
x-server
10.45.4.40
access-control-allow-credentials
true
content-length
156
expires
0
increment
id5-sync.com/api/esp/
0
224 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
iu3
aax-eu.amazon-adsystem.com/s/ Frame ABD8
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&dcc=t
333 B
1 KB
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
91e30b3abc8f7312124bb2a75a5a3c40a2271fc5d32be803cce36b1376e05e88
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
333
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 23 Jan 2024 03:38:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
79F75M598XWGSJ00RJER

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 03:38:33 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
Z42172JPWWV56WAEZTJK
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp&cc=1
85 B
193 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp&cc=1
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
84df613ecd85c89e75fb6212f5808d88a4e655f3da8b7961fd5159fb32ab6a11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-sZMyp1Oq1Wo8Q43K9xmz5xWiTlU"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 23 Jan 2024 03:38:33 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://folkd.com
location
/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/
229 KB
66 KB
Script
General
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
content-encoding
gzip
last-modified
Mon, 23 Oct 2023 16:23:46 GMT
server
Apache
etag
"394d0-60864a57eaadc-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
67550
expires
Tue, 23 Jan 2024 03:53:33 GMT
encrypt
esp.rtbhouse.com/
201 B
474 B
Fetch
General
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
db05d39ae4bf44734a8276f66803e44b71e49cce115224575f3d948cbd9cbf86

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:33 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
e7c391e6dbb332bd71f22cfec2e498a7
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
201
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
syncframe
gum.criteo.com/ Frame E457
14 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=folkd.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:33 GMT
server
Kestrel
server-processing-duration-in-ticks
365672
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
sid
mug.criteo.com/ Frame E457
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=folkd.com&sn=ChromeSyncframe&so=0&topUrl=folkd.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=Ogsf0XxtZWw0ZEZoQ1JxcmttQXR1SDRHcGQ0QW1HTWdKeFdzckxpY0M0TlZ5bzJzWUxGdlhVZjhVclN3Rkg2ZzlHQmxodnJ2RVlFd3ZkVnJYUHJRcHdTcnF3SDA4bzQzQ2NqZXpzZ3g2M2Mrd29rMkpOaDVlSzR4TjhvWW...
431 B
665 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=Ogsf0XxtZWw0ZEZoQ1JxcmttQXR1SDRHcGQ0QW1HTWdKeFdzckxpY0M0TlZ5bzJzWUxGdlhVZjhVclN3Rkg2ZzlHQmxodnJ2RVlFd3ZkVnJYUHJRcHdTcnF3SDA4bzQzQ2NqZXpzZ3g2M2Mrd29rMkpOaDVlSzR4TjhvWWtxOXgreGdrMlBoRjhlYVBVV1d0WE5ONTBkQURNQzZWT0NHVEhtbXhtV3cxS3ZuZzZnK0dlSkJUbHZXMDIvVDFvc2hrK28vRk90VjU5UitqYlJWZlltSStyRklvRktYUzBtZFU4UTB6R2doQ2s3SDhhN0NrNG5kYVJGQWdoc2RWSEFXUU80Y2QvcEpjQU9QRG9TSHhQR3VYTWZOb2g4Vm1qSTFqd3g3cW5nZlhXdk1ZbHlOTT18&cppv=2
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0b085f379cec1de975355c05a277444bca12e8affe31a69a229a3bd6a1e5aec9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:33 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1002504
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Ogsf0XxtZWw0ZEZoQ1JxcmttQXR1SDRHcGQ0QW1HTWdKeFdzckxpY0M0TlZ5bzJzWUxGdlhVZjhVclN3Rkg2ZzlHQmxodnJ2RVlFd3ZkVnJYUHJRcHdTcnF3SDA4bzQzQ2NqZXpzZ3g2M2Mrd29rMkpOaDVlSzR4TjhvWWtxOXgreGdrMlBoRjhlYVBVV1d0WE5ONTBkQURNQzZWT0NHVEhtbXhtV3cxS3ZuZzZnK0dlSkJUbHZXMDIvVDFvc2hrK28vRk90VjU5UitqYlJWZlltSStyRklvRktYUzBtZFU4UTB6R2doQ2s3SDhhN0NrNG5kYVJGQWdoc2RWSEFXUU80Y2QvcEpjQU9QRG9TSHhQR3VYTWZOb2g4Vm1qSTFqd3g3cW5nZlhXdk1ZbHlOTT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
245488
content-length
0
expires
0
ads
securepubads.g.doubleclick.net/gampad/
30 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3801837833584460&correlator=102136004985757&eid=31079957%2C31080496%2C31079724&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fifs&iu_parts=20842576%2CJYM01M%2CJYM01M-DDS.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&ifi=2&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3Dd73a653a13f2f49f%3AT%3D1705981113%3ART%3D1705981113%3AS%3DALNI_Mb1JF_cD5eBfkgoBO3S1ziePAa9sA&gpic=UID%3D00000d47b8500e9b%3AT%3D1705981113%3ART%3D1705981113%3AS%3DALNI_MbfupWRtW_bgqrzZWS6Cr1ei-ta8w&abxe=1&dt=1705981113944&lmt=1705981113&adxs=1140&adys=464&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=300&psts=AOrYGsman6824urSO2NodxDYNpWvkpYVgvY6Rcgio3v1ixjb&ga_vid=1374325086.1705981113&ga_sid=1705981114&ga_hid=827497303&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABi165ej0zFIABI7CgpwdWJjaWQub3JnEiRlN2UzOGFjMS05MTcxLTRiZGItOTgwOS1jYzNhOTUzMjEwNDEY9uqXo9MxSAASHQoOZXNwLmNyaXRlby5jb20Y0-qXo9MxSABSAghkEhQKBW9wZW54GNPql6PTMUgAUgIIZBIZCgp1aWRhcGkuY29tGNPql6PTMUgAUgIIZBKuAQoIcnRiaG91c2USmAFydGhyUkJKaFNnQ0hDcDh3U1FNem9GUXBNQlhGS21CYys1NmRaQWR2SVNwNEcxYmowWFFxNnYrREZuaWxWRTkxWkF6R0pqMVEwcVQrNHk1YkV1VnRYYlZHT3VZOVVxdDVtaGVRWGl2Sm0xR0dCbVhRekJMSTU5VXdWNnlwQldDeUdjKyszTkpOZEx3VVYvU0YwejBlU0E9PRih7Jej0zFIABIbCgxpZDUtc3luYy5jb20Ym-uXo9MxSABSAghq&prev_scp=pos%3D2%26monu%3D300x250-160x600-300x600_B2%26slotNum%3D1%26placementNum%3D1%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26bidder_responseTime%3Dix_100%26auction_id%3Dbe17c8bd-3e5b-4437-a882-de519f1b338a%26monu_df%3D0.13%26safeframe%3Dtrue%26bid_source%3Dclient%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_adid%3D30b86fdc5457e5c%26hb_bidder%3Dix%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Ddf%26provider_performance%3Dix_notchrome_0.13%26context%3D3_ZH_notchrome%26browser_hour_refresh%3Dundefined_3_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26iabCategory%3D264%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=1824908011&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84ab4c96d63ed2e5b34db2304b4fae23e5dd8e392f9ebef756badab5ffa07d09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13044
x-xss-protection
0
google-lineitem-id
6125545173
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138407554792
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 7A30
2 KB
2 KB
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
6294d5651a5a0202aa93d91b34f3bb5fdde694634a122a41b3c93fbe25c93bbf
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1947
Content-Type
text/html;charset=ISO-8859-1
Date
Tue, 23 Jan 2024 03:38:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
QFSRYA0YG72AMRDBFKXE
pd
google-bidout-d.openx.net/w/1.0/ Frame A616
703 B
862 B
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8ff8245284c5d02b6ca754d8c55be129b2c68e4ed104550a51533073423bedd4

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
444
content-type
text/html
date
Tue, 23 Jan 2024 03:38:34 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
L0x-DF02iFML4hGCyMqrbS10ig.woff2
fonts.gstatic.com/s/urbanist/v15/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/urbanist/v15/L0x-DF02iFML4hGCyMqrbS10ig.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ac86f9bf7cddd7963a2df2dfd00d5bae17aff357eeee30a091c3160d86f4202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:35:13 GMT
x-content-type-options
nosniff
age
522201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16284
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:09:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:35:13 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2
fonts.gstatic.com/s/inter/v13/
78 KB
78 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bfd9fe607d28fd07b05046e622818b8b5b94a358d53853a0d3f03e597cdc71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:28:29 GMT
x-content-type-options
nosniff
age
522605
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79940
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:22:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:28:29 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2pL7SUc.woff2
fonts.gstatic.com/s/inter/v13/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2pL7SUc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15df7612b2f445f4d18846aed403d0ca0947b3f8dead95d4b167621f5faaba57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://folkd.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 02:29:03 GMT
x-content-type-options
nosniff
age
349771
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10540
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:48:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 02:29:03 GMT
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
365 B
896 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6569579
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220027-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARy06g1W1GtbBA3azmk%2BeaveikA6wGHXSKmZ8VDNPikC4ptUtBMLJwywSLjS1QiJoCImJE0uOwRHaMHcWPjL6px6UpJFZuZQy2n27KLiLtWGVMAu9M966OrqeqzasHM5RiNWwYEkIU2Lit0%2F6h4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d4b795d49-FRA
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
330 B
880 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6037542
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230081-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3sIEiDgu1QiJEoel3cV5D43xf2A7wvJKx8UBrhVQbBlYguIGLxxpEt8Fldb5YrPhU93bQDWWqeDsDfbLPGinQQAaNQraJ4zywGrQNhctspdwP69WcgVN2AeOw5yT3TTe0RTcJquFRsGtZsiWNY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d4b7b5d49-FRA
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
359 B
902 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4670965
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230086-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l46ojFWdpbMjxv6Z7R0MEiYwDiEXRB6iqRlmWOUzq0TS08biXkE9sTCcOUKLe3Ltz%2BcqG8O3RioPF6%2B8hqEbJ8wjNWsQgGpf8oa9fK6tQLgdOCwtoMpwBmo4v8GFVa7BjIhbiLaqxNPEeUtlWnU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d4b7e5d49-FRA
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
365 B
902 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6569579
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220027-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1D9PC%2BQ1ZuBYK58kSYI0V5qNVTn%2BB0Va5bq%2B1bnRleupZPy24fuhYm%2Bc4Q3IWWJCBsG7aBRx%2FlURNEnDIQepZf8i7By69znkd45Ratzryz4sKYahK4FQoJAOXycMfSPjm1bSlRJbNTGZG%2Fd6Qpw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d4b825d49-FRA
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
330 B
886 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6037542
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230081-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQa9HgwCwcrMwb8YEmgHsLVSkc2Fqt6ZBcWloThBQO%2Bb4%2FclOaNk8FrNYzA5P1zGbcBMCAkz0jzuT1uzNDse63v%2FYcne79IQsHZ3Kt1V2NPJRe0Qt04QEOW75F6zHSw3vTOXrmkGYnMG2cdUOdk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d4b835d49-FRA
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
359 B
905 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4670965
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230086-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOMV4w5pVv2fvT1vnWnroYA8v8%2BEWa%2Ffk8FmJ2VKDR35F5O0I1DBULZ5EL94jl8bCN02wCXfePiFzW9IHs08HMTiNeCivXWdhSOQ3hCrmHfbzdzDjjUCHQej6wY9ETGNbN2eX3VhkPiEUPv2%2Flo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d5b8a5d49-FRA
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
365 B
897 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6569579
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220027-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wRZkRJCJJmuHpQAxvVdIrUsi3vtUjGtPtT9a3I2rSK3GquZQFWMYWTcyfsmYUGQVNosEFOuylQpbNTY4OM0rJN8Wr4v7aiV8I3dd3JOVdYNGHPb1eooHFR%2BZi%2BAJyBpf7FApgowGCK6uZAZmZes%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d5b8d5d49-FRA
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
330 B
893 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6037542
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230081-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGQLb9KOKV6SmMWPaJQgaMZEi5Q1%2Fx4mDBl4qupEWhNAKkmJ8A8VZMpyCXvFcBqPz27lrH%2Fxl8TGmQlS%2BCn2y8X6eikCKyR%2FX5YhuAw0oYvWVZO%2B%2BKEWDyFHEUsxgghHeQJtmNfLlsEkXThZ4KM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d5b8e5d49-FRA
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
359 B
908 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4670965
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230086-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVUBXH3PFWqGv%2F%2Fi2jJUfqDtaRo49nLV6cyMnFqjdwEfoOvllUb0gdsQbzt6%2BD02P2nEWLvAhYTXVaZdF5QBBHz6KjfrzrSR2Qlk62fMLCITYvOhkL0nJZmjsPG%2BO7YhTMHh50vsbtcmF5IPPR4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d5b8f5d49-FRA
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
365 B
901 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6569579
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220027-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHdR%2BHgNXKL5wUFZJjot0%2BsNqjvl3Jh4Y%2BVHWAJrjiarZkL8PFXOWZpyVYApDUfPJ8CzKJbtkmNmK0lt832DX3z0RCC51VAS0rr4kOwZ8jqDaLlTPnOCSOb6%2B7ge5z7WLP31z%2BVJon31c0FxoAA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d5b915d49-FRA
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
330 B
884 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6037542
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230081-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CPH2gHb%2Fvg1tU1OLyYhwQTcJG46X5kKdOSadiDzZM3MxsKX1iUYdQA4Rlk8mT1lwMKbxp5PCYa172fy20v4r2AZYtlf%2B0hj1WXNxo5cIlFKn0Kz%2F6duSsZw16TUzb1pVkSdvbissx2D3tuhIfE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d6b935d49-FRA
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
359 B
904 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4670965
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230086-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKMXSwKVR%2BseAvdPRdJSxO7rl5G0QTgm6te6MnixafknjzCyzKEeYNAa42E5XQNd5vdVxip9FpJn8DRlrybWmvQ5Atr0u2LQ8oXt%2BCwND7YPJipXR3ZfwqTQr9DUpex9u9qnzLXHXUCNsHygq20%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d6b955d49-FRA
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
365 B
899 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6569579
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220027-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6GkPKMMSIZMrsgV0XPxTNoE1jb6tiJPhnkiqUVyF1vcnRUJQEGp%2FU0%2Fapyy1OP4ckbJXtPHbhkSIb1fOBwEtKicICrQcVtB5%2FXjKhOI7UJX4NpMpJhsnCcnDcOPMZi46GHB78%2BYKfIcU9Gsit1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d6b985d49-FRA
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
330 B
886 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6037542
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230081-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7KaJa73ve%2B0NXg5GwmkKSzBw9eMIckeIKuO%2Bw1dyjIMa2otQ7EvzNoI5mff2hP1nsz8O1TlY%2Fk9fv7aQ3gj9E9noTWYt9nUj4BYd0yEoyI5YV9pkJwLT45Hka7DLHdIQLRXOHJ69W1dyGKesOFw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d6b9b5d49-FRA
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
359 B
905 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4670965
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230086-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DeOLONisQByqRgFZNm2Xv%2B46RF8Qcvn1t8RxGr%2BGBe92lOfETQikzSoYidSUYvZlDoLNw6CCkMR3T82L4b5OjKMtwna0HbJm%2FNpj6MjlXFjzwibILdhgn6PXavbKbRG2nwd6dLuSehDcZjbGgyk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d6b9d5d49-FRA
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
365 B
904 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6569579
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220027-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnCjivY%2Be6YQ36NeyneRyNDhmItAHcHrByPnVIhG1gK3ECUZyf8CbiREB5Ce8aAsu%2B%2BFSOrdoVAkndpFuEP%2FEQcpIs8G3BIuvZJQl8P%2FhozoANlrOyI5Mm6wH4cIn2%2FzTo%2B8C%2FyIz6mEZhdp3iA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d6b9f5d49-FRA
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
330 B
890 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6037542
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230081-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f37tjJ8AQRHOOyQtujd68fT6UruBiy6DSDL6%2BeSZKznL%2BypfQsoYWnvsJC%2BGd9q1rpvhLtC38eF8ItTkKKKvX7khuocDen0yRzceRmIi42WG0aAL%2BkqizScg%2Bweh%2FNHH0pYPQf9m1OcWIvLAKJM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d7ba05d49-FRA
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
359 B
910 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4670965
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230086-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYAazfbJV1SsjElgwsXtIHVyv4GsJxEmXu52Yy3yc1YOQEHZvR%2FVwpHeUM4Kq%2B4J3ud%2FtADPj6GfDPSBk8LbjcGQ9szW%2BKMTySJqgoUTIFJguwC05O%2Fjd2deNxtsD2cOxPjKbOmlJDDFV9%2BhAoA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d7ba15d49-FRA
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
365 B
898 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6569579
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220027-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4Fibx5EcTwQApyir8LglHvjYQKBdeafLjPbyDv3MPUuvvwZ9n43YaKaCQNrBwJodCNzdmbO5MlPKcwwVScaFAfA%2FKn9qc24jvrscJttvJxJWvZHZx4a%2Bp7dQv05v3ZAzWpVPKyMfT4zmq1iUCU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d7ba25d49-FRA
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
330 B
884 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6037542
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230081-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mu3NzTwiOJcnGf0PcSq9Bu3Gwt7ZiFpEsNu4%2Fsgp%2Fom56h241oSMBd46Uk0FdGhFSjJouTJDznBXgx4n5xUPa7X4BrakSKicR8xN5CYNbLgFmRjPXWESqAdF9IRmFcl4nRY3eO6YamgSVL1Sc3A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d7ba55d49-FRA
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
359 B
907 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4670965
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230086-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tymdw8g7rtnGrpDxGuvuJJao6ziVMxDHNS2cYrJeGBlY7jm9GdGh9O3fOTGjHC5HV1%2FMZYZDzb7kmJazQ1KL1kQQpAUq5dicGPGCRJAy%2FDLVIXMd5gXIiIFGJvFlWROEf%2BeNkZWBOzXU9deZB14%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d7ba65d49-FRA
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
365 B
903 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6569579
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220027-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwFCNnCB4%2FcpxUak9mqPQ%2BfO0xB0ECP%2FgpvsxT8Rry1uWq1eaeNdDuxa5PMExvZ1yvKhF%2B0drMnbYKvEZMI4L%2B8vwOmGSE4CxVOpmBv5KaZuzHUfDQqiuDAWzwt7Xw4%2FIhKbIo6klkMHs2Hh5ek%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d7ba75d49-FRA
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
330 B
889 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6037542
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230081-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BvHdiktp%2B7GQdxOSOiwj5TTR1mr6BKoV0z4Il99L4rbodHL0xfNfw1%2FIvBaEgO5tB4WnhL0O6Z2O0L%2Bf%2BxlPbROoxapvRbhb7ztRkg7mxL%2BnFmTEmcb%2FR4o0akuHl4lqk2dqPx3ostCMDduIVq8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d8ba85d49-FRA
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
359 B
912 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4670965
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230086-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsiQ01j%2Bx55FB9%2B%2Ft5VnkPwuSrt7QB4bBHQOYsbquQ0fXWdFOBiJKkWtjHzPrEfghDPlYUMdm1TAXsXK0%2BV6PRNs%2BEhkVcI%2FfP0A2H09FDBNX9gyX%2FI3iMBIPsnKsz1iskE4K3PE4qtS5%2FTyMcE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d8ba95d49-FRA
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
365 B
896 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6569579
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220027-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6vucLDIJgNk275OwdqoLyXczqkQcnGNIUTkcr7q2ECUliFn9Aql8i%2FYwXd9nCY5ta5WV9Rd2pO41%2BEV2Iwk3ncK2zyujAx8rU7eP4wPtjAUFo85ZDXd5AyOE6iFjREvX2DiyqVZjo8aWqs2dmA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d8bab5d49-FRA
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
330 B
887 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6037542
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230081-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xookE6UXb9MXqiCoXdz%2BYEoHRqlrD43aL970%2BlNnw6u5Dpmh%2BiGats34ccDj9Tl76gSXp7JbW%2Fyw8QKt5z7%2Fn3f6YMs1xtzlTKpuD1iSpp3aCoMsvMgjKlLsvk3NXAeZy2MonHXjfpYPOuegezo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d8bac5d49-FRA
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
359 B
906 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4670965
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230086-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYi9Sk3LGXWSRmn%2FrLf2Au0NT9ZtsfjmlbJkPd6fKTlGOehg%2Baz4p0WALWXxM7cFmuq8yHSKCOdVjJ2%2BlL8PN15V8m7Io8PwuU1gqNTgwG4r%2B801MRYqT0F1NTZXOiVJBGRwTK9MO1M8bfTGd6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d8bae5d49-FRA
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
365 B
905 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6569579
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220027-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhALf8zce9LDwBGl%2FyjoaceOZX6reABuFYPQvhmU%2FclfT1JXg5J7nIkthBXRHU9nr5%2FcI60kUkWKeQFdQzC3T%2F2AZXvohDVmeJ2GIB%2BN9Wn%2FHSkuX8f93intUZJO8tS%2BXT32XMwP83k5ro%2BMKyQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d8bb25d49-FRA
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
330 B
892 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6037542
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230081-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oit6EcbWm%2BUGDjpyIRlu%2B27TnGj%2F2ESM69gi9MPBmDxgVWizGpmTERT4%2FqRpwc8NNZUxroECJdPDrDsAfr3hIf1%2Boco%2BzvCP75Cv%2BJGAwvTj44MdLaVfkqocAtqaojYEfKWWRBVejoVzEbcojlI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d8bb35d49-FRA
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
359 B
904 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4670965
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230086-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPN6sLCdaF4Ok8XknGH4dYl5jyiLRNECVNcw5xPBrxxUOJmyVsiA2J2ZutgK8vPa2d4hFQMMIPjkCzqQgAc%2BH2jN2bkAs15MdHeQvw1a1hav%2BtYDZeYceK4Wg3rD4dVAZS%2FcNtnXmyCSrgNBT6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012d9bb75d49-FRA
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
365 B
902 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6569579
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220027-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sm8Xh%2Ba%2BNfMO0X6Lp6Fn0xMI56z0Q4xcuhK1YmxnJtZ9YbMhRUios5hxfMqmtSCYhlhoQz%2BRV3bFqMo8vsYG0oaE3GTb%2FD8NJBNt5G%2BSF7cHBlX%2B6hRENwdFjqkHc8z%2BqptaDuHW7knA47Ollv0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012dcbf05d49-FRA
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
330 B
888 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6037542
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230081-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KeVXsXWyIg6QYFcjaCwAgGMfYi8%2BNVUwJlZCXOjuOP0aD36PqlBiDQRPiL0r5Vjt7wxuEIE07ZOCI412oW5Ow4j4izZkCVxR%2FrLzUIXMVCa%2FTGDJ7YNKEzIcAaCSd7iaczDlsRBU23wiNw4ZuEk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012dcbf35d49-FRA
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
359 B
907 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4670965
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230086-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XeN6i9VqOzclTXRx2%2BlNVufSsYF9f7pHcLpUrh9btUBkzjqqh8PJOkBYARAjyw2uBhsW5S2HjmNIFLxJot6%2FHXORAYsWQCRAP%2BGrecDx9%2Fa%2BHoFn09gZdsx369naLmk9QQ9ecWOeTH3bpoD5gRs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012ddbf85d49-FRA
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
365 B
898 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6569579
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220027-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHm2M8sDGR7RqxvZkleh0k6PL%2BcN%2B99kkZPTvp26ihaD2D9vBFHwwHx7xU4mswWU03h1kgevDOtKGjKPxLtkv0Khl1gCXarTjvyKGqfHSRp3y1mzKqjSaZiBax3DkPfgNhTJttHtSGdYpWKlH%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012ddbf95d49-FRA
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
330 B
893 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6037542
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230081-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQb6iRe4Jk9tGCPITCrtaFlFvtPm4Y1Ox6lXpVTheoMApVkXz%2BtH%2BE6l9r%2BltQkwH%2FFJFqEtQ2HFQEo7pn7C1ZhT%2F%2Bv413H%2F9Un3eujzofaSV9SwIvOQRnTTlAsjgGb%2B79nLEnUiDb1lLfQwvPE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012ddbfa5d49-FRA
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
359 B
905 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4670965
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230086-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1MQq3DoW0XnF%2FL5UrV3XazQK16zYNFS%2Bi%2FoVL031y6rHcJZXFDlGjTLpV5wEmq0jsLwx0S801OhucNtnlYc5BvRUQc9Rs09ROq2ckVFcjFb%2Fyx6ayJ6MWxcWYscYj0DUtNBXPohSpVRVaUlmmaY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012dec005d49-FRA
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
365 B
898 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6569579
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220027-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g48Qp4HUGGRULkfHf%2FPglhCDQRd7pDvaEoKKwMiqoOxYjJBky6ouCs8uGuOpoj5kc8IDnwu9P1fuOx3NtNCqwft%2BEMH1mvIGSbWVodTsmA9nkghhf96ZzkmZvSErQbtz5Il%2BBtmI7hX4mJZAEs4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012dec015d49-FRA
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
330 B
888 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6037542
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230081-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbC8%2BZGqSE6qeaoATweKAb0eo6Vyl3vQARk8d%2BcH5LZo7IN144GI9gCGLfoVpKaqr7JjzY8I7HQ8%2BtAYg%2F8IrtRlsmISFFEUQoA22GQqDOC%2BO53feDzrCGmmazwWgr5iw3ETRpFYS3R5Dsvo0G8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012dec025d49-FRA
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
359 B
913 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4670965
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230086-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmuN4wuJfLwivQ%2FM5HOe%2FmFzvlj0T5QyFpJeiMCQfPd3qdVZ2hVpXCvGIqBGVBfj%2BWw3i6pXS%2Bl5jbVBXtySVRhH3CxB9CC0Zaodxbbd2oTfDl9OuQ3mstwwQ%2BjOiQFx%2BqmjOoRlr3r%2BkhJ%2B9e8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012dec065d49-FRA
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
365 B
901 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6569579
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220027-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1JWMurglStGB9%2FYAMydvsOk9lxc8cK8UgWc2VDs5KiXHjPpIxrp3bynGMnQlT8MIuOi2K5jkFggh3JZoX5n3mqay%2Fmy7HVd8OO5bJ%2BSQkMXQnQYbEmPP%2FX3YG7SfC%2BTqdqlgBB6bvF5OJW0FuI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012dfc075d49-FRA
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
330 B
886 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6037542
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230081-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z6bDlffaAb7ItVtwKkVlMO4Ox194GtNXszpSgMEjTOcZUsAhN4jVeYcWf2sj47hKBJ3C3H9fKGMc3z%2BURvYC7%2BWbKkIfYTbqUojB9k50ITrgxh4vJG7HinMWixV%2BFMQXtO9lYmlrxC2t5ru0sgc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012dfc085d49-FRA
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
359 B
900 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4670965
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230086-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xc53KPhXgr8IRvujgXaqbQqSiDbybAFzsdDLDIovJhFQblBLao5Xn7NJZxAHytv4IgchHdoJHTMytjalMqdKPDMcPFq7GgyhhovEa66vNa9mpusep6nzwBRF6KklXmcDxvnymzbUjH4uQaIPaTA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012dfc105d49-FRA
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
365 B
896 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6569579
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220027-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRLeksa5YvlcHMUXo1Pru0epu5RLaSLfXViVLDe0iOxlBoZli6NWosI1wmTXcOg4FMbuyRX%2F78Zwz5J%2BzoeH6UAWLP4gxweW%2FTOo3M8smLfRM8i5rXq60C1PUz1xpk23%2Fcowr27EL5ekgSietcg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012dfc125d49-FRA
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
330 B
889 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6037542
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230081-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSghcaUuFdKoE7gYKuIe0j4KtoHSVtjDKvoeZiZSS9%2B6zmKuOIyvwM0ZTWqPXg%2BQEk%2Fa12VnwPh2HUU5tE5lJyNiCC4YtWFSRJZORRaPdxNmYMYYNUTn0NbN%2FC1qHYfcSMSCjsy0RAiYCz13JAk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012dfc135d49-FRA
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
359 B
916 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4670965
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230086-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVVIGvF1hbagqZly2mmzX2LR8VnZ%2FM%2FUOqmFAcQjG%2BTW1tLLoNHEI%2FyQZ%2FsoDpHg2OECX1XYMFJJCiDScR7Rr1%2FRNHQpMKY%2B%2BJcUt38CRKZzAkO0EVJL0%2FEnI87Kn%2BEhBG4ooAmvAY6X6c7kOuI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e0c195d49-FRA
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
365 B
901 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6569579
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220027-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ryy6SDAVkXJBdcs5ZmMJTXwjUEiKfOt%2BwQKh6OVkQ2XSJBLJVSEeo6diXs0cb5YM2LDpg3Jdt6NNaCUncJvD1ZwCEaa8H5RbMRgs%2FkvHpXAeGyxImFX%2FxWxCNy3MxQqn%2BfOuQoZ6zBPbcByuh8E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e0c1a5d49-FRA
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
330 B
890 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6037542
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230081-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mpz9yohntGp9mjz%2FJMM8gOB%2FYLXZcl8p7Yug1SrPIAdKZumvudL7MWikmuTq5HbPz9dmh6GC5pskONEvmF4RbBVCYIf1RwGt%2Bmkh6unSVIo%2FqsBZ9tdHkN%2FU8xJOXhpI9ilne%2B0Gn8wxn6i3emo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e0c1b5d49-FRA
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
359 B
902 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4670965
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230086-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tia2xy367egwHFr6OnCBgGyb%2B0qytkf6uu1V1olnwqeFuy3zZIdlPitmICST%2BVu1pX4Z9isHuuwPHLRJEQ3YK1abk9XltMpyx24IWzhebyMvJJ4iR6IbjXXmPHXaTgyz3YJX5Vkoe5FFtc0mAY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e0c1f5d49-FRA
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
365 B
903 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6569579
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220027-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hh%2BBJLT5tM4%2FwWgB0KA%2BOSUARVBakbX4fzK%2BjU0Eep8bd6%2BttINcol1PHbkAlM0VY%2BEdRj%2Fi2RK4oQtZR0fOnTZAzl5NHlEisLiaabVmU4qsQzRquwIP0GIbD0HYDDN7aPpPfFbHH4tKoJJHYk8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e0c205d49-FRA
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
330 B
891 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6037542
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230081-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GObos23fYjjfD2F17iPs3KujHYv324kEMk0%2Flb205Oy0KbpuzeJhYqLXanIePqVjvRGda866tIet5K3nG6OXpKETIDiKaLwYqxA2WyzJZONmZ%2F%2BC%2FLF6rOfRWHuBBFFNqHwfhXZT6DYg%2F%2Fcy66k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e0c225d49-FRA
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
359 B
903 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4670965
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230086-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=trrDMIKrCythrs407qg14dqSeRqmBxZC5JWN%2FeVxdABTyGF0kYw6U30KaHI0jqBlvzoEHwSagO2ihw5A4KYRAbn4%2F6Tp9WfD0P8J2I7BXmYy3sDKxDWpskyDp6Hnm9RtUOSF80uKRkGPR0JgQ5o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e1c295d49-FRA
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
365 B
897 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6569579
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220027-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLwvanWIrs1mTB7S87SQhw%2Bu9saprBG01oW73ZghzeSWYmMyGjncG1y5X%2FzkY%2BlLTaeO2Z%2FX6GXPas2fOeiiD7BtdgKZqYl9lUjrm2EWzzxcTvdk7aiq7Q2PzqhY641F6GmcbZbGEioRSvDhHT0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e1c2b5d49-FRA
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
330 B
891 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6037542
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230081-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCIhzgtbr3wF%2BeFz9eSKUvrc7X3DJ%2BiJPz6Bl3x%2BFe6ZMaph8UxsJMczg9ptXnyr1b3Vr8Bh9ggJTFBfxIBjzj0BISKKQl6JHv%2FRF0OJHa0%2FSxwurAewOUPc19Xpikq873Y5z3hmJmcA%2FENUpBI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e1c2c5d49-FRA
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
359 B
912 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4670965
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230086-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9VBMYs2ZIF1xG34VKIVhDMdHSLvtrEJRZO%2Fm%2F%2B3GouNtZBZZsB71r91WfXR3VRt3%2BDc07nxt%2BkrtmkF7FlxnqYjRn%2FUBzf5WP6xkMrYoZw3rXXBC2bYAoVGPVLS2lLyURGtDJe%2Bovp9Z6TdRi8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e2c2f5d49-FRA
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
365 B
904 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6569579
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220027-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EL25m8mreDNLxq%2F%2B34kz2ja%2FIeOn9pzB40DXDmROUr4SdltywCdxVc4zdvNq8T%2FHb3KJlJOj01RFzQpmxOes11cHTJU%2FSU%2F6ZBIWyu%2BHlVD2SRuDsMOWK45Lj6En9YQBUtZjPZ67wSDR0ezwouo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e2c315d49-FRA
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
330 B
888 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6037542
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230081-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqEUPvqCXA7OgisKGXBxTs%2B%2BR%2BMFKBkp8gvgM4PUEt2tsD4UHSU4nJeC4O%2B2lpxI9beKcmveLSWV0fa4iDZzGGAnqfV1DMziprjs2P9NWzcW9xGryJcgemFyyjcdfI9ESoYtIg4XFtoSFOIDk8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e2c325d49-FRA
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
359 B
906 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4670965
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230086-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FX2uN%2BisEBdFGgU%2BAlOA5YcuJqV2b54NNUjSSECsueiKofUFKbzJIUQ31rXNU80Aqcn%2Brdd%2FsaGIhGENw0OF%2FK9tphYctdsbHYnHNTiHkj01XBHftzEqqe1DLYE9m38AKshGLrN8BpKsu2KjmM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e2c335d49-FRA
arrow-path.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
365 B
899 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6569579
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220027-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhHMM%2FufHZuCxpxh%2BINVcl%2Bdgv6qiBJvxpGAdeir1GO8wQnE4SbLDCc01B3%2BE9UjuIo3t14HRa7HlFKXGMPUyL86B8zEcQIilEXVaNUMnUWAgE9RHqBVYnUo7S1xSt2vNlEAYekip5i4uy1AFSw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e3c375d49-FRA
bookmark.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
330 B
891 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6037542
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230081-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fySDYYQMQrSdwO6vX9qyJQEWv%2BPeurWIyvu0H1hZxF3l6Yoq0wN6SIMBzE%2FPEvZVsx74LG25UG46Vp%2FEsHlDnKMdDhO1lXyjN9QgZ5JQymP92W9BVogzFh85dCXhK9OIDA%2Frzh4ygDBPrZr5udY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e3c385d49-FRA
heart.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/
359 B
911 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4670965
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230086-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXzP1CN5UDcq1AVj3iErfSVBJS7TQEnUe8bCqL38ubmkd5W1JfyH2ZmoUPXzJ4C4sZFOYSoJZkcXC278jx54UwCmbF17YZQIXh5uLdfhnym9ZcPaYeHwQR%2BHw%2FK%2FqJh%2FZm1Gg71do%2B%2Fam%2FNoMoc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e3c3c5d49-FRA
Vnayak%20SP%20-%20300X300%20PrologBooster.jpg
storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/9sycWjWL1zWsF1w1BLrbvV8IO8s/SS6OUQ../
Redirect Chain
  • https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/9sycWjWL1zWsF1w1BLrbvV8IO8s/SS6OUQ../Vnayak+SP+-+300X300+PrologBooster.jpg
  • https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/9sycWjWL1zWsF1w1BLrbvV8IO8s/SS6OUQ../Vnayak%20SP%20-%20300X300%20PrologBooster.jpg
14 KB
15 KB
Image
General
Full URL
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/9sycWjWL1zWsF1w1BLrbvV8IO8s/SS6OUQ../Vnayak%20SP%20-%20300X300%20PrologBooster.jpg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
2a00:1450:4001:809::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
330f30b07c8369325432d9fa0e46841ab20853f781459d43c9949da1cddc92d6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:37:47 GMT
age
48
x-guploader-uploadid
ABPtcPpE6EXxAjByT0NJv99GtFXGX6E6wP_E5VcTPrMjujd34Jmh2TCLYiBO2XkVG2sJDSKhJ-U
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14587
last-modified
Wed, 10 Jan 2024 06:48:17 GMT
server
UploadServer
etag
"6306f22f321bb8b2acd420b2b9d38236"
x-goog-generation
1704869297297800
x-goog-hash
crc32c=O8dZSA==, md5=YwbyLzIbuLKs1CCyudOCNg==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
14587
accept-ranges
bytes
content-type
image/jpeg
expires
Tue, 23 Jan 2024 04:37:47 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
x-frame-options
deny
access-control-allow-methods
GET, OPTIONS
content-type
text/html; charset=UTF-8
location
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/9sycWjWL1zWsF1w1BLrbvV8IO8s/SS6OUQ../Vnayak%20SP%20-%20300X300%20PrologBooster.jpg
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
Cache-Control, Content-Type, Content-Length, Authorization, Accept, Accept-Encoding, User-Agent, X-Requested-With
x-xss-protection
1; mode=block
expires
Wed, 24 Jan 2024 03:38:34 GMT
Using%2BQuora%2Bto%2BDrive%2BTraffic%2Bto%2BYour%2BBlog.webp
1.bp.blogspot.com/-r0uQ5ROa0yg/YHBDCTXh6NI/AAAAAAAARho/uPe0wr4VrcMO5SEj_0XF7WEIs_xRUztFwCLcBGAsYHQ/s0/
101 KB
101 KB
Image
General
Full URL
https://1.bp.blogspot.com/-r0uQ5ROa0yg/YHBDCTXh6NI/AAAAAAAARho/uPe0wr4VrcMO5SEj_0XF7WEIs_xRUztFwCLcBGAsYHQ/s0/Using%2BQuora%2Bto%2BDrive%2BTraffic%2Bto%2BYour%2BBlog.webp
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
204a126edc6abd43f702a155ed708e1d4d6f5ffef7197f066511a81978ad5a5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:20:59 GMT
x-content-type-options
nosniff
age
1055
content-disposition
inline;filename="Using Quora to Drive Traffic to Your Blog.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103502
x-xss-protection
0
server
fife
etag
"v461b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 24 Jan 2024 03:20:59 GMT
Logo%20%282%29new%20Brahhhh.png
storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/cOqCDFa8HJ_TEP68h-Pf3ZPEAc8/an_hkw../
Redirect Chain
  • https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/cOqCDFa8HJ_TEP68h-Pf3ZPEAc8/an_hkw../Logo+%282%29new+Brahhhh.png
  • https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/cOqCDFa8HJ_TEP68h-Pf3ZPEAc8/an_hkw../Logo%20%282%29new%20Brahhhh.png
57 KB
57 KB
Image
General
Full URL
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/cOqCDFa8HJ_TEP68h-Pf3ZPEAc8/an_hkw../Logo%20%282%29new%20Brahhhh.png
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
2a00:1450:4001:809::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1392da57c2f3f4a5b34523272c09e3fd637c9572feb6e3e8d0847bb24ce08121

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:37:47 GMT
age
48
x-guploader-uploadid
ABPtcPqbUGLDF9bI1IMpJZ-tGikIld4A5-D-20N4g80T6J2z13lqaz4fQMMn-3X2KoiY2EwqMiM
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58486
last-modified
Thu, 02 Nov 2023 07:43:04 GMT
server
UploadServer
etag
"1ccb73d5222447b4710455ad1ce53fbc"
x-goog-generation
1698910984231208
x-goog-hash
crc32c=llAhbQ==, md5=HMtz1SIkR7RxBFWtHOU/vA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
58486
accept-ranges
bytes
content-type
image/png
expires
Tue, 23 Jan 2024 04:37:47 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains;
x-content-type-options
nosniff
x-frame-options
deny
access-control-allow-methods
GET, OPTIONS
content-type
text/html; charset=UTF-8
location
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/cOqCDFa8HJ_TEP68h-Pf3ZPEAc8/an_hkw../Logo%20%282%29new%20Brahhhh.png
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
Cache-Control, Content-Type, Content-Length, Authorization, Accept, Accept-Encoding, User-Agent, X-Requested-With
x-xss-protection
1; mode=block
expires
Wed, 24 Jan 2024 03:38:34 GMT
ml-mesa-family-law-location.jpg
mymodernlaw.com/wp-content/uploads/2021/12/
26 KB
26 KB
Image
General
Full URL
https://mymodernlaw.com/wp-content/uploads/2021/12/ml-mesa-family-law-location.jpg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f788d3eb180f3627d8597324bf01e9c22c50d04a35a5efd65ab31b0d7ed79a0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
cf-cache-status
MISS
last-modified
Sat, 05 Feb 2022 01:17:22 GMT
server
cloudflare
etag
"61fdd022-67e2"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
cf-ray
849d012e8ccebbb0-FRA
alt-svc
h3=":443"; ma=86400
content-length
26594
soi-keo-tran-dau-giua-nhat-ban-vs-indonesia-luc-18h30-ngay-24-1-2024-afc-asian-cup.jpg
keochuan.tv/wp-content/uploads/2024/01/
75 KB
75 KB
Image
General
Full URL
https://keochuan.tv/wp-content/uploads/2024/01/soi-keo-tran-dau-giua-nhat-ban-vs-indonesia-luc-18h30-ngay-24-1-2024-afc-asian-cup.jpg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd74f234a0a311775b11b5d55c226cf0ba278d6e02cc087d30ab81ee10d282f
Security Headers
Name Value
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options "nosniff" always
X-Xss-Protection "1; mode=block" always

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
"max-age=31536000; includeSubDomains; preload" always
x-content-type-options
"nosniff" always
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
76390
x-xss-protection
"1; mode=block" always
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 22 Jan 2024 22:03:05 GMT
server
cloudflare
etag
"65aee619-12a66"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5F3Bppk0dvhHaJGfMw9DsrR7bKx0Pn386tIia6VwetjpzISE7xgJyEXQsb4QzJVipEu87EiK4sAzoBlqFituy5BaL%2FVkivGjlyydeUgPbPMRvI1VwmeuHOX7ZMH9N6ElCv5gO92OL35XA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges
bytes
cf-ray
849d012eada66f87-CDG
expires
Wed, 22 Jan 2025 03:38:34 GMT
4.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgiXonWCjDkP4CLXxRuz3EVQxV_WOiS4C58sTdbig9HHSzljsw50grVja_H8Gep4UOozNCugZbcVR9NfA114-tqhnn5n-2WvK8MU9mBOFhtiau-TJxskzstLV8vZDZZaAH8VxgaMizoB3W3fD3...
84 KB
84 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgiXonWCjDkP4CLXxRuz3EVQxV_WOiS4C58sTdbig9HHSzljsw50grVja_H8Gep4UOozNCugZbcVR9NfA114-tqhnn5n-2WvK8MU9mBOFhtiau-TJxskzstLV8vZDZZaAH8VxgaMizoB3W3fD3mEl80IKGgdH7_flBhC2baB8zaBljvkv-hdTu5QzCT-Y/w1200-h630-p-k-no-nu/4.jpg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a70eb6e0553b8c7aa32b2a6ea38598ccb648f07803cebc1c9df16ec04000fed2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
x-content-type-options
nosniff
server
fife
etag
"ve0"
vary
Origin
content-type
image/jpeg
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="4.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85921
x-xss-protection
0
expires
Wed, 24 Jan 2024 03:38:34 GMT
Aeroplane-Plastic.jpg
wholesaleusb.com.au/wp-content/uploads/2022/03/
38 KB
38 KB
Image
General
Full URL
https://wholesaleusb.com.au/wp-content/uploads/2022/03/Aeroplane-Plastic.jpg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.28.187.227 Sydney, Australia, ASN20473 (AS-CHOOPA, US),
Reverse DNS
s6-syd.intesols.com.au
Software
LiteSpeed /
Resource Hash
3c4ac01f07cc863564dfe803f6beb04f6f48c3f1902882e77633abde6d6bc965

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
last-modified
Tue, 29 Mar 2022 08:04:40 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
38988
expires
Tue, 30 Jan 2024 03:38:35 GMT
maxresdefault.jpg
i.ytimg.com/vi/w18113BynN8/
96 KB
96 KB
Image
General
Full URL
https://i.ytimg.com/vi/w18113BynN8/maxresdefault.jpg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd6d264b492c4fa61eef03366ade98e435317593718eedc6d2bb2075684f989a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97974
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 23 Jan 2024 05:38:34 GMT
default.png
static-assets.strikinglycdn.com/images/fb_images/
7 KB
7 KB
Image
General
Full URL
https://static-assets.strikinglycdn.com/images/fb_images/default.png
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:b800:f:858:b480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
98a0cacca0d1fb08b998161b9e8262f857a6c9d5b2797b05f2ad1682d95ce158
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 11:57:41 GMT
via
1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
ZRH50-C1
age
30037254
x-cache
Hit from cloudfront
content-length
6992
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 15 Jan 2020 07:52:01 GMT
server
AmazonS3
etag
"6a4ce874c3bcad1cf569cd7c3a6eea1a"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
x-amz-cf-id
MXuWlq-uxsynpEVsMXs8jrE4tqWx6QArgdQOx0UIGm2KTB0cAKVsKg==
2sport-thumbnail.jpg
2sport.tv/images/
252 KB
253 KB
Image
General
Full URL
https://2sport.tv/images/2sport-thumbnail.jpg
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:48f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2c2d8760b4abc3e09320f965c2f765f350ce42003d3fd7d61db7bb753b6661c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1839971
cf-polished
origSize=266792
alt-svc
h3=":443"; ma=86400
content-length
258434
cf-bgj
imgq:100,h2pri
last-modified
Fri, 06 Oct 2023 04:16:14 GMT
server
cloudflare
etag
"651f8a0e-41228"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3uQGCycUvtY9Xf9ug03rHceutnX5DxZ7i5yOofswV4TR8gad9oNoSeQsBc9dNvB2lirwuYeaGD86JP7CYRbHkGTkvmO6Ft02RQV4U4rr9jqy%2BKq1Z%2F4tnJl6UK8VKWE084YP1Ufvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
849d012e892bbb37-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
926 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753775
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=laElXhQGcn2wgtYoM5A1L%2BNA7H0BMLaXjETSWHI81eTinyaPfYHQQLss7%2Bn%2BMB3RKdd1nwT%2FyG76Sq9yRwn%2B2sAJvtZaPdSjfqkCOJ%2B3lPDKlhSguZPUroHocnufsfQ3uOonyEtSvAjsx7m3Lmc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e4c415d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
928 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753775
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYOd6MUR3%2FUoy1MtE8gDOJ%2F%2FDHz6BhLrmMectAo4EwnxS%2BHePyDGAuWbHuELpx%2Figqd0ebovIxk1Qp4WN80CN9%2F6wWEqvoEbNfMDu1Kk1zzt2k0MHckzbO%2BdhAYOw6MyfNAcApsx7tw7rlzLlig%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e4c425d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
925 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753775
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65uebEhbJDbHGgD9f97nmNwFnhx4DVgyC9dJnRZlQXHzkobRqbCRZ1mjsN%2BpPn6fOFljPlHGT7vwwG0YtzqvQImTTUi1oA%2B1w2zmO4vj8I%2FOf74vydgXTuNg5c5hvkTf1Y70I%2FodlFM5S6L0oEQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e4c435d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
925 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753775
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5dDIiglZVb4L6xqlKZaDLO%2FR%2FJ5eWX8PMHOR9sZWCJ%2BNgJbwwrwk421wXq7zQsLvFwDifKqTLBzIlsTUbrBK39N%2BLvdNe3x0DvvBKNsxmeG9b15GbhptO4kHljFugO4t33jWjla816ici8nIC0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e4c445d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
927 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753775
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJy%2Fd%2FmT3lglKIlnZ1dTmSbqFHNsEH6BwZE65%2BGkc4aYD7Xqr56HsJuQevzsMAIrbbQObccCbA9r7rAKz6Md%2Bvd%2BOFWoZXiuHBduCccPwtPaQVezY9%2FRnQSpjsGgclncF6aTfaTDixcO5iYfD4U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e4c465d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
926 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753775
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZThAfKXcAAJL0OII%2BZqc4Qnm1W8STCLh5YMwK0y8W0zELwtbHOuw5qJ6AKwnE2SlYfYgCVS2KrS%2Fu56aJQk2%2Fadb8BDtnauqiExsqRb5lcYG7Rvf4edB%2BMURd%2BIi25NPMkbrI5sPEO2pw4WNLAk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e5c4c5d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
930 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753775
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4H6KhY%2FIQ3835gYkRqtBtfmNe62041K%2F%2B%2BbkSA%2B8gmxw%2FuyYU%2F6SBNmnpVNkJta1vBCVb3xyFwLzcop2CO7lbr4P4m4xg1aH1bW%2FzwUzBjdUtIxEqHfGecsy3ByrKsPJ5TjYvQDBq8KYwo7PMI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e5c4d5d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
920 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753775
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUNVFTnNtjK2is1zRhPW5nNu9T%2F19eqajMtS7oe5jyDkewEZ0TIxsaozfkePco252cgtn9Y82K47XBg5Vi62Cimgyt3zO9h3PN3vWJ1iM5fOQicPvux3rL1AiqT%2BpD8eG9Yz1V3d%2F0DX3M49L40%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e5c4f5d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
924 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753775
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uO2fOWdEFJvnW9sO7Z4ue0VqwK1lSbzwZlTZxlMDiy0UaPovRKoIAHOzma05GaRFZv7ah50HOtuITP0tN9oSYRK%2BxzqU8e6YQ8JmEL5GRSxhCoLVMN4crPCJbuL90TeGmZR%2B8UjMHS%2B8PY03xyo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e5c515d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
926 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753775
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJBSSEUP4kkl%2BrSRsRmIV35A3kKSJbSl101Z022rT5MxMNkK91UBamjbd%2BfWnUL38Bobrm%2F69VTRaGFNe3HoOp2VXns6rqIdYfF22GTLCqpc1QE%2BTZ08Ku%2BaDxwlEQELd0KILeDYucshNPhPwF4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e5c555d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
926 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753775
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hqE2sntbuouN3zDXTgHCbr5HbUKo%2Bpw5f7jkmSw%2FA8G%2F7XMTc57af%2BqvGOEq7jxBSAvY95Zjh5AM8qOb4em7A16pVMgaiwHzyEObG6raHYszyCnS2rk7WPyKxwhqQ2wMCSizWz00xd%2FhySjeNoc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e5c5b5d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
928 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753775
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udiH5f4TsyIMLH%2BHID813uIT%2BgaBUZu5W%2ByymiRrN6MjaPXZz4pfqjSH%2BqaV7AKzcI0yFgGtea2mJHDxzqr%2F6hnMVLosJgXHoa6OyaszOAuuEbH2CiMR8irlxGTo7z%2B09QQ4CpytDUnpm3FLi%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e5c5d5d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
929 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753775
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWVB345sZR2f6LmzPfAYn0PNr8WHZXBjDg7g3KJcrZ%2FRHI90FZol8Jk9aI%2FsEvbo%2B9mAcvmVte79IH5Cl%2F%2FjWVtTUqjyTeMy5nI4i%2BoYAlyFDCExaYHMDbufdtwunWFx1R%2FEaaTpEme5KfomT3A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e5c5e5d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
925 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753775
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1YSbT5lkAK%2B0BL5tivEcw8wQqIuhMAILrY5hsZ2RUQTnhnTEjWm8oZAHMj5Xd1FSbKEs7iSrmTdDJrL7VwZUCjfPvHohNvEIu4AHZobcXee3mEv3uLiIBaI9%2F8c%2FzseCuJKtT1BIYgPgR%2BGrEHM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e5c5f5d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
925 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753775
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FoMk%2Bx6akzFeHCZg58JAKHywd11xNkfKnd5UnHx1PzvIsGwe3H%2FUnOIqPU1CFX4lbfbVz4WiUkqlS7VDaiWefy%2BuEk0zbcSZi7wJK2AKQSKIWFn9g8JenjzuXla3X30aLdL9rsUKzjs9Fe9cCA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e5c605d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
919 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753775
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q46eAXssMMaBErBN1n4NLboUQxyAcHvlq8fj9hYfxAigtXzTxmfMeqGwVNtAwNcJw0IGWRWSk2DFKcLob5i6WtftMV6NvSrrShXQmWQwByT4akHalA7ggsZVty6GN4lMlRypsHjdeFTJykhHdt4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e5c615d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
920 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753775
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DAcDLToqc7oWLsKlUuKM71xR5g5nR7j0HdcjQKY9FSMCbRVFHQ9egavMU3UOG1xjoqBaSe0yx4etZqIOjBf%2BG1zoGzyUeKN1nIKVOx6eWfVzAeWmxQpkpp4zY50zZzy28k6LWWiN19UUe8AJWnk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e5c625d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
927 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753775
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtdm82sArOIvqOWHBUZrirsXY5KJRF%2F01KkDnuI%2Fu3%2BlAjqutkRbCcLGv3rl%2Fc4SMXBIDUNrauGsXapdlyY%2BnfQBRWl1PZC6wKZ9yZhddARGEyRC21KeJwDOZws4ecfLziNI0deIFkOzwp2OTWQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e5c635d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
925 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753775
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNJfnrUNKwJGGK0RRjji9zKCheaJ60e0FNN0VFF%2BkNSpfDIDlnoJgA0h8DBzPd5MShb%2FAC9m4OFkzfTt0B5ajJOPAz8dovfI%2FHFFSlw6jKjBaecAoAlSXBjUnqjB3m65ri98Jly%2BSVTTba4IX6U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e5c645d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
919 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753775
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkbciOezets7s6ydxXXcFG5tAjqU%2BzlwjW2aSA8ueW6XAsr0W4onYY4cofDzX85Gjl7ZSSN91BEcOf1raanLaBkbOLkkMCEGvbSn7nxA3ZdtaWKnnTctmd6SWuEuS6op0flDa2qs6liW%2FUMHADI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d012e5c655d49-FRA
container.html
428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7C9A
6 KB
3 KB
Document
General
Full URL
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:33 GMT
expires
Wed, 22 Jan 2025 03:38:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
mmt.gif
imps.monu.delivery/
37 B
105 B
Image
General
Full URL
https://imps.monu.delivery/mmt.gif?s=ad49ae27-d15b-4257-8401-f34bde665c73&a=p.f.i&u=JYM01M&d=%7B%22c%22%3A%22CH%22%2C%22r%22%3A%22ZH%22%2C%22p%22%3A%22%2F%22%7D
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 06:42:44 GMT
age
1025750
x-guploader-uploadid
ABPtcPpyAdN4_5cyjkgyDCfHtCF5sMz4DPCtcIqOUA3clytEehCPIJvhla44gIKzd6KVSzPzHdC_kimNRJClLZ63tiGVlA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Fri, 10 Jan 2025 06:42:44 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7A30
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=64df7eaaaa
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=64df7eaaaa
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z0DJ0PZEA2N1814TQ7XD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 23 Jan 2024 03:37:47 GMT
via
1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ZRH50-C1
age
47
x-cache
Hit from cloudfront
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=64df7eaaaa
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
blI1GufchCHkvxgLczy4KOIW3llkBMq3Js8nWS7qNKR8hYxF5-IkSg==
ecm3
s.amazon-adsystem.com/ Frame 7A30
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1
  • https://s.amazon-adsystem.com/ecm3?id=AAACx07LXmkAABMh1hX3Cw&ex=beeswax.com
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=AAACx07LXmkAABMh1hX3Cw&ex=beeswax.com
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DEVKMW7B562Q23GF2FN4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AAACx07LXmkAABMh1hX3Cw&ex=beeswax.com
Date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 7A30
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1DGH7KKN4PZW7PRFPS2B
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=outbrain.com&id=
Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
88
Content-Type
text/html; charset=utf-8
sd
eu-u.openx.net/w/1.0/ Frame A616
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7283273328877549246
43 B
171 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7283273328877549246
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7283273328877549246
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame A616
43 B
855 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=2fa2ea39-840e-c992-0f04-17c9966e11f8
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
49D758A6SX10YAWBJNQ6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame A616
70 B
149 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=77749644-98a4-7268-cf0a-955efe5dda18&gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame A616
170 B
409 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NWIxYjQ1OGUtNTFkMy0yY2NjLWRhZWEtY2ZlNzM0YmYxNDc4
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame A616
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPIfjtVgJvU4Pfe9Iniw1jw&google_cver=1
43 B
97 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPIfjtVgJvU4Pfe9Iniw1jw&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPIfjtVgJvU4Pfe9Iniw1jw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/
53 B
220 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4cdc69369d43a4259950ed25233ed9433210ae66e82ae6e17e2cf64b6ae0ccb5

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/
53 B
220 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
8375e31c2712c3b47a25c5142d99f05be77c8ccd57b1c67fa3822a55668dd44a

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
prebid.media.net/rtb/
1 KB
655 B
Fetch
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
ee4ac951ca99f813f37feec1c39ed47a7a2947e2aea963254e848f5aa9b04418

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://folkd.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
46
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 03:38:34 GMT
prebid
ads.yieldmo.com/exchange/
0
220 B
Fetch
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-5327c943-1992-4d6a-a6d8-9b7622d89dab_1_1_ad%22%2C%22callback_id%22%3A%2238f5c7b162bfb23%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%223361241939151101975%22%2C%22gpid%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1%22%2C%22tid%22%3A%22b230d69a-3928-43ca-8662-72ddd43e32e1%22%2C%22auctionId%22%3A%2295df399e-cc71-4633-9afb-6d62e4fb6bbc%22%7D%5D&page_url=https%3A%2F%2Ffolkd.com%2F&bust=1705981114729&dnt=false&description=Folkd%20is%20a%20leading%20social%20bookmarking%20app.%20Since%202006%2C%20over%208%20million%20people%20have%20used%20Folkd%20to%20store%2C%20organize%20and%20share%20their%20favorite%20links.%20Join%20them%20today%20for%20free.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Bookmarks%20are%20%E2%9D%A4%EF%B8%8F%F0%9F%9A%80%F0%9F%92%AF!&w=1600&h=1200&pubcid=e7e38ac1-9171-4bdb-9809-cc3a95321041&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%225d65a9fa-c3bc-4e73-b569-1a8af1e68dc7%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e7e38ac1-9171-4bdb-9809-cc3a95321041%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebidvideo
ads.yieldmo.com/exchange/
0
319 B
Fetch
General
Full URL
https://ads.yieldmo.com/exchange/prebidvideo
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
c
prebid.a-mo.net/a/
0
233 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:33 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/
0
662 B
Fetch
General
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.191.36.239 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
107.191.36.239.vultrusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:34 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
translator
hbopenbid.pubmatic.com/
0
53 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v2
e.serverbid.com/api/
16 B
224 B
Fetch
General
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
prebid
ib.adnxs.com/ut/v3/
139 B
823 B
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
72499ca3bf0bcdebfb30e0448a2eff8ff45b58c50936d944f203d07b8fb646a1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
an-x-request-uuid
8597a74d-2811-42ee-a5a2-f3084000b34b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://folkd.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
149.88.27.82; 149.88.27.82; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/
13 KB
7 KB
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=201336
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4970a864d5be91437aee3bcf90ed842ed4c8edc10bf215341b0177dbeab1ccba

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvNVcjG%2BQx2GWm%2BnC9FDNhhOsAQUJGOj8I%2FOTjzV%2FUrIf0V99xSS7hj5JU0VWMsLJJ9Y2p8%2Fc1fgO12G8lzApIs%2FX9S9Etmm%2BZEgYRnzCf7Ux7ZnUTtDf7WokX6x6l8DoCdmcmrB"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
849d012f1e01bb71-FRA
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/
37 B
455 B
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=201336
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1888bc2e4ccadc3b31acfc20f33151d3cd41a79df326883d3d2f0c0b96af191

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=50zxgqFTv2GnTtJPgE2R1DDtq0t2bUAgZpRM73mN4s%2FBUY4F8yY82RVOyx1z3%2B%2Bebarr5Ggu0PAgI9aYEU0zpX0ecPpdQ7oZxQNSH3vXsLzZyw1KwuKetxpB6JF90ZsZ1ipncw0V"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
849d012f1e02bb71-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/
441 B
498 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=2&p_pos=btf&rp_schain=1.0,1!monumetric.com,5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7,1,,,&eid_pubcid.org=e7e38ac1-9171-4bdb-9809-cc3a95321041%5E1&rf=https%3A%2F%2Ffolkd.com%2F&tg_i.domain=folkd.com&tg_i.page=https%3A%2F%2Ffolkd.com%2F&tg_i.cat=239%2C264&tg_i.cattax=6&tg_i.id=5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1&tk_flint=pbjs_lite_v8.12.0&x_source.tid=95df399e-cc71-4633-9afb-6d62e4fb6bbc&l_pb_bid_id=5497d225f56ab4f&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=b230d69a-3928-43ca-8662-72ddd43e32e1&rp_maxbids=1&p_gpid=%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1&slots=1&rand=0.5020874013220009
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
908518690d6f7b271c11819997a4d0fab3647d5b1c2d851df6765bc2260370c8

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
441
expires
Wed, 17 Sep 1975 21:32:10 GMT
hb-mm-multi
hb.minutemedia-prebid.com/
84 B
421 B
Fetch
General
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.76.118.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-118-59.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
c05e5ca1f06ebf70189cc9a35b29d1aac28d9ed4bc983e102122be6a378ce603

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
server
istio-envoy
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://folkd.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
30
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
bid
aax.amazon-adsystem.com/e/dtb/
163 B
599 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffolkd.com%2F&pid=W2vWDuHlvDr26&cb=1&ws=1600x1200&v=24.117.1925&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-5327c943-1992-4d6a-a6d8-9b7622d89dab_1_1_ad%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDI.A%22%7D%5D&schain=1.0%2C1!adpushup.com%2C8907fc9c6f7a7ef639cb5332cb90f07d%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22e7e38ac1-9171-4bdb-9809-cc3a95321041%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
41b770ec46c90e2a840049fa99c5d5f64c1a53c1a4e138f7b72bcdd5ec18a6b7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 df9ce120cad525bdb160f75cd7b807c2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
6RJJY0AWP2JTY7GJWE48
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
163
x-amz-cf-id
miVcX8RPxSJaU_2WfeRYUpe0zhN7L3STy3S2_sBpJqxmi-xrYZfKVg==
translator
hbopenbid.pubmatic.com/
0
53 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/
0
233 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:34 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
pbjs
htlb.casalemedia.com/openrtb/
13 KB
6 KB
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=201336
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1acaa5c7684c9262e311b96ad136909d9ceb432c74a3e66b4f01b355adf7cc2d

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEaHJPJjKsiB91W4UpoHa0mWwLK68rPPEuRd%2BVfy7qXn9UuTb1Qm5etNNTxc5HDxrQHcRs%2BVIfTRo%2Bl0lS8JthjOSXGnguy0D0O91TlWcTxS4AGRlUVSJ7FER%2Fr%2BEowtK5pmB%2FD5"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
849d012f2e09bb71-FRA
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/
37 B
312 B
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=201336
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d865d299275a3ecf877f5e52048ad06bb1490eb65e50505bc4ac1cf2a0927de7

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNUV%2Fscr1587Lqm4dn4JSD2XLzEECVMSqqACb%2FoXMPqCXtj7UmfHeb7iQJOzXxQn4bpjP9EB3DzR2TX3fmOx0FBSqxxdsfK29bnauG9Ctu%2BiVv8dsg23KhicUTLSomTzOo1%2BTEUZ"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
849d012f2e0abb71-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
v2
e.serverbid.com/api/
16 B
201 B
Fetch
General
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
hb-mm-multi
hb.minutemedia-prebid.com/
84 B
421 B
Fetch
General
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.76.118.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-118-59.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
c9d685ce0597e95e53f9ee1afd2fac73665d3333457a9d4d873542ccd7afe50b

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
server
istio-envoy
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://folkd.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
12
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
prebid
ads.yieldmo.com/exchange/
0
220 B
Fetch
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-5327c943-1992-4d6a-a6d8-9b7622d89dab_2_1_ad%22%2C%22callback_id%22%3A%2270419c546df14e9%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%223361241939151101975%22%2C%22gpid%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1%22%2C%22tid%22%3A%22395b8f49-e772-4c48-9f1c-07b248ad8a35%22%2C%22auctionId%22%3A%2209c65631-e5db-4616-b11d-a3e483d600d0%22%7D%5D&page_url=https%3A%2F%2Ffolkd.com%2F&bust=1705981114744&dnt=false&description=Folkd%20is%20a%20leading%20social%20bookmarking%20app.%20Since%202006%2C%20over%208%20million%20people%20have%20used%20Folkd%20to%20store%2C%20organize%20and%20share%20their%20favorite%20links.%20Join%20them%20today%20for%20free.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Bookmarks%20are%20%E2%9D%A4%EF%B8%8F%F0%9F%9A%80%F0%9F%92%AF!&w=1600&h=1200&pubcid=e7e38ac1-9171-4bdb-9809-cc3a95321041&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%225d65a9fa-c3bc-4e73-b569-1a8af1e68dc7%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e7e38ac1-9171-4bdb-9809-cc3a95321041%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebidvideo
ads.yieldmo.com/exchange/
0
319 B
Fetch
General
Full URL
https://ads.yieldmo.com/exchange/prebidvideo
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/
0
652 B
Fetch
General
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.191.36.239 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
107.191.36.239.vultrusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:34 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
prebid
ib.adnxs.com/ut/v3/
139 B
823 B
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4accf05d09eadaf4275126a11a4f389d93b78abf856f30afb0c10906160f65d0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
an-x-request-uuid
0426d369-fef2-468e-bf18-a42264617322
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://folkd.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
149.88.27.82; 149.88.27.82; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
441 B
475 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=2&p_pos=btf&rp_schain=1.0,1!monumetric.com,5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7,1,,,&eid_pubcid.org=e7e38ac1-9171-4bdb-9809-cc3a95321041%5E1&rf=https%3A%2F%2Ffolkd.com%2F&tg_i.domain=folkd.com&tg_i.page=https%3A%2F%2Ffolkd.com%2F&tg_i.cat=239%2C264&tg_i.cattax=6&tg_i.id=5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1&tk_flint=pbjs_lite_v8.12.0&x_source.tid=09c65631-e5db-4616-b11d-a3e483d600d0&l_pb_bid_id=760939494cd5532&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=395b8f49-e772-4c48-9f1c-07b248ad8a35&rp_maxbids=1&p_gpid=%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1&slots=1&rand=0.9920136616461332
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d77a8d5a7107b5cfbc5ff1df45f0e5a18c2c991b538c7ea39c5da9ab0b8d7ecc

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
441
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/
1 KB
630 B
Fetch
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
6ad6ff0e64609ab287986c6d44306130201eb73680498e3011bff1d4ebac634a

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://folkd.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
34
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 03:38:34 GMT
prebidjs
rtb.openx.net/openrtbb/
53 B
220 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
da8ffc9147bfc3a8486493d8fe4cbcdb7bbd9381bc9fc67d46e1660d7e60d176

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/
53 B
220 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
6ad1c857a263e2b59671ebd3907c72afa94196826b3881c721993a0dc3191ffb

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
bid
aax.amazon-adsystem.com/e/dtb/
163 B
599 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffolkd.com%2F&pid=W2vWDuHlvDr26&cb=2&ws=1600x1200&v=24.117.1925&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-5327c943-1992-4d6a-a6d8-9b7622d89dab_2_1_ad%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDI.A%22%7D%5D&schain=1.0%2C1!adpushup.com%2C8907fc9c6f7a7ef639cb5332cb90f07d%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22e7e38ac1-9171-4bdb-9809-cc3a95321041%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
53e79de7ed020aa4b3485c1903c89f56b0785daf65ba3a937cb2ebf547b4cf59
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 df9ce120cad525bdb160f75cd7b807c2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
D22JR7AZNV539HEC4Q4G
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
163
x-amz-cf-id
9elDSnFbMHllRi25kPeqGUnAawQpoFCDf9xD6kKL9eE29BaQ9zBn-w==
bid
aax.amazon-adsystem.com/e/dtb/
163 B
598 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffolkd.com%2F&pid=W2vWDuHlvDr26&cb=3&ws=1600x1200&v=24.117.1925&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-5327c943-1992-4d6a-a6d8-9b7622d89dab_3_1_ad%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDI.A%22%7D%5D&schain=1.0%2C1!adpushup.com%2C8907fc9c6f7a7ef639cb5332cb90f07d%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22e7e38ac1-9171-4bdb-9809-cc3a95321041%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
95f45a07e6e2be78b5a835947bddb74172c9b0d9316ab624ae1508dcd90e7684
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 df9ce120cad525bdb160f75cd7b807c2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
CEZ90J4G9ZDHY93QQGG7
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
163
x-amz-cf-id
euA2Nlw_qa3v1DdufQ38Cn3_3aneU_DMS5RN-jCbB2l_loXBVXPdqA==
bid
aax.amazon-adsystem.com/e/dtb/
163 B
600 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffolkd.com%2F&pid=W2vWDuHlvDr26&cb=4&ws=1600x1200&v=24.117.1925&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-5327c943-1992-4d6a-a6d8-9b7622d89dab_4_1_ad%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDI.A%22%7D%5D&schain=1.0%2C1!adpushup.com%2C8907fc9c6f7a7ef639cb5332cb90f07d%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22e7e38ac1-9171-4bdb-9809-cc3a95321041%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
a568e9f19d288441365da05a762ea619b5f1b49ba131df40e4a6bf10ce022d54
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 df9ce120cad525bdb160f75cd7b807c2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
DS34CH1Q0MXE6K9ZPENX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
163
x-amz-cf-id
OS0WOEvh23HeU9lMxgOXIk_FI8xQUpRi_DtD3kaVBBjoHCiulCQmHA==
bid
aax.amazon-adsystem.com/e/dtb/
163 B
600 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffolkd.com%2F&pid=W2vWDuHlvDr26&cb=5&ws=1600x1200&v=24.117.1925&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-5327c943-1992-4d6a-a6d8-9b7622d89dab_5_1_ad%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDI.A%22%7D%5D&schain=1.0%2C1!adpushup.com%2C8907fc9c6f7a7ef639cb5332cb90f07d%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22e7e38ac1-9171-4bdb-9809-cc3a95321041%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
8364993fe79ec5386ecffeab216f79b6712cd18491182690f87f467d2728d053
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 df9ce120cad525bdb160f75cd7b807c2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
DK8ZRKDK45XTJQBMEH54
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
163
x-amz-cf-id
7w7y_qqoc9_HwVRQFWUkWWUJpqgUw5Vo1WqkGi_0ci_aZbWGH4yAYw==
bid
aax.amazon-adsystem.com/e/dtb/
163 B
600 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffolkd.com%2F&pid=W2vWDuHlvDr26&cb=6&ws=1600x1200&v=24.117.1925&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-5327c943-1992-4d6a-a6d8-9b7622d89dab_6_1_ad%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDI.A%22%7D%5D&schain=1.0%2C1!adpushup.com%2C8907fc9c6f7a7ef639cb5332cb90f07d%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22e7e38ac1-9171-4bdb-9809-cc3a95321041%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
29c043402918cd8bd045e152d013b0c817814ffdaeea9030fb7dbd8661542142
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 df9ce120cad525bdb160f75cd7b807c2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
EJRDCMXMTET58A7R5PQX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
163
x-amz-cf-id
N6T9nOrWSyIqL_CL3CWiQ66DcGfA_l9lOKw1Am4cjkwf5-dCJz-vVQ==
bid
aax.amazon-adsystem.com/e/dtb/
163 B
599 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffolkd.com%2F&pid=W2vWDuHlvDr26&cb=7&ws=1600x1200&v=24.117.1925&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-5327c943-1992-4d6a-a6d8-9b7622d89dab_7_1_ad%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDI.A%22%7D%5D&schain=1.0%2C1!adpushup.com%2C8907fc9c6f7a7ef639cb5332cb90f07d%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22e7e38ac1-9171-4bdb-9809-cc3a95321041%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
113c0d7ce216b502e1fe889b7f9dd135a0bc97d46519cd9c600e67407d97db09
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 df9ce120cad525bdb160f75cd7b807c2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
XN0S2TMK30ME9NS7Q70V
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
163
x-amz-cf-id
Vqv9_YcPd6LYQAr9beGzajjQvFBBvt-6nxhJqrulSoAdVI0yEzHNbQ==
bid
aax.amazon-adsystem.com/e/dtb/
163 B
600 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffolkd.com%2F&pid=W2vWDuHlvDr26&cb=8&ws=1600x1200&v=24.117.1925&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-5327c943-1992-4d6a-a6d8-9b7622d89dab_8_1_ad%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDI.A%22%7D%5D&schain=1.0%2C1!adpushup.com%2C8907fc9c6f7a7ef639cb5332cb90f07d%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22e7e38ac1-9171-4bdb-9809-cc3a95321041%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
bca894724ceefcf243636b8e5a57265019d79dd2664270f81f1c3fb5ab317894
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 df9ce120cad525bdb160f75cd7b807c2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
NHJKW5XDR7T3BE5C6S9N
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
163
x-amz-cf-id
kytI7zTW0VO3NRNTiFNXuFRnfx5g6DQkmdST2MUJ5V8zfj1Hnqbtzg==
bid
aax.amazon-adsystem.com/e/dtb/
163 B
599 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffolkd.com%2F&pid=W2vWDuHlvDr26&cb=9&ws=1600x1200&v=24.117.1925&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-5327c943-1992-4d6a-a6d8-9b7622d89dab_9_1_ad%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDI.A%22%7D%5D&schain=1.0%2C1!adpushup.com%2C8907fc9c6f7a7ef639cb5332cb90f07d%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22e7e38ac1-9171-4bdb-9809-cc3a95321041%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
a491af70859c77bcbc3a0d2c0744c868e3c44a78382531e153ad315272877d7e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 df9ce120cad525bdb160f75cd7b807c2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
7EHF9MG3SZ2B0CYYKKAA
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
163
x-amz-cf-id
qrDBLTDbY9IayNZCm5VxdqsfTkDyLRb8U0Kt06jc2TbFEb0vr3Q8Rg==
bid
aax.amazon-adsystem.com/e/dtb/
164 B
600 B
XHR
General
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffolkd.com%2F&pid=W2vWDuHlvDr26&cb=10&ws=1600x1200&v=24.117.1925&t=60000&slots=%5B%7B%22sd%22%3A%22mmt-5327c943-1992-4d6a-a6d8-9b7622d89dab_10_1_ad%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDI.A%22%7D%5D&schain=1.0%2C1!adpushup.com%2C8907fc9c6f7a7ef639cb5332cb90f07d%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22e7e38ac1-9171-4bdb-9809-cc3a95321041%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
c1026d524c1c7fe22fa69e1ef735c435040e65e037696c12db688a0f9b9e1798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 df9ce120cad525bdb160f75cd7b807c2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
P3KXWMYPXBS3MFFZVJVT
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
164
x-amz-cf-id
uqfR3yCBC4tWo4_aPq16-eeVCfrB1nGssq7yQXX7w_z1iNArGdyyUA==
mmt.gif
imps.monu.delivery/
37 B
63 B
Image
General
Full URL
https://imps.monu.delivery/mmt.gif?s=ad49ae27-d15b-4257-8401-f34bde665c73&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 01:36:24 GMT
age
1303330
x-guploader-uploadid
ABPtcPqhOr5a-cRpGs9TACsIJPS6Xy7I6-14TJg1xFUku65kMDBaHJwDCtZW-hDWSYEhPhT_OBdhB1onQRlHad3ANdCPW5Q03lEO
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 07 Jan 2025 01:36:24 GMT
collect
r.clarity.ms/
0
289 B
XHR
General
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://folkd.com
Date
Tue, 23 Jan 2024 03:38:34 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
apm
folkd.com/user/
4 B
935 B
XHR
General
Full URL
https://folkd.com/user/apm
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

X-Bubble-Fiber-ID
1705981114834x700468022428531000
X-Bubble-PL
1705981112188x305
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://folkd.com/
cache-control
no-cache
Referer
https://folkd.com/
X-Requested-With
XMLHttpRequest
x-coalias-route
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzA1OTgxMTEyfQ.xy60wtTT6YtbklZO7xi1ao-ADSzoGLFbV3dgixJQ0yM
X-Bubble-Breaking-Revision
5

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf
{"total":13.3,"percents":{"top":{"bubble_cpu":33.1,"block":42.2,"capacity_rl":0,"other_pause":0,"pre_fiber":23.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":39.7,"fiber_queue":2.1,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":5,"fiber_queue":6,"blocks":5},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":658638}}
strict-transport-security
max-age=63072000
x-bubble-appname
folkd0612
x-powered-by
Express
x-bubble-capacity-used
0.01 unit-seconds used
x-coalias-cache
MISS
server
Vercel
x-vercel-id
fra1::6md7s-1705981114842-fd0c73522410
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F91Jhjb0rWYvKDqG3QYWLWkaQmeaneFAMU6rO6lya5rbYVkHp0p5%2BP9Hc7cjVwekkt3VWCfJC09p8FwGG7UXqzImQ41UImxNzE55NiZ4jYCCT%2FbWUxmMYfq3MvlaHFSYaMyWGYD2UupjD0D9kRPC0f5f7xPEDU50aPAeyGM1rm5AF6qGLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
x-bubble-request-took
13
cache-control
no-cache
cf-ray
849d01301bc2f164-CDG
x-bubble-capacity-limit
0 ms slower
v1
lb.eu-1-id5-sync.com/lb/
33 B
269 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
6d70d5e5ce5077d4ec4c23aff7b787383d79628169e4eb869781e7ff161d57c8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
amzns2s
rtb.gumgum.com/usync/ Frame 2F96
3 KB
1 KB
Document
General
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.7.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-7-68.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b9df5918b66bf9e1be73d74b09b3cf3d14885dead6a956b50e1a12e7ea9192b8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 23 Jan 2024 03:38:34 GMT
etag
W/"006e2b08f4423d8e57e7a3dd4a19fb0ca"
server
nginx
timing-allow-origin
*
usync.html
eus.rubiconproject.com/ Frame E12B
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Jan 2024 03:38:34 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame C64E
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=2380373011570053850&ex=appnexus.com
43 B
479 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=2380373011570053850&ex=appnexus.com
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 23 Jan 2024 03:38:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
K0KXWBXVAQTPY40P5V5Y

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
bbec9b59-1fcf-475c-8339-886cfef27f59
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 03:38:34 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=2380373011570053850&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
149.88.27.82; 149.88.27.82; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 80C4
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=ee28081dc141859df3e9c39bf89f63cf&name=AMAZON&url=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dadyoulike.com%26id%3D%7BuserId%7D
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=adyoulike.com&id=cda9ad6ae9d89adbee8b213567150311
43 B
479 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=adyoulike.com&id=cda9ad6ae9d89adbee8b213567150311
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 23 Jan 2024 03:38:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
XP10QGGDBRKJY0D6CVWN

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 03:38:34 GMT
expires
0
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=adyoulike.com&id=cda9ad6ae9d89adbee8b213567150311
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-fra02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
3
getuid
eb2.3lift.com/ Frame 4DCD
37 B
140 B
Document
General
Full URL
https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 23 Jan 2024 03:38:34 GMT
prebid
ads.yieldmo.com/exchange/
0
220 B
Fetch
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-5327c943-1992-4d6a-a6d8-9b7622d89dab_3_1_ad%22%2C%22callback_id%22%3A%2282e510534a77634%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%223361241939151101975%22%2C%22gpid%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1%22%2C%22tid%22%3A%221bec639e-163a-4352-9307-930c2247c53f%22%2C%22auctionId%22%3A%22fba54e24-7649-4431-85ea-156e1c3eccc3%22%7D%5D&page_url=https%3A%2F%2Ffolkd.com%2F&bust=1705981114918&dnt=false&description=Folkd%20is%20a%20leading%20social%20bookmarking%20app.%20Since%202006%2C%20over%208%20million%20people%20have%20used%20Folkd%20to%20store%2C%20organize%20and%20share%20their%20favorite%20links.%20Join%20them%20today%20for%20free.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Bookmarks%20are%20%E2%9D%A4%EF%B8%8F%F0%9F%9A%80%F0%9F%92%AF!&w=1600&h=1200&pubcid=e7e38ac1-9171-4bdb-9809-cc3a95321041&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%225d65a9fa-c3bc-4e73-b569-1a8af1e68dc7%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e7e38ac1-9171-4bdb-9809-cc3a95321041%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebidvideo
ads.yieldmo.com/exchange/
0
349 B
Fetch
General
Full URL
https://ads.yieldmo.com/exchange/prebidvideo
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
prebid.media.net/rtb/
1 KB
594 B
Fetch
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
074468e2fdeab67f22caab991850fb09c81e2b2dee11251753ca188e20763679

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://folkd.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
43
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 03:38:34 GMT
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/
0
656 B
Fetch
General
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.191.36.239 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
107.191.36.239.vultrusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:35 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/
441 B
498 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=2&p_pos=btf&rp_schain=1.0,1!monumetric.com,5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7,1,,,&eid_pubcid.org=e7e38ac1-9171-4bdb-9809-cc3a95321041%5E1&rf=https%3A%2F%2Ffolkd.com%2F&tg_i.domain=folkd.com&tg_i.page=https%3A%2F%2Ffolkd.com%2F&tg_i.cat=239%2C264&tg_i.cattax=6&tg_i.id=5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1&tk_flint=pbjs_lite_v8.12.0&x_source.tid=fba54e24-7649-4431-85ea-156e1c3eccc3&l_pb_bid_id=880e062c164553a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=1bec639e-163a-4352-9307-930c2247c53f&rp_maxbids=1&p_gpid=%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1&slots=1&rand=0.348807473940842
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
50a35a94e1a56e14a25ad8112c4e0aba806f1876c9e643a70b2ae0480fc611c5

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
441
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/
139 B
1 KB
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
49a58ee815bb9019d5b047c40e097f8c0c7216ea0602433917d445dd7d42b2cc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
an-x-request-uuid
c2739439-ff4f-4a1d-bc0f-54706f5b1366
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://folkd.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
149.88.27.82; 149.88.27.82; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v2
e.serverbid.com/api/
16 B
201 B
Fetch
General
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
translator
hbopenbid.pubmatic.com/
0
53 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/
0
210 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:34 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
prebidjs
rtb.openx.net/openrtbb/
53 B
95 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
a4f1b77a21fda3ababa1e603818a01e943cbcd5cd5e5b0d3902171531b29e0ad

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/
53 B
95 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
c5b7b8028c346e2a25f27a56a9893669f0fe237c259841f39be6ea8a8c5ce794

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
pbjs
htlb.casalemedia.com/openrtb/
13 KB
7 KB
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=201336
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
955c6c31f165d8901751da00b0eb40938d1777ee87c9e5d0e215ca2ad3e9fed1

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTGt1KM%2FPYp6F4myPwxkM91b3pwxC1GXHFwXPFHigE6OC9x6TS4Vwkl6SbwxvyKgh71f9iw8R3UNqGI58Hwu1tDTScx7k9Pd69LQ95tcCUfM2PIXru44ABHzumcYyaNYmCrR87Ud"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
849d013049264d22-FRA
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/
38 B
640 B
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=201336
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e432f14531c18a1160a13ed2e9a99a47cd1ca17b06629035429861665e6461d

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOLKh8qZXdNfDZM2qzE9TKe%2BGqOBe0cZJ6JaYhoEdUziEyYaJZjoB6XRL5tIedqN1cejtV7wUmJL9KY5%2BtN7s7ugxyE17kvOWPBhRq0gBOVujmIUiXELmujEP1eG%2Bf6BPEi7oLC%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
849d013049284d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
hb-mm-multi
hb.minutemedia-prebid.com/
85 B
421 B
Fetch
General
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.76.118.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-118-59.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
66fa27515a653f48a7bf5ac44a5fecc33aa0df71ce1c56eea3817afb780d2a6a

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
server
istio-envoy
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://folkd.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/
0
654 B
Fetch
General
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.191.36.239 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
107.191.36.239.vultrusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:35 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
prebid
ads.yieldmo.com/exchange/
0
220 B
Fetch
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-5327c943-1992-4d6a-a6d8-9b7622d89dab_4_1_ad%22%2C%22callback_id%22%3A%22108c7c4946465993%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%223361241939151101975%22%2C%22gpid%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1%22%2C%22tid%22%3A%22a29b796b-9fd5-4514-8056-0694abe9ec59%22%2C%22auctionId%22%3A%228c73aa64-35e7-47b1-9b09-d766b0bfa5db%22%7D%5D&page_url=https%3A%2F%2Ffolkd.com%2F&bust=1705981114926&dnt=false&description=Folkd%20is%20a%20leading%20social%20bookmarking%20app.%20Since%202006%2C%20over%208%20million%20people%20have%20used%20Folkd%20to%20store%2C%20organize%20and%20share%20their%20favorite%20links.%20Join%20them%20today%20for%20free.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Bookmarks%20are%20%E2%9D%A4%EF%B8%8F%F0%9F%9A%80%F0%9F%92%AF!&w=1600&h=1200&pubcid=e7e38ac1-9171-4bdb-9809-cc3a95321041&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%225d65a9fa-c3bc-4e73-b569-1a8af1e68dc7%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e7e38ac1-9171-4bdb-9809-cc3a95321041%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebidvideo
ads.yieldmo.com/exchange/
0
349 B
Fetch
General
Full URL
https://ads.yieldmo.com/exchange/prebidvideo
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
v2
e.serverbid.com/api/
16 B
201 B
Fetch
General
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
prebidjs
rtb.openx.net/openrtbb/
53 B
95 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
a519996db78bc20a1bdcd20c020393305c7528436a7e7230cf14e5fb22759bc8

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/
53 B
95 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
2ce171d09c7a14253c1724fc908fb1d266e0f3133c1699b83c338fa0ca3db569

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
c
prebid.a-mo.net/a/
0
210 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:34 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
prebid
prebid.media.net/rtb/
1 KB
593 B
Fetch
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
9925c6065089025b6ba0f8d93d80dd327d7c0de03f0bbc2f640fefec4364592a

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://folkd.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
37
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 03:38:34 GMT
hb-mm-multi
hb.minutemedia-prebid.com/
85 B
421 B
Fetch
General
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.76.118.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-118-59.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
d598a76c194a6b555af16111ebeea806848ca2e56c8ebe13c128e461cb7b60cb

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
server
istio-envoy
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://folkd.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
prebid
ib.adnxs.com/ut/v3/
140 B
1 KB
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e24cb3a4306d966fdd7d86193e7e3aa32ee307d864d5d639ec5ef821fdd49906
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
an-x-request-uuid
9a2abd67-461c-4c39-821e-a3e72d806807
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://folkd.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
149.88.27.82; 149.88.27.82; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
53 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/
1 KB
2 KB
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=201336
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c540a738830541d90f744525d7954713a0fb442c663fbb8b36781ffeeadf270f

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvdCyj502Ma5V2bBjdwHDawbNLW9A2z96N%2Fou6T6CVIoTiOph9zfOUxz4uCaPsVe3gGEjG%2B%2Fcgd2FL07Se6KpV89J6DGDYqpeZFP1XEMJagKTCZz9PpeUCNLg0yalR6R91wWA5ul"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
849d013059304d22-FRA
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/
37 B
607 B
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=201336
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d9b10631d6898646bc9241fb5b2b613df0e2a0fd2c8367d86ce3bb6f95fa1ea

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxWe3wrPHNBt%2FtB8Z6mXaAhIksHJOADgTFm2%2Bo0vAbalQirnzBGswUgDhNZDR1HCN3QjTIqCVe586d%2BkjOZ4Wl6omqrTJzrCcxORJThS%2FmVEDv%2FR%2BMFGcq%2BMII1Ljpse9l0fVn6f"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
849d013059314d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/
441 B
475 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=2&p_pos=btf&rp_schain=1.0,1!monumetric.com,5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7,1,,,&eid_pubcid.org=e7e38ac1-9171-4bdb-9809-cc3a95321041%5E1&rf=https%3A%2F%2Ffolkd.com%2F&tg_i.domain=folkd.com&tg_i.page=https%3A%2F%2Ffolkd.com%2F&tg_i.cat=239%2C264&tg_i.cattax=6&tg_i.id=5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1&tk_flint=pbjs_lite_v8.12.0&x_source.tid=8c73aa64-35e7-47b1-9b09-d766b0bfa5db&l_pb_bid_id=128dcd05db53730c&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=a29b796b-9fd5-4514-8056-0694abe9ec59&rp_maxbids=1&p_gpid=%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1&slots=1&rand=0.8353361188243182
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
10eec9311dd99b07bbc70f9d03cb69c856ba6888f498a09a498cc79e17d4467e

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
441
expires
Wed, 17 Sep 1975 21:32:10 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7C9A
24 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 01:04:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
527640
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Jan 2025 01:04:35 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 7C9A
26 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5692
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYtvt3E5wj%2BV1PI%2BQZSl2o4my4DgH%2BIZ44LIYXGkPhYqjyyh0leqQc%2B0ZE8P0FV4GN6NpnaViHxsMwLcexcI8Khu7d8Rb9iCY%2B%2FDOFIzvgD0X6XyghmgIMnDWaabLOxBW92S%2FMmjopujvfcmvn8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
849d01307cde927a-FRA
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7C9A
206 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 03:38:34 GMT
usync.js
eus.rubiconproject.com/ Frame E12B
40 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cd3bec578049163e4cd3e91e52d55040e999465b011fde978ca10b689317ac4c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 03:38:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Jan 2024 09:39:05 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=21583
Connection
keep-alive
Content-Length
10964
Expires
Tue, 23 Jan 2024 09:38:17 GMT
mmt.gif
imps.monu.delivery/
37 B
63 B
Image
General
Full URL
https://imps.monu.delivery/mmt.gif?s=ad49ae27-d15b-4257-8401-f34bde665c73&a=b.r&u=5327c943-1992-4d6a-a6d8-9b7622d89dab&d=%7B%22utm%22%3A%7B%7D%7D
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 01:36:24 GMT
age
1303331
x-guploader-uploadid
ABPtcPqhOr5a-cRpGs9TACsIJPS6Xy7I6-14TJg1xFUku65kMDBaHJwDCtZW-hDWSYEhPhT_OBdhB1onQRlHad3ANdCPW5Q03lEO
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 07 Jan 2025 01:36:24 GMT
usersync
usersync.gumgum.com/ Frame 2F96
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=2380373011570053850
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=2380373011570053850
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
an-x-request-uuid
e7931b56-5d15-4dd1-b8bb-483942dd14e8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=2380373011570053850
x-proxy-origin
149.88.27.82; 149.88.27.82; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 2F96
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_d269bb32-04bd-499f-9321-dcde753d913c&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_d269bb32-04bd-499f-9321-dcde753d913c&gdpr=&gdpr_consent=&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=75dfa792-243c-4814-8e47-a1f76ddeb89e
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=75dfa792-243c-4814-8e47-a1f76ddeb89e
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=98bb7d0c-135b-4588-94ce-d9c554ced3ab&user_group=1&ssp=gumgum2&bsw_param=75dfa792-243c-4814-8e47-a1f76ddeb89e
  • https://usersync.gumgum.com/usersync?b=bsw&i=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 23 Jan 2024 03:38:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usersync.gumgum.com/ Frame 2F96
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=80493234-b0b1-4a3e-a871-85b3360ddb5e
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=80493234-b0b1-4a3e-a871-85b3360ddb5e
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=80493234-b0b1-4a3e-a871-85b3360ddb5e
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 2F96
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-b407dcf2-6965-56b9-5d12-892c49b83d94$ip$149.88.27.82
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-b407dcf2-6965-56b9-5d12-892c49b83d94$ip$149.88.27.82
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-b407dcf2-6965-56b9-5d12-892c49b83d94$ip$149.88.27.82
Date
Tue, 23 Jan 2024 03:38:35 GMT
Connection
keep-alive
Content-Length
126
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 2F96
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-ka57dHVE2pf2WDc7b2vtxBhjjOlY2vSxTgmC~A
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-ka57dHVE2pf2WDc7b2vtxBhjjOlY2vSxTgmC~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Tue, 23 Jan 2024 03:38:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-ka57dHVE2pf2WDc7b2vtxBhjjOlY2vSxTgmC~A
content-length
0
usersync
usersync.gumgum.com/ Frame 2F96
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=d638ffff-2c6b-4bcc-99b2-9baedfedba95
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=d638ffff-2c6b-4bcc-99b2-9baedfedba95
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=d638ffff-2c6b-4bcc-99b2-9baedfedba95
Date
Tue, 23 Jan 2024 03:38:35 GMT
Connection
keep-alive
X-CI-RTID
a8c3ca52-c23c-475d-911a-254f5d12ac4e
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 2F96
0
44 B
Image
General
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 Ashburn, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 2F96
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_d269bb32-04bd-499f-9321-dcde753d913c&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
72
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 2F96
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=${us_privacy}&gpp=$&gpp_sid=$&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=wdNRPUCkbr6Y&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
35 B
208 B
Image
General
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=wdNRPUCkbr6Y&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
52.208.7.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-7-68.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://rtb.gumgum.com/usersync?b=pln&i=wdNRPUCkbr6Y&ev=1&gpp_sid=$&gpp=$&us_privacy=${us_privacy}&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-bqwhn
expires
-1
usersync
usersync.gumgum.com/ Frame 2F96
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=4714513488865049119
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=4714513488865049119
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=4714513488865049119
date
Tue, 23 Jan 2024 03:38:35 GMT
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 2F96
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_d269bb32-04bd-499f-9321-dcde753d913c
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AS85Z79YKVCZGB5BRRJE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
prebid
ads.yieldmo.com/exchange/
0
220 B
Fetch
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-5327c943-1992-4d6a-a6d8-9b7622d89dab_5_1_ad%22%2C%22callback_id%22%3A%22130143312b4a40a9%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%223361241939151101975%22%2C%22gpid%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1%22%2C%22tid%22%3A%22cc6645e9-da5c-4745-9424-99149601d910%22%2C%22auctionId%22%3A%22e190d3fd-59cd-43b1-9ec6-18d8905ac0c6%22%7D%5D&page_url=https%3A%2F%2Ffolkd.com%2F&bust=1705981115031&dnt=false&description=Folkd%20is%20a%20leading%20social%20bookmarking%20app.%20Since%202006%2C%20over%208%20million%20people%20have%20used%20Folkd%20to%20store%2C%20organize%20and%20share%20their%20favorite%20links.%20Join%20them%20today%20for%20free.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Bookmarks%20are%20%E2%9D%A4%EF%B8%8F%F0%9F%9A%80%F0%9F%92%AF!&w=1600&h=1200&pubcid=e7e38ac1-9171-4bdb-9809-cc3a95321041&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%225d65a9fa-c3bc-4e73-b569-1a8af1e68dc7%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e7e38ac1-9171-4bdb-9809-cc3a95321041%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebidvideo
ads.yieldmo.com/exchange/
0
349 B
Fetch
General
Full URL
https://ads.yieldmo.com/exchange/prebidvideo
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
fastlane.json
fastlane.rubiconproject.com/a/api/
441 B
475 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=2&p_pos=btf&rp_schain=1.0,1!monumetric.com,5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7,1,,,&eid_pubcid.org=e7e38ac1-9171-4bdb-9809-cc3a95321041%5E1&rf=https%3A%2F%2Ffolkd.com%2F&tg_i.domain=folkd.com&tg_i.page=https%3A%2F%2Ffolkd.com%2F&tg_i.cat=239%2C264&tg_i.cattax=6&tg_i.id=5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1&tk_flint=pbjs_lite_v8.12.0&x_source.tid=e190d3fd-59cd-43b1-9ec6-18d8905ac0c6&l_pb_bid_id=132e1084ad6ef0e1&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=cc6645e9-da5c-4745-9424-99149601d910&rp_maxbids=1&p_gpid=%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1&slots=1&rand=0.16924779605390938
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
447e9b8778c1b139bd832a92b109ff3c82781560d0506936be0a425edc2f46ed

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
441
expires
Wed, 17 Sep 1975 21:32:10 GMT
hb-mm-multi
hb.minutemedia-prebid.com/
85 B
421 B
Fetch
General
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.76.118.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-118-59.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
0b982f82e7d031b53e2c22bc9f801136d292006fd6ec9ee99ea29cb019a4f220

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
server
istio-envoy
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://folkd.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
7
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
prebidjs
rtb.openx.net/openrtbb/
53 B
95 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
6084b0863d2638b03e367ba2c2e433a4d8ccfd0cd6fa0002f5267dbe7a1a4579

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/
53 B
95 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
034c16236433799b4f923c21b40a67179a6f991f4046fdc2f45b84a24e01bc1c

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
v2
e.serverbid.com/api/
16 B
201 B
Fetch
General
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
translator
hbopenbid.pubmatic.com/
0
53 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/
13 KB
7 KB
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=201336
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ba39b9ef4e9b0df8dbf65358a647f657b882b43da1171a3baf95428d2b71c6c

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ixlDPg67QDm6hq5BUumg%2FZxg86os4Djhz%2FyJOd5BLGOpR5J5L1snc4nndJmvymd12OQMcRaTxlziRxD1bkHhqeXB%2B%2FBQDIIpaS9oGByCB%2BCRNxF7Ts34jAFU%2Bj2xdS2Nk7Rixl2"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
849d0131096a4d22-FRA
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/
38 B
598 B
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=201336
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89b173278c5636bfcf7d1ffc6cc82622f8a454305c5fdd2be6641bb338aff31d

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUk6x7pAQWbfMwXanXSNFulnftPcTbD7Pb13loffas29NUN6zj8YCsf9DnAcxFaPX0Ym5Defk8lmwHM9y6RqRmfsQPVGolvSUx%2FeE6PWpizvG49AHpZGKTf4BO800WASlbwp99cd"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
849d0131096b4d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
prebid
prebid.media.net/rtb/
1 KB
592 B
Fetch
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
3014b3817b109cdaf90cd9166e666a3198727b99ba998777ce5f24ca299eeb72

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://folkd.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
45
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 03:38:35 GMT
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/
0
655 B
Fetch
General
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.191.36.239 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
107.191.36.239.vultrusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:35 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
prebid
ib.adnxs.com/ut/v3/
140 B
1 KB
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
5d4b2b6fd44a65a28fbe37387e0fe0a7a523ed85b488f1e915f0e6e92c4de866
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
an-x-request-uuid
afb32118-ca30-41b8-acfd-56009f74794c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://folkd.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
149.88.27.82; 149.88.27.82; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/
0
210 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:34 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
v3
id5-sync.com/gm/
319 B
594 B
XHR
General
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
6b6138f440c1bca2cc9ef6522b0d324219659eaf2d10140bcc9903c066eaba21
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
ads
securepubads.g.doubleclick.net/gampad/
30 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3801837833584460&correlator=3423972609449822&eid=31079957%2C31080496%2C31079724&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fifs&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=3&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3Dd73a653a13f2f49f%3AT%3D1705981113%3ART%3D1705981113%3AS%3DALNI_Mb1JF_cD5eBfkgoBO3S1ziePAa9sA&gpic=UID%3D00000d47b8500e9b%3AT%3D1705981113%3ART%3D1705981113%3AS%3DALNI_MbfupWRtW_bgqrzZWS6Cr1ei-ta8w&abxe=1&dt=1705981115048&lmt=1705981115&adxs=386&adys=1024&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&psts=AOrYGsman6824urSO2NodxDYNpWvkpYVgvY6Rcgio3v1ixjb%2CAOrYGsl3Hc4o5wg9SoAhEKvUAWsLv5DJovfl6w3SR3khPRamDwtaAV24df3rwELmsuAfDFKxeojKzAILJAM3CXj31-7UOA&ga_vid=1374325086.1705981113&ga_sid=1705981114&ga_hid=827497303&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABi165ej0zFIABI7CgpwdWJjaWQub3JnEiRlN2UzOGFjMS05MTcxLTRiZGItOTgwOS1jYzNhOTUzMjEwNDEY9uqXo9MxSAASHQoOZXNwLmNyaXRlby5jb20Y0-qXo9MxSABSAghkEj4KBW9wZW54EixleUpwSWpvaWNFNXBjRWhVUldwVVdpdFdNMFl5TW0xdWNuQTFVVDA5SW4wPRjQ7pej0zFIABIZCgp1aWRhcGkuY29tGNPql6PTMUgAUgIIZBKuAQoIcnRiaG91c2USmAFydGhyUkJKaFNnQ0hDcDh3U1FNem9GUXBNQlhGS21CYys1NmRaQWR2SVNwNEcxYmowWFFxNnYrREZuaWxWRTkxWkF6R0pqMVEwcVQrNHk1YkV1VnRYYlZHT3VZOVVxdDVtaGVRWGl2Sm0xR0dCbVhRekJMSTU5VXdWNnlwQldDeUdjKyszTkpOZEx3VVYvU0YwejBlU0E9PRih7Jej0zFIABIbCgxpZDUtc3luYy5jb20Ym-uXo9MxSABSAghq&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D1%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26bidder_responseTime%3Dix_300%26auction_id%3D95df399e-cc71-4633-9afb-6d62e4fb6bbc%26monu_df%3D0.05%26safeframe%3Dtrue%26bid_source%3Dclient%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_adid%3D27367639da8a58a3%26hb_bidder%3Dix%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Ddf%26provider_performance%3Dix_notchrome_0.05%26context%3D3_ZH_notchrome%26browser_hour_refresh%3Dundefined_3_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26big4%3Dfalse%26iabCategory%3D264%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=3732199864&frm=20&eo_id_str=ID%3Dd583b5ec4e3a5c9c%3AT%3D1705981113%3ART%3D1705981113%3AS%3DAA-AfjZMvcohb3uIGzb4FJhEix2b
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70cd3cbe11ac9c35869a07f5c0a2cdcf02246d56e0621c61a8e6c88e8e915293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12984
x-xss-protection
0
google-lineitem-id
6125550888
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138406914014
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame A82F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=7283273328877549246&gdpr=&gdpr_consent=
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=7283273328877549246&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 23 Jan 2024 03:38:35 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 23 Jan 2024 03:38:35 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=7283273328877549246&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 8B88
170 B
232 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9kMjY5YmIzMi0wNGJkLTQ5OWYtOTMyMS1kY2RlNzUzZDkxM2M=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CBB8
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=154861
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 23 Jan 2024 03:38:35 GMT
expires
Wed, 24 Jan 2024 22:39:36 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 63D5
70 B
148 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Tue, 23 Jan 2024 03:38:35 GMT
server
Kestrel
usersync
usersync.gumgum.com/ Frame 6D8B
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Za80u8Co8YwAAEQbjwAAAAAA
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Za80u8Co8YwAAEQbjwAAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 23 Jan 2024 03:38:35 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 03:38:35 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Za80u8Co8YwAAEQbjwAAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
5
X-SO-Cluster-ID
0
X-SO-HostName
m-ad1020.dc4p.scaleout.jp
X-SO-IP
149.88.27.82
X-SO-Key
Za80u8Co8YwAAEQbjwAAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"149.88.27.82","key":"Za80u8Co8YwAAEQbjwAAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad1020"}
X-SO-LB-Hostname
m-tgng40.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad1020
usersync
usersync.gumgum.com/ Frame F8FB
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&pi=gumgum&tc=1
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 23 Jan 2024 03:38:35 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 23 Jan 2024 03:38:35 GMT Tue, 23 Jan 2024 03:38:35 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 1224
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Jan 2024 03:38:35 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 23 Jan 2024 03:38:35 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
c
prebid.a-mo.net/a/
0
210 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:34 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
hb-mm-multi
hb.minutemedia-prebid.com/
85 B
421 B
Fetch
General
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.76.118.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-118-59.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
855fbcb56b6e252f45b6a73df7d68271e5b2f72364bb41275bc758a3feae96cc

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
server
istio-envoy
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://folkd.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/
0
659 B
Fetch
General
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.191.36.239 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
107.191.36.239.vultrusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:35 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
prebid
ib.adnxs.com/ut/v3/
140 B
1 KB
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
9e7c8ac15d173afeaa02e877a55f1aa4e5439ecd3497133a4c0a634aec205b90
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
an-x-request-uuid
e05c7cec-700d-4627-ab44-f8dd0d47a7d2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://folkd.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
149.88.27.82; 149.88.27.82; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/
53 B
95 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4b03483d15f80c82ab2302a3efb783b0de11addd91853aa8a67a596a5e0ffb13

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/
53 B
95 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e6e797a73fabcaffa3f52f68f3a8a9cdd19e4b836059fbd9cb5a3041ae67b516

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
translator
hbopenbid.pubmatic.com/
0
53 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/
1 KB
2 KB
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=201336
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68c40c9594bb42468224a2c2d5a909c7e72175a5ac74c88028b8dc7b50593a44

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfTlO7BPIoWwTSG%2B1oNmv2VAJ9RE5RnErtiPfT53ABkBN0NI%2BYRCIPklujN%2FHRQ8pVAmrJRYleiBk11fHMaOJ8e6lj72lf02GcYDfbBWTs6ai%2BICvzbKd7So1tFDStyj5ftPrsXy"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
849d0131297b4d22-FRA
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/
38 B
606 B
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=201336
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa91beed35405bce612652d7ef5b7255e8120bd6bc00aa0f13b3f42f5af970e0

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxxnvMEiere1yLgH0jhRBcuUeNxJZ789nltZUV%2BtpsCsybW%2BOLlZ%2FPfPlaZj1p%2BfX1SXXknqcrgPKQuI7LA5HKaCzHvp4Fd%2FFOEz4pU71zEHANsp6KhYofPZ74DKI8drfAYIuACj"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
849d0131297d4d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
prebid
prebid.media.net/rtb/
1 KB
595 B
Fetch
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
83a84b394923bf33971950d604b0f97952acb960e30b3c05926d80659c480188

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://folkd.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
38
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 03:38:35 GMT
v2
e.serverbid.com/api/
16 B
224 B
Fetch
General
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
fastlane.json
fastlane.rubiconproject.com/a/api/
441 B
475 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=2&p_pos=btf&rp_schain=1.0,1!monumetric.com,5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7,1,,,&eid_pubcid.org=e7e38ac1-9171-4bdb-9809-cc3a95321041%5E1&rf=https%3A%2F%2Ffolkd.com%2F&tg_i.domain=folkd.com&tg_i.page=https%3A%2F%2Ffolkd.com%2F&tg_i.cat=239%2C264&tg_i.cattax=6&tg_i.id=5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1&tk_flint=pbjs_lite_v8.12.0&x_source.tid=ec163274-6dc7-49ae-bbf7-ea8e7773eba7&l_pb_bid_id=174fcb4e3eb5eb59&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=173a4eb3-a38f-4184-a67d-93e10d944db4&rp_maxbids=1&p_gpid=%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1&slots=1&rand=0.005328538599241428
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c2a2aded5bca356748af4ad6c29a153636c5d6dc399ab405a43e1cdc101d0607

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
441
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ads.yieldmo.com/exchange/
0
220 B
Fetch
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-5327c943-1992-4d6a-a6d8-9b7622d89dab_6_1_ad%22%2C%22callback_id%22%3A%2217647994bf320777%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%223361241939151101975%22%2C%22gpid%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1%22%2C%22tid%22%3A%22173a4eb3-a38f-4184-a67d-93e10d944db4%22%2C%22auctionId%22%3A%22ec163274-6dc7-49ae-bbf7-ea8e7773eba7%22%7D%5D&page_url=https%3A%2F%2Ffolkd.com%2F&bust=1705981115057&dnt=false&description=Folkd%20is%20a%20leading%20social%20bookmarking%20app.%20Since%202006%2C%20over%208%20million%20people%20have%20used%20Folkd%20to%20store%2C%20organize%20and%20share%20their%20favorite%20links.%20Join%20them%20today%20for%20free.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Bookmarks%20are%20%E2%9D%A4%EF%B8%8F%F0%9F%9A%80%F0%9F%92%AF!&w=1600&h=1200&pubcid=e7e38ac1-9171-4bdb-9809-cc3a95321041&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%225d65a9fa-c3bc-4e73-b569-1a8af1e68dc7%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e7e38ac1-9171-4bdb-9809-cc3a95321041%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebidvideo
ads.yieldmo.com/exchange/
0
349 B
Fetch
General
Full URL
https://ads.yieldmo.com/exchange/prebidvideo
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
khaos.json
token.rubiconproject.com/ Frame E12B
7 B
778 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ef823186f233724f4775c0c4b9549d14
Expires
0
ads
securepubads.g.doubleclick.net/gampad/
30 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3801837833584460&correlator=1190111097337657&eid=31079957%2C31080496%2C31079724&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fifs&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=4&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3Dd73a653a13f2f49f%3AT%3D1705981113%3ART%3D1705981113%3AS%3DALNI_Mb1JF_cD5eBfkgoBO3S1ziePAa9sA&gpic=UID%3D00000d47b8500e9b%3AT%3D1705981113%3ART%3D1705981113%3AS%3DALNI_MbfupWRtW_bgqrzZWS6Cr1ei-ta8w&abxe=1&dt=1705981115094&lmt=1705981115&adxs=386&adys=1911&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&psts=AOrYGsman6824urSO2NodxDYNpWvkpYVgvY6Rcgio3v1ixjb%2CAOrYGsl3Hc4o5wg9SoAhEKvUAWsLv5DJovfl6w3SR3khPRamDwtaAV24df3rwELmsuAfDFKxeojKzAILJAM3CXj31-7UOA&ga_vid=1374325086.1705981113&ga_sid=1705981114&ga_hid=827497303&ga_fc=true&a3p=EhoKDWNyd2RjbnRybC5uZXQSABi165ej0zFIABI7CgpwdWJjaWQub3JnEiRlN2UzOGFjMS05MTcxLTRiZGItOTgwOS1jYzNhOTUzMjEwNDEY9uqXo9MxSAASHQoOZXNwLmNyaXRlby5jb20Y0-qXo9MxSABSAghkEj4KBW9wZW54EixleUpwSWpvaWNFNXBjRWhVUldwVVdpdFdNMFl5TW0xdWNuQTFVVDA5SW4wPRjQ7pej0zFIABIZCgp1aWRhcGkuY29tGNPql6PTMUgAUgIIZBKuAQoIcnRiaG91c2USmAFydGhyUkJKaFNnQ0hDcDh3U1FNem9GUXBNQlhGS21CYys1NmRaQWR2SVNwNEcxYmowWFFxNnYrREZuaWxWRTkxWkF6R0pqMVEwcVQrNHk1YkV1VnRYYlZHT3VZOVVxdDVtaGVRWGl2Sm0xR0dCbVhRekJMSTU5VXdWNnlwQldDeUdjKyszTkpOZEx3VVYvU0YwejBlU0E9PRih7Jej0zFIABIbCgxpZDUtc3luYy5jb20Ym-uXo9MxSABSAghq&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D2%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26bidder_responseTime%3Dix_300%26auction_id%3D09c65631-e5db-4616-b11d-a3e483d600d0%26monu_df%3D0.05%26safeframe%3Dtrue%26bid_source%3Dclient%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_adid%3D2742b5d86d40bb0e%26hb_bidder%3Dix%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Ddf%26provider_performance%3Dix_notchrome_0.05%26context%3D3_ZH_notchrome%26browser_hour_refresh%3Dundefined_3_0%26slotOnScreen%3Dfalse&cust_params=page_num%3D0%26big4%3Dfalse%26iabCategory%3D264%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=916294652&frm=20&eo_id_str=ID%3Dd583b5ec4e3a5c9c%3AT%3D1705981113%3ART%3D1705981113%3AS%3DAA-AfjZMvcohb3uIGzb4FJhEix2b
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eec2dc8130f4a9a79e2c11092a898e8360034b0e5acb704d644f8031e807a991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12968
x-xss-protection
0
google-lineitem-id
6125550888
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138406914014
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7C9A
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMDevc22c3dME8IfHqAUEB4udli2rUGdiGbiAy6weMEE6-vOQOqVYcDYdsFQ4byHbhLzMwp3hWawMivu5yCRC7yNFMZ24Sx5TUFa2kZEd_jf9quNtmqq53rtfr_3pWVB6a4qDeVGcCqDkXllMlAjSXgG2FEHGvn1CbMXQdjCv38e6HwkgLIAQdt1dHC3sAelEpgOPwbwrKQ00KfzYNEzHysOiiDkOOEMmmoRpnrCGZhPIBSETuVEbe9QfJVfU1Sc3g_F0Q2lYg2jB5dIGDg1vC8CUGTd7Z_l324gXaypfb_C5P7g-tPzRtp-D874tcOpOoUZ2nDLoAXXWmsoVwdJ83y0GGINLRzyIRUulgfHES-CW7x13CQsIG&sai=AMfl-YTyBIVdvkEPf7ysiXQw_VXHltEbVIm3H4Izcy-T5yfIvCwmMM6nJJl5pmYKGwYdY7IemQMYEruzU_15c1oDauIVI9DZ5s54t86xnP20dcFq4YLjfVLV2b4B1iLZWcg&sig=Cg0ArKJSzEWF948OdWQPEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 1224
40 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cd3bec578049163e4cd3e91e52d55040e999465b011fde978ca10b689317ac4c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 03:38:35 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Jan 2024 09:39:05 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=21582
Connection
keep-alive
Content-Length
10964
Expires
Tue, 23 Jan 2024 09:38:17 GMT
truncated
/ Frame 7C9A
205 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e5a0588e409ca07afce916fbb84095840b819a143b7f8a702caf1b5e714cfa8e

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
track.adform.net/adfscript/ Frame DE85
1 KB
1 KB
Script
General
Full URL
https://track.adform.net/adfscript/?bn=67903450;rtbwp=Za80uQAAAADnlrKcPX5u7ETUO0QXaT2BHJK4lw;rtbdata=W6kvuXQNu86EBnfD9JcxEfjYF229bpUjHubuMhubs0C3xMsNeaE_7YsMS1QbwXumzXPyNOGIAmqYdJkohl9Dl2Z8D7pzFqnXZP4orUHzt_MntkI1FSYiFF__U9FnlqaRKWcHZh-DE2Jp7Vto4vKAkzW0_-F-7GIsR5xeG1R90QYbDD0kU7EUclL9E4BYs1QFXShoco9Eve955yZIP-8ZplXI6hKUTkBTvo2uv1JH9j_sNBY9OFe3B2D0WqQsz4K7k0-z-cOV_gJ4J2NRz8UbEmT0lQkXAT8x0
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9320aefda898669a70165a032d00d6c35e2cae4a232890f3a88e2b628ddea4bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
909
expires
-1
jload
pixel.adsafeprotected.com/ Frame DE85
61 KB
15 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=8095&pubId=182762&chanId=242368&campId=5916627&custom5=1&placementId=32704&custom=700d2db5-01d6-4612-9304-a973ca437258&custom2=folkd.com&custom3=02&planId=300x600&custom4=300x600&adsafe_par&impId=1
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.204.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-204-174.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
27af51639b2ee14d9a43cc3471a9251098eeebf029876e0fb62eed2601513300

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
8ca7b889-1830-4068-81d2-273d98e69625
a5180.casalemedia.com/impression/v2/242368/111/cmnj9edcgamqru70mjgg/ Frame DE85
43 B
303 B
Image
General
Full URL
https://a5180.casalemedia.com/impression/v2/242368/111/cmnj9edcgamqru70mjgg/8ca7b889-1830-4068-81d2-273d98e69625?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1705981713&profileIDs=&creativeID=232a5a2&pubID=182762&format=banner&channel=site
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.91.45.94 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:35 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame CBB8
2 KB
3 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=25311982&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
9f6ca105c08004b8a6ff98cd37eb247552afc816bcb6c2bf74a7e3ea8688653f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 03:38:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
khaos.json
token.rubiconproject.com/ Frame 1224
7 B
778 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ef823186f233724f4775c0c4b9549d14
Expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame E12B
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&khaos=LRPT3VT0-1Y-G0V7
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=LRPT3VT0-1Y-G0V7&ex=d-rubiconproject.com&status=ok
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=LRPT3VT0-1Y-G0V7&ex=d-rubiconproject.com&status=ok
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W9AYD0D00PN4FWSYYB0G
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=LRPT3VT0-1Y-G0V7&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
bcdac959321a8cf7d38f9eb638bfa14f
Expires
0
v2
e.serverbid.com/api/
16 B
201 B
Fetch
General
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
fastlane.json
fastlane.rubiconproject.com/a/api/
441 B
475 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=2&p_pos=btf&rp_schain=1.0,1!monumetric.com,5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7,1,,,&eid_pubcid.org=e7e38ac1-9171-4bdb-9809-cc3a95321041%5E1&rf=https%3A%2F%2Ffolkd.com%2F&tg_i.domain=folkd.com&tg_i.page=https%3A%2F%2Ffolkd.com%2F&tg_i.cat=239%2C264&tg_i.cattax=6&tg_i.id=5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1&tk_flint=pbjs_lite_v8.12.0&x_source.tid=f39a3529-9c3b-43da-8a42-32cb9b200cb8&l_pb_bid_id=18271c9e97de9e76&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=764c1682-a0fa-4efe-9ba2-da4e4db0ee68&rp_maxbids=1&p_gpid=%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1&slots=1&rand=0.4844901901961918
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7fefb9ff941f766fe52bcd325785196ecb8c3644b50133ebb19326bd87066e88

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
441
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebidjs
rtb.openx.net/openrtbb/
53 B
95 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
338c98cab7cd729a00c6bc448747431a19a6ce4e0103b58f090d413e99918740

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/
53 B
95 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
7a9467224c58d93d0b0774ddc39394c6f4aa98aa58900d35c888e077065a4d14

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/
0
653 B
Fetch
General
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.191.36.239 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
107.191.36.239.vultrusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:35 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
pbjs
htlb.casalemedia.com/openrtb/
13 KB
7 KB
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=201336
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55697fbe4c066ae359a6703e8839bcd2ae60c38677d0eda3a4f4d8fea04027c1

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDPbA8JNCoRoUohcvqtQc1oXc1d1CchM%2FRv%2B%2FLr6lHLp6U5tsHK4jWACWj3zmwdIwZTSuYMUYFmErGwIbYzEkVdbujVAfZq%2BXAr9HKTqVOoLfhhiAVEuOtjLXUw9ntDroaJntaj0"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
849d013219ed4d22-FRA
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/
38 B
609 B
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=201336
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b40b551d26b0030a9a2b04187c97f9ea64c619248eb19da2a77863099e061b8

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jHVoS0VFiIWICs%2FFoftFaODoB%2BTC3oZWXLl9ElV%2FShSagIL6rSOxVTFDroTpaTWhJC4nt6x9Xyt95lBIxP7y7%2FLOO%2FH7wQkNah8ePUC53YfLSyyUkNXt%2FmxKjqneIyT0k%2FUhVeN"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
849d013219ee4d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
hb-mm-multi
hb.minutemedia-prebid.com/
85 B
421 B
Fetch
General
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.76.118.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-118-59.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
5035904b964007bb315d2176b66174dbd370107ff5023643c96108af0c564bd6

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
server
istio-envoy
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://folkd.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
prebid
prebid.media.net/rtb/
1 KB
593 B
Fetch
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
e4d8cb7cf484bb7e216b0da5d9785c8af59236e6e26901bc49bb03972bae3892

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://folkd.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
48
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 03:38:35 GMT
prebid
ads.yieldmo.com/exchange/
0
220 B
Fetch
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-5327c943-1992-4d6a-a6d8-9b7622d89dab_7_1_ad%22%2C%22callback_id%22%3A%22194ea6e066dbbdb3%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%223361241939151101975%22%2C%22gpid%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1%22%2C%22tid%22%3A%22764c1682-a0fa-4efe-9ba2-da4e4db0ee68%22%2C%22auctionId%22%3A%22f39a3529-9c3b-43da-8a42-32cb9b200cb8%22%7D%5D&page_url=https%3A%2F%2Ffolkd.com%2F&bust=1705981115208&dnt=false&description=Folkd%20is%20a%20leading%20social%20bookmarking%20app.%20Since%202006%2C%20over%208%20million%20people%20have%20used%20Folkd%20to%20store%2C%20organize%20and%20share%20their%20favorite%20links.%20Join%20them%20today%20for%20free.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Bookmarks%20are%20%E2%9D%A4%EF%B8%8F%F0%9F%9A%80%F0%9F%92%AF!&w=1600&h=1200&pubcid=e7e38ac1-9171-4bdb-9809-cc3a95321041&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%225d65a9fa-c3bc-4e73-b569-1a8af1e68dc7%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e7e38ac1-9171-4bdb-9809-cc3a95321041%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebidvideo
ads.yieldmo.com/exchange/
0
349 B
Fetch
General
Full URL
https://ads.yieldmo.com/exchange/prebidvideo
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
ib.adnxs.com/ut/v3/
140 B
1 KB
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
cb103ba00caae9ca976d9a2db4046ce1172a003776693d40ede1bc93283b6f69
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
an-x-request-uuid
30b16c00-40ab-408e-b2b8-b6a962ea8165
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://folkd.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
149.88.27.82; 149.88.27.82; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/
0
213 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:34 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
8
server
envoy
vary
origin, Accept-Encoding
translator
hbopenbid.pubmatic.com/
0
53 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:34 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
ads
securepubads.g.doubleclick.net/gampad/
30 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3801837833584460&correlator=3664786928941572&eid=31079957%2C31080496%2C31079724&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fifs&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=5&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3Dd73a653a13f2f49f%3AT%3D1705981113%3ART%3D1705981113%3AS%3DALNI_Mb1JF_cD5eBfkgoBO3S1ziePAa9sA&gpic=UID%3D00000d47b8500e9b%3AT%3D1705981113%3ART%3D1705981113%3AS%3DALNI_MbfupWRtW_bgqrzZWS6Cr1ei-ta8w&abxe=1&dt=1705981115217&lmt=1705981115&adxs=386&adys=2798&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&psts=AOrYGsman6824urSO2NodxDYNpWvkpYVgvY6Rcgio3v1ixjb%2CAOrYGsl3Hc4o5wg9SoAhEKvUAWsLv5DJovfl6w3SR3khPRamDwtaAV24df3rwELmsuAfDFKxeojKzAILJAM3CXj31-7UOA&ga_vid=1374325086.1705981113&ga_sid=1705981114&ga_hid=827497303&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Y0-qXo9MxSABSAghkEhsKDGlkNS1zeW5jLmNvbRib65ej0zFIAFICCGoSGgoNY3J3ZGNudHJsLm5ldBIAGLXrl6PTMUgAEjsKCnB1YmNpZC5vcmcSJGU3ZTM4YWMxLTkxNzEtNGJkYi05ODA5LWNjM2E5NTMyMTA0MRj26pej0zFIABIdCg5lc3AuY3JpdGVvLmNvbRjT6pej0zFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pY0U1cGNFaFVSV3BVV2l0V00wWXlNbTF1Y25BMVVUMDlJbjA9GNDul6PTMUgAEq4BCghydGJob3VzZRKYAXJ0aHJSQkpoU2dDSENwOHdTUU16b0ZRcE1CWEZLbUJjKzU2ZFpBZHZJU3A0RzFiajBYUXE2ditERm5pbFZFOTFaQXpHSmoxUTBxVCs0eTViRXVWdFhiVkdPdVk5VXF0NW1oZVFYaXZKbTFHR0JtWFF6QkxJNTlVd1Y2eXBCV0N5R2MrKzNOSk5kTHdVVi9TRjB6MGVTQT09GKHsl6PTMUgA&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D3%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26bidder_responseTime%3Dix_200%26auction_id%3Dfba54e24-7649-4431-85ea-156e1c3eccc3%26monu_df%3D0.05%26safeframe%3Dtrue%26bid_source%3Dclient%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_adid%3D275a6971db6b70d6%26hb_bidder%3Dix%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Ddf%26provider_performance%3Dix_notchrome_0.05%26context%3D3_ZH_notchrome%26browser_hour_refresh%3Dundefined_3_0%26slotOnScreen%3Dfalse&cust_params=page_num%3D0%26big4%3Dfalse%26iabCategory%3D264%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2417649779&frm=20&eo_id_str=ID%3Dd583b5ec4e3a5c9c%3AT%3D1705981113%3ART%3D1705981113%3AS%3DAA-AfjZMvcohb3uIGzb4FJhEix2b
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
377fa40bcc16e031bad01562506feb40b10cec35205d816efa8234f52a44ec2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12980
x-xss-protection
0
google-lineitem-id
6125550888
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138407555860
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 1224
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LRPT3VT0-1Y-G0V7
  • https://usersync.gumgum.com/usersync?b=mag&i=LRPT3VT0-1Y-G0V7
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LRPT3VT0-1Y-G0V7
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LRPT3VT0-1Y-G0V7
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3db54fddb1cb324ce2cdd5a6ec3dc2dd
Expires
0
bootstrap.js
s1.adform.net/stoat/631/s1.adform.net/ Frame DE85
37 KB
17 KB
Script
General
Full URL
https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=67903450;rtbwp=Za80uQAAAADnlrKcPX5u7ETUO0QXaT2BHJK4lw;rtbdata=W6kvuXQNu86EBnfD9JcxEfjYF229bpUjHubuMhubs0C3xMsNeaE_7YsMS1QbwXumzXPyNOGIAmqYdJkohl9Dl2Z8D7pzFqnXZP4orUHzt_MntkI1FSYiFF__U9FnlqaRKWcHZh-DE2Jp7Vto4vKAkzW0_-F-7GIsR5xeG1R90QYbDD0kU7EUclL9E4BYs1QFXShoco9Eve955yZIP-8ZplXI6hKUTkBTvo2uv1JH9j_sNBY9OFe3B2D0WqQsz4K7k0-z-cOV_gJ4J2NRz8UbEmT0lQkXAT8x0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3e172351681175a64b1e409719b4e5275cce06c8620547ce26fe08f6a669198e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
last-modified
Tue, 19 Dec 2023 10:28:27 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 19 Jan 2024 16:52:30 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D39D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:453465af-34bc-4f00-bef5-1fd5677e3338&gdpr=0&gdpr_consent=
42 B
210 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:453465af-34bc-4f00-bef5-1fd5677e3338&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 23 Jan 2024 03:38:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 23 Jan 2024 03:38:35 GMT
Expires
Tue, 23 Jan 2024 03:38:34 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1353 054fd0e master ord ord-pixel-x21 config_version:"3754"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:453465af-34bc-4f00-bef5-1fd5677e3338&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 7DEE
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
245 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 23 Jan 2024 03:38:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:34 GMT
expires
Tue, 23 Jan 2024 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1089530
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame D7E6
43 B
855 B
Document
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 23 Jan 2024 03:38:35 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
X4JYJ9GRJMN8DP2T25XQ
Pug
image2.pubmatic.com/AdServer/ Frame ECE7
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0xYvLtYXLHHIGnophhVjKoNGenDIGnd-0xtxOLQS
42 B
420 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0xYvLtYXLHHIGnophhVjKoNGenDIGnd-0xtxOLQS
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 23 Jan 2024 03:38:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 23 Jan 2024 03:38:35 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=0xYvLtYXLHHIGnophhVjKoNGenDIGnd-0xtxOLQS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
usersync
usersync.gumgum.com/ Frame 24F7
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=7BC00642-7252-4DDF-B9FE-EF913FD24BAB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 23 Jan 2024 03:38:35 GMT
Expires
0
Pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CBB8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=e8AGQnJSTd-5_u-RP9JLqw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=154861
accept-ranges
bytes
content-length
5622
expires
Wed, 24 Jan 2024 22:39:36 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame CBB8
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.162.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-162-23.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.4.40
content-length
49
expires
0
cr
cr.frontend.weborama.fr/ Frame CBB8
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=919270194
0
45 B
Image
General
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=919270194
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
via
1.1 google
last-modified
Tue, 23 Jan 2024 03:38:35 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
via
1.1 google
last-modified
Tue, 23 Jan 2024 03:38:35 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=919270194
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame CBB8
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Mm05ZlVicy05MUdUNUsxTnZrdUIwbzJrUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=7283273328877549246&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B
Image
General
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Server
52.209.41.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-41-250.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 03:38:35 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Tue, 23 Jan 2024 03:38:35 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame CBB8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0JDMDA2NDItNzI1Mi00RERGLUI5RkUtRUY5MTNGRDI0QkFC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 23 Jan 2024 03:38:34 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame CBB8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEK3WkY1n4K7ewVg1dO4NeN0&google_cver=1
42 B
345 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEK3WkY1n4K7ewVg1dO4NeN0&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 23 Jan 2024 03:38:34 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEK3WkY1n4K7ewVg1dO4NeN0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame CBB8
43 B
612 B
Image
General
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 22 Jan 2024 03:38:35 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CBB8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7283273328877549246
42 B
323 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7283273328877549246
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 23 Jan 2024 03:38:34 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7283273328877549246
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame CBB8
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
server
Kestrel
content-length
70
content-type
image/gif
7BC00642-7252-4DDF-B9FE-EF913FD24BAB
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame CBB8
43 B
601 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/7BC00642-7252-4DDF-B9FE-EF913FD24BAB?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:a6fa:b563:be0e:7526 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
c
prebid.a-mo.net/a/
0
210 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:34 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
fastlane.json
fastlane.rubiconproject.com/a/api/
441 B
475 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=2&p_pos=btf&rp_schain=1.0,1!monumetric.com,5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7,1,,,&eid_pubcid.org=e7e38ac1-9171-4bdb-9809-cc3a95321041%5E1&rf=https%3A%2F%2Ffolkd.com%2F&tg_i.domain=folkd.com&tg_i.page=https%3A%2F%2Ffolkd.com%2F&tg_i.cat=239%2C264&tg_i.cattax=6&tg_i.id=5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1&tk_flint=pbjs_lite_v8.12.0&x_source.tid=4c4680e7-2639-452c-b4e4-000a5afd51be&l_pb_bid_id=204df2c6c835bc31&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=8779a9b7-589c-4769-aed2-a8fc6a431818&rp_maxbids=1&p_gpid=%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1&slots=1&rand=0.6508774619347577
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
62d9a6327f0a3dc8d6a8b08306b1bf7f051ccd6cac72dc01bd3ffa1aaa585970

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
441
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebidjs
rtb.openx.net/openrtbb/
53 B
95 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
832e8a9433137280a40c993f882c3db72bab007b84e4752f623fa0bae2afde41

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/
53 B
95 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
5f7754a2dce9b1ba53728c773a4ff81b35f6662cdf89f6dea717c85c79191c94

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ib.adnxs.com/ut/v3/
140 B
1 KB
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4e9c4c488c8dcdc7a4e211f20f5234edb2632adbbac8626047abad68abd80ed0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
an-x-request-uuid
b57636ae-358c-4237-8623-ae2cddb2bff3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://folkd.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
149.88.27.82; 149.88.27.82; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
hb-mm-multi
hb.minutemedia-prebid.com/
85 B
421 B
Fetch
General
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.76.118.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-118-59.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
ff3f9a64105bc41cf93ca8e620e907d68e8969361dfc7c56c0d74340a26b865f

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
server
istio-envoy
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://folkd.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
pbjs
htlb.casalemedia.com/openrtb/
1 KB
2 KB
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=201336
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
260b762c98bed6aff9c0a2814be9ade28c45cd1a1f0a4acf56c6bcf3fffdc2bd

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4DuWcoeMS3%2Fl5U5%2Fm4GQ87%2FT%2BrYonFqtYtbrjuWO4P0kef7bP%2F1FkxFAihAwEzfZBAZ9NIWMcJh7Qj2sSHrLukX8vewIOvtub%2BKrRxyHCasH3U%2FQzjmYJoGLN9g9mP8Nt%2FnlLBBr"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
849d01328a494d22-FRA
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/
38 B
608 B
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=201336
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de8712eddc4c1d3e8a057b4cd76cb1402addd39fc80d9a92e8eeab00a435833d

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXO2sCA5%2FThA0I97%2BZYr9fMEN1C6U7c%2F4an6qAChe7NiMiATGpb0lDiL5raL2fL%2FENz9Cce8a2OBADKJns3kQEirdTXlraNlFBlfNJkhUqXH%2ByrHx5Tw%2BqLgrdX%2BegvEWU%2FcOt8b"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
849d01328a4b4d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
prebid
ads.yieldmo.com/exchange/
0
220 B
Fetch
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-5327c943-1992-4d6a-a6d8-9b7622d89dab_8_1_ad%22%2C%22callback_id%22%3A%22214de541b4d7f735%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%223361241939151101975%22%2C%22gpid%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1%22%2C%22tid%22%3A%228779a9b7-589c-4769-aed2-a8fc6a431818%22%2C%22auctionId%22%3A%224c4680e7-2639-452c-b4e4-000a5afd51be%22%7D%5D&page_url=https%3A%2F%2Ffolkd.com%2F&bust=1705981115279&dnt=false&description=Folkd%20is%20a%20leading%20social%20bookmarking%20app.%20Since%202006%2C%20over%208%20million%20people%20have%20used%20Folkd%20to%20store%2C%20organize%20and%20share%20their%20favorite%20links.%20Join%20them%20today%20for%20free.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Bookmarks%20are%20%E2%9D%A4%EF%B8%8F%F0%9F%9A%80%F0%9F%92%AF!&w=1600&h=1200&pubcid=e7e38ac1-9171-4bdb-9809-cc3a95321041&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%225d65a9fa-c3bc-4e73-b569-1a8af1e68dc7%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e7e38ac1-9171-4bdb-9809-cc3a95321041%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebidvideo
ads.yieldmo.com/exchange/
0
349 B
Fetch
General
Full URL
https://ads.yieldmo.com/exchange/prebidvideo
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
prebid.media.net/rtb/
1 KB
593 B
Fetch
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
6c9ae1b881d1f06dd17621644c14516b7a5225287ad5bb84a8d88d65ef40e8f7

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://folkd.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
37
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 03:38:35 GMT
v2
e.serverbid.com/api/
16 B
201 B
Fetch
General
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
translator
hbopenbid.pubmatic.com/
0
53 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/
0
661 B
Fetch
General
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.191.36.239 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
107.191.36.239.vultrusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:35 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
ads
securepubads.g.doubleclick.net/gampad/
30 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3801837833584460&correlator=257042585845627&eid=31079957%2C31080496%2C31079724&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fifs&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=6&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3Dd73a653a13f2f49f%3AT%3D1705981113%3ART%3D1705981113%3AS%3DALNI_Mb1JF_cD5eBfkgoBO3S1ziePAa9sA&gpic=UID%3D00000d47b8500e9b%3AT%3D1705981113%3ART%3D1705981113%3AS%3DALNI_MbfupWRtW_bgqrzZWS6Cr1ei-ta8w&abxe=1&dt=1705981115285&lmt=1705981115&adxs=386&adys=4158&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&psts=AOrYGsman6824urSO2NodxDYNpWvkpYVgvY6Rcgio3v1ixjb%2CAOrYGsl3Hc4o5wg9SoAhEKvUAWsLv5DJovfl6w3SR3khPRamDwtaAV24df3rwELmsuAfDFKxeojKzAILJAM3CXj31-7UOA&ga_vid=1374325086.1705981113&ga_sid=1705981114&ga_hid=827497303&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Y0-qXo9MxSABSAghkEhsKDGlkNS1zeW5jLmNvbRib65ej0zFIAFICCGoSGgoNY3J3ZGNudHJsLm5ldBIAGLXrl6PTMUgAEjsKCnB1YmNpZC5vcmcSJGU3ZTM4YWMxLTkxNzEtNGJkYi05ODA5LWNjM2E5NTMyMTA0MRj26pej0zFIABIdCg5lc3AuY3JpdGVvLmNvbRjT6pej0zFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pY0U1cGNFaFVSV3BVV2l0V00wWXlNbTF1Y25BMVVUMDlJbjA9GNDul6PTMUgAEq4BCghydGJob3VzZRKYAXJ0aHJSQkpoU2dDSENwOHdTUU16b0ZRcE1CWEZLbUJjKzU2ZFpBZHZJU3A0RzFiajBYUXE2ditERm5pbFZFOTFaQXpHSmoxUTBxVCs0eTViRXVWdFhiVkdPdVk5VXF0NW1oZVFYaXZKbTFHR0JtWFF6QkxJNTlVd1Y2eXBCV0N5R2MrKzNOSk5kTHdVVi9TRjB6MGVTQT09GKHsl6PTMUgA&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D5%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26bidder_responseTime%3Dix_100%26auction_id%3De190d3fd-59cd-43b1-9ec6-18d8905ac0c6%26monu_df%3D0.05%26safeframe%3Dtrue%26bid_source%3Dclient%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_adid%3D27701dc4ad8536d4%26hb_bidder%3Dix%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Ddf%26provider_performance%3Dix_notchrome_0.05%26context%3D3_ZH_notchrome%26browser_hour_refresh%3Dundefined_3_0%26slotOnScreen%3Dfalse&cust_params=page_num%3D0%26big4%3Dfalse%26iabCategory%3D264%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=1521238350&frm=20&eo_id_str=ID%3Dd583b5ec4e3a5c9c%3AT%3D1705981113%3ART%3D1705981113%3AS%3DAA-AfjZMvcohb3uIGzb4FJhEix2b
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7045daaa7d715a99fc1108627a8bd5c97beb77fd01d5df6a453eaaeea3d6aae4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12979
x-xss-protection
0
google-lineitem-id
6125550888
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138407555845
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame E12B
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
server
Kestrel
content-length
70
content-type
image/gif
ecm3
s.amazon-adsystem.com/ Frame E12B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=7x45vUvsTWS2TclJka2AtA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7x45vUvsTWS2TclJka2AtA
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7x45vUvsTWS2TclJka2AtA
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
20PEBJWQTBWTZMX7W0ZA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=7x45vUvsTWS2TclJka2AtA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame E12B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRPT3VT0-1Y-G0V7
0
651 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRPT3VT0-1Y-G0V7
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 9C3629EF314F4EA49CAA742368D4F274 Ref B: DUS30EDGE0311 Ref C: 2024-01-23T03:38:35Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYPlK5hlCIBmo/x0ViYIQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LRPT3VT0-1Y-G0V7
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ef823186f233724f4775c0c4b9549d14
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame E12B
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZIggZOwqQR6LvxwIm41itQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZIggZOwqQR6LvxwIm41itQ
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZIggZOwqQR6LvxwIm41itQ
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
62F5RM31Z6WK5YH2WHY4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=ZIggZOwqQR6LvxwIm41itQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame E12B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODNmOTNiZjgyOWYzYzkyODVmZWQ5OWUxNmRlNzU4M2Q0Mzc5ZDRmMw
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODNmOTNiZjgyOWYzYzkyODVmZWQ5OWUxNmRlNzU4M2Q0Mzc5ZDRmMw
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODNmOTNiZjgyOWYzYzkyODVmZWQ5OWUxNmRlNzU4M2Q0Mzc5ZDRmMw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ef823186f233724f4775c0c4b9549d14
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame E12B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/QuChWFeDdElCymB6W5cPEcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_ucyNNtE2oIMfnGRAwnWOGG.yeU7SesZu4firA--~A
42 B
844 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_ucyNNtE2oIMfnGRAwnWOGG.yeU7SesZu4firA--~A
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 23 Jan 2024 03:38:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-_ucyNNtE2oIMfnGRAwnWOGG.yeU7SesZu4firA--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame E12B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LRPT3VT0-1Y-G0V7&ex=d-rubiconproject.com&status=ok
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=LRPT3VT0-1Y-G0V7&ex=d-rubiconproject.com&status=ok
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7EX9A2F912QS96SMM38B
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LRPT3VT0-1Y-G0V7&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3db54fddb1cb324ce2cdd5a6ec3dc2dd
Expires
0
tap.php
pixel.rubiconproject.com/ Frame E12B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKO1KRDVYfjR7X2Ye5Pyypo&google_cver=1
42 B
844 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKO1KRDVYfjR7X2Ye5Pyypo&google_cver=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKO1KRDVYfjR7X2Ye5Pyypo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E12B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJQVDNWVDAtMVktRzBWNw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGVvr48SfLfDNR0WMwEoiFQ&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJQVDNWVDAtMVktRzBWNw==&google_push=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJQVDNWVDAtMVktRzBWNw==&google_push=
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJQVDNWVDAtMVktRzBWNw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3db54fddb1cb324ce2cdd5a6ec3dc2dd
Expires
0
tap.php
pixel.rubiconproject.com/ Frame E12B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAACx07LXmkAABMh1hX3Cw&expires=30
42 B
844 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAACx07LXmkAABMh1hX3Cw&expires=30
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAACx07LXmkAABMh1hX3Cw&expires=30
Date
Tue, 23 Jan 2024 03:38:35 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
v1
match.sharethrough.com/sync/ Frame E12B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRPT3VT0-1Y-G0V7
0
35 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRPT3VT0-1Y-G0V7
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
3.64.96.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-96-203.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LRPT3VT0-1Y-G0V7
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3db54fddb1cb324ce2cdd5a6ec3dc2dd
Expires
0
magnite
prebid.a-mo.net/setuid/ Frame E12B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LRPT3VT0-1Y-G0V7
0
108 B
Image
General
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LRPT3VT0-1Y-G0V7
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:34 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LRPT3VT0-1Y-G0V7
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3db54fddb1cb324ce2cdd5a6ec3dc2dd
Expires
0
liveCS.php
live.primis.tech/live/ Frame E12B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRPT3VT0-1Y-G0V7
0
526 B
Image
General
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRPT3VT0-1Y-G0V7
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
2600:9000:25a2:1200:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
via
1.1 ca6974974a9175b71fb6a84145111ed2.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
ZRH55-P1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
nHA43u0PqI77hbdZ697jxZmrlTaqbx72rkXTUPxiZZ8F_1pBm2IPbg==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LRPT3VT0-1Y-G0V7
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
tap.php
pixel.rubiconproject.com/ Frame E12B
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ae402316-816b-45b5-988c-f85dbb27b1e3&expires=30
42 B
844 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ae402316-816b-45b5-988c-f85dbb27b1e3&expires=30
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=ae402316-816b-45b5-988c-f85dbb27b1e3&expires=30
Date
Tue, 23 Jan 2024 03:38:35 GMT
Connection
keep-alive
X-CI-RTID
74215ee0-3a02-4693-b827-21ea84022e23
Content-Length
144
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame E12B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRPT3VT0-1Y-G0V7
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRPT3VT0-1Y-G0V7
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
an-x-request-uuid
0e86779c-6d5d-4a82-817b-6e1105ca02a5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
149.88.27.82; 149.88.27.82; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LRPT3VT0-1Y-G0V7
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
cksync
hb.yahoo.net/ Frame E12B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LRPT3VT0-1Y-G0V7&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LRPT3VT0-1Y-G0V7&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1seEtpQlhORTJ1RnQ5WFJTbndPLnp6cURpUUxzS1VidH5B&ovsid=LRPT3VT0-1Y-G0V7&dpid=58160
56 B
319 B
Image
General
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1seEtpQlhORTJ1RnQ5WFJTbndPLnp6cURpUUxzS1VidH5B&ovsid=LRPT3VT0-1Y-G0V7&dpid=58160
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_gg_rbd_n-Beeswax_an-db5_n-adYouLike_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
23.48.23.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 23 Jan 2024 03:38:35 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
56
x-mnet-hl2
E
expires
Tue, 23 Jan 2024 03:38:35 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1seEtpQlhORTJ1RnQ5WFJTbndPLnp6cURpUUxzS1VidH5B&ovsid=LRPT3VT0-1Y-G0V7&dpid=58160
date
Tue, 23 Jan 2024 03:38:35 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
container.html
428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B1D1
6 KB
3 KB
Document
General
Full URL
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:33 GMT
expires
Wed, 22 Jan 2025 03:38:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
fastlane.json
fastlane.rubiconproject.com/a/api/
441 B
475 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=2&p_pos=btf&rp_schain=1.0,1!monumetric.com,5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7,1,,,&eid_pubcid.org=e7e38ac1-9171-4bdb-9809-cc3a95321041%5E1&rf=https%3A%2F%2Ffolkd.com%2F&tg_i.domain=folkd.com&tg_i.page=https%3A%2F%2Ffolkd.com%2F&tg_i.cat=239%2C264&tg_i.cattax=6&tg_i.id=5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1&tk_flint=pbjs_lite_v8.12.0&x_source.tid=5d543e45-13ef-443e-95e9-71230b1bd131&l_pb_bid_id=226332d561b7c9a1&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=3e6936af-8a3b-443c-ab48-2dbc48435889&rp_maxbids=1&p_gpid=%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1&slots=1&rand=0.7867711804103563
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
22fc0ddb24d8efc04575d1109ca34ed78029eda8fa355df702a163debb5aadd2

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
441
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebidjs
rtb.openx.net/openrtbb/
53 B
95 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
78efd3407a2d6c9b8f8c13b80320ee60d368a7119b3687bbc2c658581e77a888

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/
53 B
95 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
3b957145b6c0cab6ddebf4819ef457d4bc415cf0ac0ee726e1b7a874422ce3ce

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/
0
651 B
Fetch
General
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.191.36.239 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
107.191.36.239.vultrusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:35 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
prebid
ads.yieldmo.com/exchange/
0
220 B
Fetch
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-5327c943-1992-4d6a-a6d8-9b7622d89dab_9_1_ad%22%2C%22callback_id%22%3A%22232888729058a6de%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%223361241939151101975%22%2C%22gpid%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1%22%2C%22tid%22%3A%223e6936af-8a3b-443c-ab48-2dbc48435889%22%2C%22auctionId%22%3A%225d543e45-13ef-443e-95e9-71230b1bd131%22%7D%5D&page_url=https%3A%2F%2Ffolkd.com%2F&bust=1705981115345&dnt=false&description=Folkd%20is%20a%20leading%20social%20bookmarking%20app.%20Since%202006%2C%20over%208%20million%20people%20have%20used%20Folkd%20to%20store%2C%20organize%20and%20share%20their%20favorite%20links.%20Join%20them%20today%20for%20free.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Bookmarks%20are%20%E2%9D%A4%EF%B8%8F%F0%9F%9A%80%F0%9F%92%AF!&w=1600&h=1200&pubcid=e7e38ac1-9171-4bdb-9809-cc3a95321041&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%225d65a9fa-c3bc-4e73-b569-1a8af1e68dc7%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e7e38ac1-9171-4bdb-9809-cc3a95321041%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebidvideo
ads.yieldmo.com/exchange/
0
349 B
Fetch
General
Full URL
https://ads.yieldmo.com/exchange/prebidvideo
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
translator
hbopenbid.pubmatic.com/
0
53 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/
0
210 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:34 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/
140 B
1 KB
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
ce96f7696dc25f5f14631ecfbd0b268c20c3d47d5adcf4569ca0d22efc38d2d7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
an-x-request-uuid
335ffcd1-0254-4d37-9397-e654b8442362
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://folkd.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
149.88.27.82; 149.88.27.82; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
140
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/
1 KB
591 B
Fetch
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
275f19c4014d522d4d54a91ad42308f5616a807e4102dda915a1b65ff1211ceb

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://folkd.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
53
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 03:38:35 GMT
hb-mm-multi
hb.minutemedia-prebid.com/
85 B
421 B
Fetch
General
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.76.118.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-118-59.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
893e77a09a16aa5eb568f7445e9042b4791a424645a4f19dc15f7c7ea9f81698

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
server
istio-envoy
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://folkd.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
85
v2
e.serverbid.com/api/
16 B
201 B
Fetch
General
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
pbjs
htlb.casalemedia.com/openrtb/
1 KB
2 KB
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=201336
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2f9aa48e9558c83410b287551b1b76c49a0570b1384b3caed8d8b0c62f9c985

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKDGy3j6BfuWliogNSHG7KOEMsI6FaQvDKVuX31MBpB5ZUrhPfqWhEqJV%2Bvdt%2Fu4a2Ud%2FtxEW0nVJq1m4mt%2BjdUrRFzJmOZSGztcztuxbCGb6y874%2Fw4zJgVkevjfellO5Z85ngl"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
849d0132fa7d4d22-FRA
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/
38 B
605 B
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=201336
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6a3e3e68f2bb821f3d303be31e30b990da42792e6342067124b82c8a88df8dd

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0FhMstOmxL6siAm%2B53QqKKC2lDCZ6zl4UKRl6iNo9dhe1cWysAgkXFjjz%2FQ0tGL%2Brm7dufU1WdAxTVT5Ymyrs85CJ8d6THWLNJROLtICiDQ%2BVVnQs8kppYtXbnmTOFfq%2BD8nFTO"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
849d0132fa7e4d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
ads
securepubads.g.doubleclick.net/gampad/
30 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3801837833584460&correlator=1184514238692811&eid=31079957%2C31080496%2C31079724&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fifs&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=7&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3Dd73a653a13f2f49f%3AT%3D1705981113%3ART%3D1705981113%3AS%3DALNI_Mb1JF_cD5eBfkgoBO3S1ziePAa9sA&gpic=UID%3D00000d47b8500e9b%3AT%3D1705981113%3ART%3D1705981113%3AS%3DALNI_MbfupWRtW_bgqrzZWS6Cr1ei-ta8w&abxe=1&dt=1705981115365&lmt=1705981115&adxs=386&adys=4632&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&psts=AOrYGsman6824urSO2NodxDYNpWvkpYVgvY6Rcgio3v1ixjb%2CAOrYGsl3Hc4o5wg9SoAhEKvUAWsLv5DJovfl6w3SR3khPRamDwtaAV24df3rwELmsuAfDFKxeojKzAILJAM3CXj31-7UOA%2CAOrYGsnEQtl9vThQ_W1ayFAjT25eLLiuQZT7I4UPIA_23lIu2ylX9Jt2iGp1m4OFnLojsh-cPddxBohjxc3DHgN-Lxvo7Q&ga_vid=1374325086.1705981113&ga_sid=1705981114&ga_hid=827497303&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Y0-qXo9MxSABSAghkEhsKDGlkNS1zeW5jLmNvbRib65ej0zFIAFICCGoSGgoNY3J3ZGNudHJsLm5ldBIAGLXrl6PTMUgAEjsKCnB1YmNpZC5vcmcSJGU3ZTM4YWMxLTkxNzEtNGJkYi05ODA5LWNjM2E5NTMyMTA0MRj26pej0zFIABIdCg5lc3AuY3JpdGVvLmNvbRjT6pej0zFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pY0U1cGNFaFVSV3BVV2l0V00wWXlNbTF1Y25BMVVUMDlJbjA9GNDul6PTMUgAEq4BCghydGJob3VzZRKYAXJ0aHJSQkpoU2dDSENwOHdTUU16b0ZRcE1CWEZLbUJjKzU2ZFpBZHZJU3A0RzFiajBYUXE2ditERm5pbFZFOTFaQXpHSmoxUTBxVCs0eTViRXVWdFhiVkdPdVk5VXF0NW1oZVFYaXZKbTFHR0JtWFF6QkxJNTlVd1Y2eXBCV0N5R2MrKzNOSk5kTHdVVi9TRjB6MGVTQT09GKHsl6PTMUgA&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D6%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26bidder_responseTime%3Dix_100%26auction_id%3Dec163274-6dc7-49ae-bbf7-ea8e7773eba7%26monu_df%3D0.05%26safeframe%3Dtrue%26bid_source%3Dclient%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_adid%3D27834cbd3fcea56f%26hb_bidder%3Dix%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Ddf%26provider_performance%3Dix_notchrome_0.05%26context%3D3_ZH_notchrome%26browser_hour_refresh%3Dundefined_3_0%26slotOnScreen%3Dfalse&cust_params=page_num%3D0%26big4%3Dfalse%26iabCategory%3D264%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=1989191676&frm=20&eo_id_str=ID%3Dd583b5ec4e3a5c9c%3AT%3D1705981113%3ART%3D1705981113%3AS%3DAA-AfjZMvcohb3uIGzb4FJhEix2b
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bbd7270df5fec9e9a114f9bec7db3436f33282bba9b469d610c2e012a53efa09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12958
x-xss-protection
0
google-lineitem-id
6125550888
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138407042565
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B1D1
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 01:04:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
527640
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Jan 2025 01:04:35 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame B1D1
26 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5693
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ab4LsKc7KcjwWyK2r%2BJ3olgybhopZWza6O9fa%2B9ByUClDB8D2ywyXq0yaI84khP9iekjyfl6j94BR%2B1yy90IDLnypArz6leQkm7tTVnxd86g%2BmuL5UgzKa5%2Bej5VzjqxKSSn9F6a%2B%2F13LW%2FAwNI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
849d01335de1927a-FRA
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B1D1
206 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 03:38:35 GMT
container.html
428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DE1C
6 KB
3 KB
Document
General
Full URL
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:33 GMT
expires
Wed, 22 Jan 2025 03:38:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
track.adform.net/adfserve/ Frame DE85
5 KB
3 KB
Script
General
Full URL
https://track.adform.net/adfserve/?bn=67903450;rtbwp=Za80uQAAAADnlrKcPX5u7ETUO0QXaT2BHJK4lw;rtbdata=W6kvuXQNu86EBnfD9JcxEfjYF229bpUjHubuMhubs0C3xMsNeaE_7YsMS1QbwXumzXPyNOGIAmqYdJkohl9Dl2Z8D7pzFqnXZP4orUHzt_MntkI1FSYiFF__U9FnlqaRKWcHZh-DE2Jp7Vto4vKAkzW0_-F-7GIsR5xeG1R90QYbDD0kU7EUclL9E4BYs1QFXShoco9Eve955yZIP-8ZplXI6hKUTkBTvo2uv1JH9j_sNBY9OFe3B2D0WqQsz4K7k0-z-cOV_gJ4J2NRz8UbEmT0lQkXAT8x0;js=1;adfxid=1x;1171;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ffolkd.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5c64bc84052ed4b27648e6a76d61320325a171a7c6e497f36ff9ed7e8e869c03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2392
expires
-1
prebid
ads.yieldmo.com/exchange/
0
220 B
Fetch
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.12.0&p=%5B%7B%22placement_id%22%3A%22mmt-5327c943-1992-4d6a-a6d8-9b7622d89dab_10_1_ad%22%2C%22callback_id%22%3A%22250f95e557d18a87%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%223361241939151101975%22%2C%22gpid%22%3A%22%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1%22%2C%22tid%22%3A%22e1e32eb2-8556-4888-bcb0-6a52276fc6db%22%2C%22auctionId%22%3A%22ded40807-b5f1-4875-a849-2c4d0f3ae1e3%22%7D%5D&page_url=https%3A%2F%2Ffolkd.com%2F&bust=1705981115464&dnt=false&description=Folkd%20is%20a%20leading%20social%20bookmarking%20app.%20Since%202006%2C%20over%208%20million%20people%20have%20used%20Folkd%20to%20store%2C%20organize%20and%20share%20their%20favorite%20links.%20Join%20them%20today%20for%20free.&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=Bookmarks%20are%20%E2%9D%A4%EF%B8%8F%F0%9F%9A%80%F0%9F%92%AF!&w=1600&h=1200&pubcid=e7e38ac1-9171-4bdb-9809-cc3a95321041&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22monumetric.com%22%2C%22sid%22%3A%225d65a9fa-c3bc-4e73-b569-1a8af1e68dc7%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e7e38ac1-9171-4bdb-9809-cc3a95321041%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebidvideo
ads.yieldmo.com/exchange/
0
349 B
Fetch
General
Full URL
https://ads.yieldmo.com/exchange/prebidvideo
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
pbjs
htlb.casalemedia.com/openrtb/
1 KB
2 KB
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=201336
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8b3bbfb9725373863d2b34d9a47cc2601d2f428e1e77abd7d2e9c3407333d18

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IOK4YDerRbdO3wOIm0JW9SmMhVfwHWoXMW7nsXJsmTiA1MJx%2BLEm8x7lhZbE9m6z%2Bu0nyJncIOdND71TcxkdNkML6t9jPH7oC8fIjAWJtCcNhSi%2B0W6a4XQvoAysUuohf22%2FxUc9"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
849d0133badd4d22-FRA
alt-svc
h3=":443"; ma=86400
expires
0
pbjs
htlb.casalemedia.com/openrtb/
38 B
606 B
Fetch
General
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=201336
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae20175d544428533ebf0b3d2a9c9e1faa009dcdbe3e49a33dd503112145a8c5

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifkG4KKWTbIBdRgXxTCrlZkt%2FvPmD6%2Bhvfc3rCI3tpgDIx07hunDPZQWMNV70n128prVo3M86V%2Fsp0Jwnjzl5%2BL3V2MitncdlQ3Zhif3YClDO%2BvrGrZsFCmBy3gW5%2B6XxUiIDrQF"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
849d0133bade4d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/
441 B
475 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23852&site_id=389792&zone_id=2276222&size_id=2&p_pos=btf&rp_schain=1.0,1!monumetric.com,5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7,1,,,&eid_pubcid.org=e7e38ac1-9171-4bdb-9809-cc3a95321041%5E1&rf=https%3A%2F%2Ffolkd.com%2F&tg_i.domain=folkd.com&tg_i.page=https%3A%2F%2Ffolkd.com%2F&tg_i.cat=239%2C264&tg_i.cattax=6&tg_i.id=5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7&tg_i.mobile=0&tg_i.pbadslot=%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1&tk_flint=pbjs_lite_v8.12.0&x_source.tid=ded40807-b5f1-4875-a849-2c4d0f3ae1e3&l_pb_bid_id=2544a3d784983e59&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=e1e32eb2-8556-4888-bcb0-6a52276fc6db&rp_maxbids=1&p_gpid=%2F20842576%2FJYM01M%2FJYM01M-DDI.A%23repeatable-1&slots=1&rand=0.8643561887927247
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
fd67cce30de85b9e80ee4f44f771dc0bb3149bfa527522eb8799ebda0fa65e28

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
441
expires
Wed, 17 Sep 1975 21:32:10 GMT
v2
e.serverbid.com/api/
16 B
201 B
Fetch
General
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
hb-mm-multi
hb.minutemedia-prebid.com/
84 B
420 B
Fetch
General
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.76.118.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-118-59.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
bc3f299c65309fadb24e23a3a2976cb09bf368c20c492a04f7c0a01945ac735e

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
server
istio-envoy
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://folkd.com
content-type
application/json
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
84
prebidjs
rtb.openx.net/openrtbb/
53 B
95 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
41871c1ff2450757844389f48e01359764e179042b06e65c3b5eac88bb12a7f8

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/
53 B
95 B
Fetch
General
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
005289be01b4f5f0456718e324286efb24afafaee47e0438ea0fb24fcd8c9f48

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://folkd.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
translator
hbopenbid.pubmatic.com/
0
53 B
Fetch
General
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:35 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/
1 KB
592 B
Fetch
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUWWG7OK
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
4f1339ff8ae3d23b2800b9dac3115ef8a29dd9b449a3b5e3bf7aef6503854e20

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:34 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://folkd.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
51
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 03:38:35 GMT
prebid
ib.adnxs.com/ut/v3/
139 B
1 KB
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4e5f598d7143ab20b4463ecfd8d59fa4b9a677335448e4be8a58d5e31053293c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
an-x-request-uuid
57833230-8223-4936-9b31-de95933f0f58
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://folkd.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
149.88.27.82; 149.88.27.82; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
637e6546decb82d45236f0f8
prebid.cootlogix.com/prebid/multi/
0
652 B
Fetch
General
Full URL
https://prebid.cootlogix.com/prebid/multi/637e6546decb82d45236f0f8
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.191.36.239 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
107.191.36.239.vultrusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:35 GMT
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
content-length
0
c
prebid.a-mo.net/a/
0
210 B
Fetch
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:34 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DE1C
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 01:04:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
527640
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Jan 2025 01:04:35 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame DE1C
26 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5693
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDJoPUJyYjJK0qrQbTCvGU8waMCNianXjjjpEhpZ4K7uCWg40%2B%2FjSOsf%2BjRZvAfkM3%2B4azfJXS9%2BanZgSU17ap4tRUyEM%2FEc5L4pnMgzS0DhGV7KsuF0IBDbOK6qYpd2o%2B13VUDEN7bm%2Fp7S8BU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
849d01340e25927a-FRA
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DE1C
206 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 03:38:35 GMT
ads
securepubads.g.doubleclick.net/gampad/
30 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3801837833584460&correlator=455565494038850&eid=31079957%2C31080496%2C31079724&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fifs&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=8&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3Dd73a653a13f2f49f%3AT%3D1705981113%3ART%3D1705981113%3AS%3DALNI_Mb1JF_cD5eBfkgoBO3S1ziePAa9sA&gpic=UID%3D00000d47b8500e9b%3AT%3D1705981113%3ART%3D1705981113%3AS%3DALNI_MbfupWRtW_bgqrzZWS6Cr1ei-ta8w&abxe=1&dt=1705981115527&lmt=1705981115&adxs=386&adys=5518&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&psts=AOrYGsman6824urSO2NodxDYNpWvkpYVgvY6Rcgio3v1ixjb%2CAOrYGsl3Hc4o5wg9SoAhEKvUAWsLv5DJovfl6w3SR3khPRamDwtaAV24df3rwELmsuAfDFKxeojKzAILJAM3CXj31-7UOA%2CAOrYGsnEQtl9vThQ_W1ayFAjT25eLLiuQZT7I4UPIA_23lIu2ylX9Jt2iGp1m4OFnLojsh-cPddxBohjxc3DHgN-Lxvo7Q%2CAOrYGskP0WogTJeuA2wXBAEkR5KxvxUh6sV9IGBlSbdkusXJk6H1OigERR4KtYC1K0HoZNi32mkIpD-37bXr0c0i6zphiA&ga_vid=1374325086.1705981113&ga_sid=1705981114&ga_hid=827497303&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Y0-qXo9MxSABSAghkEhsKDGlkNS1zeW5jLmNvbRib65ej0zFIAFICCGoSGgoNY3J3ZGNudHJsLm5ldBIAGLXrl6PTMUgAEjsKCnB1YmNpZC5vcmcSJGU3ZTM4YWMxLTkxNzEtNGJkYi05ODA5LWNjM2E5NTMyMTA0MRj26pej0zFIABIdCg5lc3AuY3JpdGVvLmNvbRjT6pej0zFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pY0U1cGNFaFVSV3BVV2l0V00wWXlNbTF1Y25BMVVUMDlJbjA9GNDul6PTMUgAEq4BCghydGJob3VzZRKYAXJ0aHJSQkpoU2dDSENwOHdTUU16b0ZRcE1CWEZLbUJjKzU2ZFpBZHZJU3A0RzFiajBYUXE2ditERm5pbFZFOTFaQXpHSmoxUTBxVCs0eTViRXVWdFhiVkdPdVk5VXF0NW1oZVFYaXZKbTFHR0JtWFF6QkxJNTlVd1Y2eXBCV0N5R2MrKzNOSk5kTHdVVi9TRjB6MGVTQT09GKHsl6PTMUgA&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D7%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26bidder_responseTime%3Dix_200%26auction_id%3Df39a3529-9c3b-43da-8a42-32cb9b200cb8%26monu_df%3D0.05%26safeframe%3Dtrue%26bid_source%3Dclient%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_adid%3D2793950b327ce523%26hb_bidder%3Dix%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Ddf%26provider_performance%3Dix_notchrome_0.05%26context%3D3_ZH_notchrome%26browser_hour_refresh%3Dundefined_3_0%26slotOnScreen%3Dfalse&cust_params=page_num%3D0%26big4%3Dfalse%26iabCategory%3D264%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=1312553130&frm=20&eo_id_str=ID%3Dd583b5ec4e3a5c9c%3AT%3D1705981113%3ART%3D1705981113%3AS%3DAA-AfjZMvcohb3uIGzb4FJhEix2b
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d21519436c69f8048ad992a8c089600818ca0339e421c70e8a5d99d45be1270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12964
x-xss-protection
0
google-lineitem-id
6125550888
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138406914029
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B1D1
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmbkxQMkozeiTA5WebuW8tcpvktTXi2N7H0tZA6x559MS_3hIrvYEP8WtzXGNhLInQsoeXgNBfMrVHkxnJxvISjhDzvYRPgsxFmzgRexrT27rlcj2mU0t2i0ytQs_M8T19jZC48BapC6GYmJ88S73gBHi9j1itnVEoEo-e-wf0kQW6ixnTgsudjjeI6ve64j8vnq7NLsZaeNwRv7WEalbd2q6pCk11tCV5TJQ05Q5ETegGaJ_uy2wIvtYPoZpg2FVSeNGmiRTovVI66-zQVJ6O25LX6Tkjrfu15CgdQmjwh_OLrazdNcDVcAbU7ptCMarKD3AKBfi89Ac0aju_-z0cDO4ypusFHSUmwdR1uAUacjm1GVqicfY&sai=AMfl-YRXwWCSY-WzVPWHYOr_PM7Z9An_PnHcPPhHvI0NxzS-h0RODwt3j6oaTr-foUjQsxZaW2RpKZG9peREomcWxQtiLT3chpcgpKEusrADZBRtkimKCNFY6sbj8U0AfYo&sig=Cg0ArKJSzOiHs-mHhQc3EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
container.html
428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BDB0
6 KB
3 KB
Document
General
Full URL
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:33 GMT
expires
Wed, 22 Jan 2025 03:38:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
track.adform.net/jsmetrics/ Frame DE85
43 B
208 B
Image
General
Full URL
https://track.adform.net/jsmetrics/?sid=756&rid=10188&cid=1737&adfserve=108&asset=157&deviceType=Desktop
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 28 Jul 2023 11:03:52 GMT
server
nginx
etag
"64c3a098-2b"
content-type
image/gif
accept-ranges
bytes
content-length
43
usermatch
ssum-sec.casalemedia.com/ Frame 6FAB
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
  • https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0&C=1
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0&C=1
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ebbaff2611ef2a128396d79225579570ad54163e32d0961aa2753c0f4c0d96c

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
849d01349bda4d22-FRA
content-encoding
br
content-type
text/html
date
Tue, 23 Jan 2024 03:38:35 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k54nH67RLXuwsNKxWKKU06x9gWppLN21%2FsnMjqNa203HeAHmnMqYkhluy%2FGDR9qUlitewANZN0seUX2kStLEvz%2BhL%2FrJwr9g4uiaOwPKJFTGe0656vs%2FN4xjga6RTGCAyhTUr0urbOiIuA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
849d0134588dbb71-FRA
content-length
0
date
Tue, 23 Jan 2024 03:38:35 GMT
expires
0
location
/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5Ls9Y2e3Q0VGgxbXEyiHHBjZkWC5ibHHM28ekkPMjAa6OIBBzBSqdGS92k2T0nFW4dcEnDsnkO52Y%2FPww7sCK1S2C280BO7CFtA%2BhzRLXInxerYwk2x3IrhpbRry1H4clL3LbV32s3wCg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
main.19.8.473.js
static.adsafeprotected.com/ Frame DE85
214 KB
66 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.473.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=8095&pubId=182762&chanId=242368&campId=5916627&custom5=1&placementId=32704&custom=700d2db5-01d6-4612-9304-a973ca437258&custom2=folkd.com&custom3=02&planId=300x600&custom4=300x600&adsafe_par&impId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:7400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68687158d2c493d42ae6dee2f15fc2c761da3abf8d92c4474e1dbc527b6930d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 17:05:29 GMT
x-amz-version-id
TozINgEWWkvQmqDfTCTq3yrdeWW.56xS
content-encoding
gzip
via
1.1 3a4b7ff21260552f6982d2003fec9c84.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
age
901987
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 11 Jan 2024 21:47:36 GMT
server
AmazonS3
etag
W/"38edfb290172e1aef8532f19eb4cbbe4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
A5cj-NjtLBLx27wJNXQ-s7h2qn6is7PIvVwTgneEuQObEbSLpq_dUw==
container.html
428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4F93
6 KB
3 KB
Document
General
Full URL
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:33 GMT
expires
Wed, 22 Jan 2025 03:38:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame B1D1
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0e9db79e9136bbcb41984056cb74a68a2442361bac52ca1ba45fe6d26405d51

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame B1D1
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHbJ8eMI9czQ_a7X0hkcUGV-P9kj8abYhjsj8MRdbxDfllOQ0Qw6FvkmcZPl4lFxVexP6hPCLTFiO7ODXGiAeAqzzkyUyTgTKrK3P6zmK4gWN9_OucYO4-pRUZByFoInpRp99ZZGYR_59rKQifnKGSG9Vb5cNPxGlMA24kSHdFYa8ryoOjiwvqe4P4dFCo1ZofS3XLNvG0PB6FcppaJD3TzcQ1pP5oTFobg3CPiiSXJh084zLYh8yXjRvcbYuJnp1wsw4mFlmPMS2-DdVUY_xGAa9LcKkBxUWMduKg-MtBD7K7WPfOEPx4-5sIRLUIBZFfNmK1VoHnCnj-9Lb2N6sQoK-GROoi58fZ0uoomwuWNmO7XrryvvEcqA&sai=AMfl-YQatrGOVxYtWXkvjrTygg69pgJFoJz5Dwd2qikd4dcere0BysMmuBGs1Z3WBY6clbIgeTB3GZSDlZvf407Z34hhrRalvOOPkW8OTqcb9gFmHSh54qPNV88d8jtZF-s&sig=Cg0ArKJSzD_OnrmnempSEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 23 Jan 2024 03:38:35 GMT
container.html
428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EF46
6 KB
3 KB
Document
General
Full URL
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:33 GMT
expires
Wed, 22 Jan 2025 03:38:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Standard
s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame DE85
91 KB
39 KB
Script
General
Full URL
https://s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ed8343699e054a0900f23319e31cba32ad43bf77136313508ea25d86073366bb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
last-modified
Tue, 19 Dec 2023 10:28:27 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 19 Jan 2024 16:52:30 GMT
ads
securepubads.g.doubleclick.net/gampad/
30 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3801837833584460&correlator=326592290411369&eid=31079957%2C31080496%2C31079724&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fifs&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=9&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3Dd73a653a13f2f49f%3AT%3D1705981113%3ART%3D1705981113%3AS%3DALNI_Mb1JF_cD5eBfkgoBO3S1ziePAa9sA&gpic=UID%3D00000d47b8500e9b%3AT%3D1705981113%3ART%3D1705981113%3AS%3DALNI_MbfupWRtW_bgqrzZWS6Cr1ei-ta8w&abxe=1&dt=1705981115630&lmt=1705981115&adxs=386&adys=3685&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&psts=AOrYGsman6824urSO2NodxDYNpWvkpYVgvY6Rcgio3v1ixjb%2CAOrYGsl3Hc4o5wg9SoAhEKvUAWsLv5DJovfl6w3SR3khPRamDwtaAV24df3rwELmsuAfDFKxeojKzAILJAM3CXj31-7UOA%2CAOrYGsnEQtl9vThQ_W1ayFAjT25eLLiuQZT7I4UPIA_23lIu2ylX9Jt2iGp1m4OFnLojsh-cPddxBohjxc3DHgN-Lxvo7Q%2CAOrYGskP0WogTJeuA2wXBAEkR5KxvxUh6sV9IGBlSbdkusXJk6H1OigERR4KtYC1K0HoZNi32mkIpD-37bXr0c0i6zphiA%2CAOrYGslzUN0dbcsrdQy-yWSz4ZWrD13kzO3ER4wRfiS4S3dO94MIUHDaLKmXWAO3SMfM418ct-A7kdtQiS8pM1QbjDxQtw%2CAOrYGskSmD66oghlbuOR1IffPBySRPn8w9Crps5P3VpYjP5SjYoAeHl-l6fTf0DaRTH0crjY1np4YdeBo0ITgO9BGB95rQ%2CAOrYGskZi5EENzEtb-Aq1Vd4aJlCAua1BHoxIkgnbYC-PYj2lq4NvRL5RO-b3kP96UWh4rw-4Kg2Cy72lyXPzY6NHctpig&ga_vid=1374325086.1705981113&ga_sid=1705981114&ga_hid=827497303&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Y0-qXo9MxSABSAghkEhsKDGlkNS1zeW5jLmNvbRib65ej0zFIAFICCGoSGgoNY3J3ZGNudHJsLm5ldBIAGLXrl6PTMUgAEjsKCnB1YmNpZC5vcmcSJGU3ZTM4YWMxLTkxNzEtNGJkYi05ODA5LWNjM2E5NTMyMTA0MRj26pej0zFIABIdCg5lc3AuY3JpdGVvLmNvbRjT6pej0zFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pY0U1cGNFaFVSV3BVV2l0V00wWXlNbTF1Y25BMVVUMDlJbjA9GNDul6PTMUgAEq4BCghydGJob3VzZRKYAXJ0aHJSQkpoU2dDSENwOHdTUU16b0ZRcE1CWEZLbUJjKzU2ZFpBZHZJU3A0RzFiajBYUXE2ditERm5pbFZFOTFaQXpHSmoxUTBxVCs0eTViRXVWdFhiVkdPdVk5VXF0NW1oZVFYaXZKbTFHR0JtWFF6QkxJNTlVd1Y2eXBCV0N5R2MrKzNOSk5kTHdVVi9TRjB6MGVTQT09GKHsl6PTMUgA&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D4%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26bidder_responseTime%3Dix_200%26auction_id%3D8c73aa64-35e7-47b1-9b09-d766b0bfa5db%26monu_df%3D0.05%26safeframe%3Dtrue%26bid_source%3Dclient%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_adid%3D276cb62d702d9ebc%26hb_bidder%3Dix%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Ddf%26provider_performance%3Dix_notchrome_0.05%26context%3D3_ZH_notchrome%26browser_hour_refresh%3Dundefined_3_0%26slotOnScreen%3Dfalse&cust_params=page_num%3D0%26big4%3Dfalse%26iabCategory%3D264%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2052260768&frm=20&eo_id_str=ID%3Dd583b5ec4e3a5c9c%3AT%3D1705981113%3ART%3D1705981113%3AS%3DAA-AfjZMvcohb3uIGzb4FJhEix2b
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bd600a32b39a677f13ea3c3a0d8d29cd887387132cbb012175ef6a769b2bb52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12982
x-xss-protection
0
google-lineitem-id
6125550888
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138406914023
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame EA94
267 B
186 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNXmHUB5Eo-jeDAM-YFu8gPxc59BPJEnoJBZ4HWthb7HtomLcQkKCdzNMTm-VLBm7BXam6E8M9bBiGGiGRRBafXFvjo6Mw
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85fc6174ce4620ca01e50174ef4cb0317d5e8574a634bf1924b63dac85d8ef9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
101
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 0776
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 03:38:35 GMT
r62eglto.js
ad4m.at/ Frame 0776
24 KB
10 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Jan 2024 06:20:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
595058
etag
W/"ea6b8b5621410c697cbfca30307bc4ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NM1lwzSQyIj2PsjRbsJYWZOBdVxYIwbyyDiL%2BHjQ%2BDxqJ2rwaaBilNxjmqloaiaxXvX22EmiD0M8xFsWDdD5dz%2FmKYYfLkNhFJ1Wod%2B8SiuULDIMXhKZO5AIz1%2FNMBnXK52t%2FWE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
849d013519711d8c-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Jan 2024 06:20:57 GMT
97363ab9-4a85-4dbe-a6d2-f7d8a9947a73
a1161.casalemedia.com/impression/v2/201336/85/cmnj9egp1lsrdvt8keb0/ Frame 0776
43 B
303 B
Image
General
Full URL
https://a1161.casalemedia.com/impression/v2/201336/85/cmnj9egp1lsrdvt8keb0/97363ab9-4a85-4dbe-a6d2-f7d8a9947a73?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1705981714&profileIDs=&creativeID=18d3727&pubID=182762&format=banner&channel=site
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.60.92 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:35 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0776
42 B
401 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BCl7_-bwh7GExxoE__K3XBbHKCyyXfS_Ji3i4XlvFwPI4bPMCaonovfUsDIgZBoUs6prm1Pt5MnOWJ11r8SAahSlfdx-gNT5ubpyyDHFS_Qec2eLc
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame BDB0
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 01:04:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
527640
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Jan 2025 01:04:35 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame BDB0
26 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5693
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3A83e%2BGC81H6cys8VuK5WM%2Btv%2B9ZALa05phvcqotZp%2F0TkKGfFd0OgV4ZY3dKiGUMQrsI3v3iZZGo2%2FMmuvQFy21tQFy1gYDqeDlPQZsk%2Fg9cRc4Jf0%2FERcn%2FMOOrHsSiAqTN7gTo2b3xNlNiM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
849d01350e7e927a-FRA
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame BDB0
206 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 03:38:35 GMT
casale
match.adsrvr.org/track/cmf/ Frame 6FAB
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 6FAB
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9QP22H2PZ5R51YQ8YX10
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
480429.gif
idsync.rlcdn.com/ Frame 6FAB
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=c7bb4041e7e54ef9a286c7845e42f86c
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3205897004932985690
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=2ba2ab41-70c6-45d7-8951-9ef87add91a7
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=a1e8553d-4939-4f92-91b7-55f53500045a%3A1705981116.6828094&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da1e8553d-4939-4f92-91b7-55f5350...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433832264167376&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Da1e8553d-4939-4f92-91...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=a1e8553d-4939-4f92-91b7-55f53500045a%3A1705981116.6828094&_=1705981116.6842957
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=lvr18
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?domid=1052
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx&google_gid=CAESEM9MOCbn56jBWlnw8-z89WQ&google_cver=1
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEM9MOCbn56jBWlnw8-z89WQ&action=GET_ID&etid=&domid=1052
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=2380373011570053850&opid=apx&ops=&utidl=tech:goo:CAESEM9MOCbn56jBWlnw8-z89WQ&action=GET_ID&etid=&domid=1052
  • https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A71812261663
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A71812261663
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0&C=1
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A71812261663
date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=63072000;includeSubDomains;preload
content-length
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 6FAB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDS-bhrpNLZGf7A3kAf3D7s&google_cver=1
43 B
733 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDS-bhrpNLZGf7A3kAf3D7s&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjw2B3eKwaeQQOjIOoQZbnXMQeNtDkEY7jBeKQDJbaYu15fNKbre9jdVVNoeFFUK3Z9xFTSkL0DMkGPvkie%2BC2rao2uS%2BhywO%2F4E9lR1jnDw34nXwFovQC7KT46oChEej22S6HMIWADMig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d0135ac574d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDS-bhrpNLZGf7A3kAf3D7s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6FAB
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=yQUETMwEBxPSCVFLnAZISJlVURLSCVwcyQhnJeBy
43 B
380 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=yQUETMwEBxPSCVFLnAZISJlVURLSCVwcyQhnJeBy
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02HvmqBi4ua7ZvXgBqaFU7%2FKbtnm9%2FETBcDEw7Zu1HtCqXyDvQ94N1%2BIGX4FkWF6U3MqnaDJPMsZ3kNDry1Oz1Vl7hjMNA%2Fr8%2BKaxnDghemf%2FKJ234Uww0s8MiIX3aJLdgRH3Lv3FqexsA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d0135990fbb71-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=yQUETMwEBxPSCVFLnAZISJlVURLSCVwcyQhnJeBy
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6FAB
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=2336c4e51efd48c8babb93015496f537&expiration=1708573115
43 B
734 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=2336c4e51efd48c8babb93015496f537&expiration=1708573115
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bINubniReSU60IWfEeo7TXA1Ka%2BTc8qJWBsLwuO1pFPaKeHDmwAZfuxJp%2BHr2qix%2BdGdtYiobyLCDU3eCbwTf2BoY9XaRXoF5aybq%2BVDUZ0QRUDELWnDco%2FJ4dfQkw60vnNlip59PbsQaA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d0135fc7e4d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=2336c4e51efd48c8babb93015496f537&expiration=1708573115
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6FAB
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=8e0620f2-9a44-4c16-9a13-166deda98989&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
732 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=8e0620f2-9a44-4c16-9a13-166deda98989&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4sWttX3V%2BnNJC%2FdfVLTlofjo5EfqMjX4LIeZnh3B9AFMKm2U56Ud0YjPIQJOhwDop40P6V7TGb9ZaT0M5%2FpXdYb5Tqat3Br7id6IadEUsXhhqzg3k5kWa3r0Qfw0%2F958BWrs4As4NcWiA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d0135fc844d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=8e0620f2-9a44-4c16-9a13-166deda98989&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Tue, 23 Jan 2024 03:38:35 GMT
server
_
content-length
0
crum
dsum.casalemedia.com/ Frame 6FAB
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=04874115-f805-1d4a-7878075c
43 B
416 B
Image
General
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=04874115-f805-1d4a-7878075c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGMOe3JO%2BfQ4ET3QWam1h6PBgynMFV%2BBkJGQ6AFZBkdkg1jJ3i8IvMOG2QPEmxtUScKj4Nw80yn3TCeWCqdIw%2BYuhOM4uxoNxural13csyGgXetnZoUq8NIqlKRP1dbaQHzJADgo"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d0136695abb71-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 23 Jan 2024 03:38:35 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=04874115-f805-1d4a-7878075c
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 6FAB
43 B
351 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Za80ux4LORIGoWQwyWak5QAA%262130
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
20
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
849d0135ae5818ef-FRA
content-length
43
expires
Tue, 23 Jan 2024 07:38:35 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DE1C
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshKSI8Ld8umDdum0wGPMCqwf6U7RT4LrsCzqCR62-DVJG-cqWRLQZ_T9y9b6OEXFVVOlj1RMEPSjSWRBMMH1W2FSr_kRbpNr23SEj3FFnEZQ9vjZn9p-V4AzwkYwC-YV0oj6SdmyZ5-km2GfY0zbfmbldq8Jmd_JqYSiC1ei1ceNKhAleAZvDgdmpCMpitDKLlJfJDU75nh-ruWt8myE6kR4NDuJT6_mzQ94T0qejjKYum0Na9RRsFWNaRM_JNCfnXfeC-Z1g4d4haIj1zk-oaYGLIl4Bkx49JY1N2KdlPNpXtSgbDXqn0BWSqw3wyWoC3qRRsbCNrDeoVzPah7utPFiidcNRSgyC9XbezdQn4Po_jWCo4AO0&sai=AMfl-YQK0yJF5iH8-d2CRH2lZb5ttqzKbFL9vctQ36jLDS_ijbhGv-IPyIKNZnvXIMKUHnFonE-Fo8Fu7tIy9cP0oFQfq42vGj4jyURRVJknFh7SL0ED_pA9SAz0AtPJRzU&sig=Cg0ArKJSzBBd6YDiMRlAEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4F93
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 01:04:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
527640
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Jan 2025 01:04:35 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 4F93
26 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5693
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNx4x%2BtbHZFLdh5pFAX1gTrbNJwR9dNBreTFimiVuWQhQHTa%2FzLh%2B%2F2zxxRwq7kSlih%2BgTaZGhnN5neYlT29doFv5Rxbj0efSYNZ2q2bsfAUVxl8Nq3jERQH%2F8pvMuPsnVZ1FbCUOe9oZlb7B2M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
849d01354e99927a-FRA
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4F93
206 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 03:38:35 GMT
ads
securepubads.g.doubleclick.net/gampad/
30 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3801837833584460&correlator=4283933310331117&eid=31079957%2C31080496%2C31079724&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fifs&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=10&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3Dd73a653a13f2f49f%3AT%3D1705981113%3ART%3D1705981113%3AS%3DALNI_Mb1JF_cD5eBfkgoBO3S1ziePAa9sA&gpic=UID%3D00000d47b8500e9b%3AT%3D1705981113%3ART%3D1705981113%3AS%3DALNI_MbfupWRtW_bgqrzZWS6Cr1ei-ta8w&abxe=1&dt=1705981115728&lmt=1705981115&adxs=386&adys=6391&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=7&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&psts=AOrYGsman6824urSO2NodxDYNpWvkpYVgvY6Rcgio3v1ixjb%2CAOrYGsl3Hc4o5wg9SoAhEKvUAWsLv5DJovfl6w3SR3khPRamDwtaAV24df3rwELmsuAfDFKxeojKzAILJAM3CXj31-7UOA%2CAOrYGsnEQtl9vThQ_W1ayFAjT25eLLiuQZT7I4UPIA_23lIu2ylX9Jt2iGp1m4OFnLojsh-cPddxBohjxc3DHgN-Lxvo7Q%2CAOrYGskP0WogTJeuA2wXBAEkR5KxvxUh6sV9IGBlSbdkusXJk6H1OigERR4KtYC1K0HoZNi32mkIpD-37bXr0c0i6zphiA%2CAOrYGslzUN0dbcsrdQy-yWSz4ZWrD13kzO3ER4wRfiS4S3dO94MIUHDaLKmXWAO3SMfM418ct-A7kdtQiS8pM1QbjDxQtw%2CAOrYGskSmD66oghlbuOR1IffPBySRPn8w9Crps5P3VpYjP5SjYoAeHl-l6fTf0DaRTH0crjY1np4YdeBo0ITgO9BGB95rQ%2CAOrYGskZi5EENzEtb-Aq1Vd4aJlCAua1BHoxIkgnbYC-PYj2lq4NvRL5RO-b3kP96UWh4rw-4Kg2Cy72lyXPzY6NHctpig&ga_vid=1374325086.1705981113&ga_sid=1705981114&ga_hid=827497303&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Y0-qXo9MxSABSAghkEhsKDGlkNS1zeW5jLmNvbRib65ej0zFIAFICCGoSGgoNY3J3ZGNudHJsLm5ldBIAGLXrl6PTMUgAEjsKCnB1YmNpZC5vcmcSJGU3ZTM4YWMxLTkxNzEtNGJkYi05ODA5LWNjM2E5NTMyMTA0MRj26pej0zFIABIdCg5lc3AuY3JpdGVvLmNvbRjT6pej0zFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pY0U1cGNFaFVSV3BVV2l0V00wWXlNbTF1Y25BMVVUMDlJbjA9GNDul6PTMUgAEq4BCghydGJob3VzZRKYAXJ0aHJSQkpoU2dDSENwOHdTUU16b0ZRcE1CWEZLbUJjKzU2ZFpBZHZJU3A0RzFiajBYUXE2ditERm5pbFZFOTFaQXpHSmoxUTBxVCs0eTViRXVWdFhiVkdPdVk5VXF0NW1oZVFYaXZKbTFHR0JtWFF6QkxJNTlVd1Y2eXBCV0N5R2MrKzNOSk5kTHdVVi9TRjB6MGVTQT09GKHsl6PTMUgA&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D8%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26bidder_responseTime%3Dix_200%26auction_id%3D4c4680e7-2639-452c-b4e4-000a5afd51be%26monu_df%3D0.05%26safeframe%3Dtrue%26bid_source%3Dclient%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_adid%3D2801f2ec0eda2c9f%26hb_bidder%3Dix%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Ddf%26provider_performance%3Dix_notchrome_0.05%26context%3D3_ZH_notchrome%26browser_hour_refresh%3Dundefined_3_0%26slotOnScreen%3Dfalse&cust_params=page_num%3D0%26big4%3Dfalse%26iabCategory%3D264%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2454222941&frm=20&eo_id_str=ID%3Dd583b5ec4e3a5c9c%3AT%3D1705981113%3ART%3D1705981113%3AS%3DAA-AfjZMvcohb3uIGzb4FJhEix2b
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a48bef477dd5da681e93f9ba2f39b7c33653ef4f5172bce854b448b73cb363ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12980
x-xss-protection
0
google-lineitem-id
6125550888
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138407555842
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EF46
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 01:04:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
527640
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Jan 2025 01:04:35 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame EF46
26 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5693
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ySy0k33cnIZG2giQhrW1iErT%2BRJYVg4NaCTmaUt%2BvSI2Ui64MLq8IUKVQIAY9FR7GeME9lg%2F7rw%2F5IdYECU921ZFa7EHRq8GUxHtzxqgP8zKekEhUFdjHDp0wzpfeIqjdypoIrKKdaE9ZWN80A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
849d01357eb6927a-FRA
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame EF46
206 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 03:38:35 GMT
/
cm.adsafety.net/ Frame EA94
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartstreamtv_dbm&google_cm&google_dbm
  • https://ads.smartstream.tv/cm/?cmsrc=dcm&google_gid=CAESEO8l6kRGAW6gyI-7seFIWsA&google_cver=1
  • https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEO8l6kRGAW6gyI-7seFIWsA&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=26cbba6903e31548c981986723006a25&uid=26cbba6903e31548c981986723006...
43 B
229 B
Image
General
Full URL
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEO8l6kRGAW6gyI-7seFIWsA&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=26cbba6903e31548c981986723006a25&uid=26cbba6903e31548c981986723006a25&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNXmHUB5Eo-jeDAM-YFu8gPxc59BPJEnoJBZ4HWthb7HtomLcQkKCdzNMTm-VLBm7BXam6E8M9bBiGGiGRRBafXFvjo6Mw
Protocol
HTTP/1.1
Server
217.79.187.68 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
cm42.as.net
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 03:38:35 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Access-Control-Allow-Origin
*
Location
https://cm.adsafety.net/?_cmsrc=dcm&testmidt=1&testdid=CAESEO8l6kRGAW6gyI-7seFIWsA&idt=0&did=0&data[stv][midt]=100&data[stv][mdid]=26cbba6903e31548c981986723006a25&uid=26cbba6903e31548c981986723006a25&data[stv][idt_did_status]=added&gdpr_consent=&gdpr=0
Date
Tue, 23 Jan 2024 03:38:35 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame EA94
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNXmHUB5Eo-jeDAM-YFu8gPxc59BPJEnoJBZ4HWthb7HtomLcQkKCdzNMTm-VLBm7BXam6E8M9bBiGGiGRRBafXFvjo6Mw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1113
6 KB
3 KB
Document
General
Full URL
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:33 GMT
expires
Wed, 22 Jan 2025 03:38:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame DE1C
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa06ae650b7f67219406246c0410f957bb9ca1f311ce09b8b351def2e2a811dc

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2743
264 B
125 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNXsep3PQv_uhdB5qyEWO8MXuMEytqIump6wDqMtg7NlPq4f3-aHStND0b6dBGoyHe5xVk5EJU1-I2bKJ4i5-ZPHVAAnEg
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05deee3fdf1fcfaf986017678f334ea2733f5e233f80b1081f3f0867fb55179f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame AC9E
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 03:38:35 GMT
r62eglto.js
ad4m.at/ Frame AC9E
24 KB
9 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Jan 2024 06:20:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
595058
etag
W/"ea6b8b5621410c697cbfca30307bc4ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6W36dJ8ib%2B1WreZNnECa2HiopOyuwML%2BGS78xkXkPiHlf8sLB%2Bs4sNsFFeUI85%2FOuUFlGqbZ4mGg%2FjO0BNCkXdg19gmerSyBw9xRy9G6Fox61kGfSNKHiVK%2BjJ%2FYb2oWv4ymRc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
849d0135c9b51d8c-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Jan 2024 06:20:57 GMT
0cb798d3-8c06-4c7e-bd98-0d4ea6e7870f
a1203.casalemedia.com/impression/v2/201336/85/cmnj9eha09qbf39t0oj0/ Frame AC9E
43 B
303 B
Image
General
Full URL
https://a1203.casalemedia.com/impression/v2/201336/85/cmnj9eha09qbf39t0oj0/0cb798d3-8c06-4c7e-bd98-0d4ea6e7870f?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1705981714&profileIDs=&creativeID=18d3727&pubID=182762&format=banner&channel=site
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.60.134 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:35 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame AC9E
42 B
107 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AIpsA5cqmA4ExhV76xJXdlImcFrMdNZ3wOzS0nwCrWVfG68cdPS3YT8JJS-qQAA6G1SuHaprGBeCq9CCZBLlRrU1aQS1LDhjc1aemFKpNrvCatoM0
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
30 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3801837833584460&correlator=3308147838326520&eid=31079957%2C31080496%2C31079724&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fifs&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=11&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3Dd73a653a13f2f49f%3AT%3D1705981113%3ART%3D1705981113%3AS%3DALNI_Mb1JF_cD5eBfkgoBO3S1ziePAa9sA&gpic=UID%3D00000d47b8500e9b%3AT%3D1705981113%3ART%3D1705981113%3AS%3DALNI_MbfupWRtW_bgqrzZWS6Cr1ei-ta8w&abxe=1&dt=1705981115797&lmt=1705981115&adxs=386&adys=8165&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=8&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&psts=AOrYGsman6824urSO2NodxDYNpWvkpYVgvY6Rcgio3v1ixjb%2CAOrYGsl3Hc4o5wg9SoAhEKvUAWsLv5DJovfl6w3SR3khPRamDwtaAV24df3rwELmsuAfDFKxeojKzAILJAM3CXj31-7UOA%2CAOrYGsnEQtl9vThQ_W1ayFAjT25eLLiuQZT7I4UPIA_23lIu2ylX9Jt2iGp1m4OFnLojsh-cPddxBohjxc3DHgN-Lxvo7Q%2CAOrYGskP0WogTJeuA2wXBAEkR5KxvxUh6sV9IGBlSbdkusXJk6H1OigERR4KtYC1K0HoZNi32mkIpD-37bXr0c0i6zphiA%2CAOrYGslzUN0dbcsrdQy-yWSz4ZWrD13kzO3ER4wRfiS4S3dO94MIUHDaLKmXWAO3SMfM418ct-A7kdtQiS8pM1QbjDxQtw%2CAOrYGskSmD66oghlbuOR1IffPBySRPn8w9Crps5P3VpYjP5SjYoAeHl-l6fTf0DaRTH0crjY1np4YdeBo0ITgO9BGB95rQ%2CAOrYGskZi5EENzEtb-Aq1Vd4aJlCAua1BHoxIkgnbYC-PYj2lq4NvRL5RO-b3kP96UWh4rw-4Kg2Cy72lyXPzY6NHctpig%2CAOrYGskhqTDAKrQM4-R3ybm8i6zlEPr6ZaCu6gWoD1s5_GtGavxiZPGK6HmBdTXZRLADP8I0PDECvABr3PfCkeruwmvxXg&ga_vid=1374325086.1705981113&ga_sid=1705981114&ga_hid=827497303&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Y0-qXo9MxSABSAghkEhsKDGlkNS1zeW5jLmNvbRib65ej0zFIAFICCGoSGgoNY3J3ZGNudHJsLm5ldBIAGLXrl6PTMUgAEjsKCnB1YmNpZC5vcmcSJGU3ZTM4YWMxLTkxNzEtNGJkYi05ODA5LWNjM2E5NTMyMTA0MRj26pej0zFIABIdCg5lc3AuY3JpdGVvLmNvbRjT6pej0zFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pY0U1cGNFaFVSV3BVV2l0V00wWXlNbTF1Y25BMVVUMDlJbjA9GNDul6PTMUgAEq4BCghydGJob3VzZRKYAXJ0aHJSQkpoU2dDSENwOHdTUU16b0ZRcE1CWEZLbUJjKzU2ZFpBZHZJU3A0RzFiajBYUXE2ditERm5pbFZFOTFaQXpHSmoxUTBxVCs0eTViRXVWdFhiVkdPdVk5VXF0NW1oZVFYaXZKbTFHR0JtWFF6QkxJNTlVd1Y2eXBCV0N5R2MrKzNOSk5kTHdVVi9TRjB6MGVTQT09GKHsl6PTMUgA&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D10%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26bidder_responseTime%3Dix_200%26auction_id%3Dded40807-b5f1-4875-a849-2c4d0f3ae1e3%26monu_df%3D0.05%26safeframe%3Dtrue%26bid_source%3Dclient%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_adid%3D282a27a312768b6c%26hb_bidder%3Dix%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Ddf%26provider_performance%3Dix_notchrome_0.05%26context%3D3_ZH_notchrome%26browser_hour_refresh%3Dundefined_3_0%26slotOnScreen%3Dfalse&cust_params=page_num%3D0%26big4%3Dfalse%26iabCategory%3D264%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=1593952094&frm=20&eo_id_str=ID%3Dd583b5ec4e3a5c9c%3AT%3D1705981113%3ART%3D1705981113%3AS%3DAA-AfjZMvcohb3uIGzb4FJhEix2b
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
43ccc9257f5ed5b95b6862ce8a3144aa0a1cceac38b9f8ca758884483cd9bd9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12958
x-xss-protection
0
google-lineitem-id
6125550888
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138407048190
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame CC2E
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:7400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 3a4b7ff21260552f6982d2003fec9c84.cloudfront.net (CloudFront)
date
Thu, 11 Jan 2024 08:49:59 GMT
x-amz-cf-pop
ZRH55-P1
age
2306899
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
OuNqCDEGaKSKQ_AQzDW28JKSSem47f_fwSOFuNjpsxV2ju9FOrPmQw==
mon
pixel.adsafeprotected.com/ Frame DE85
43 B
215 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=8095&pubId=182762&chanId=242368&campId=5916627&custom5=1&placementId=32704&custom=700d2db5-01d6-4612-9304-a973ca437258&custom2=folkd.com&custom3=02&planId=300x600&custom4=300x600&adsafe_par&impId=1&adsafe_url=https%3A%2F%2Ffolkd.com&adsafe_type=g&adsafe_url=https%3A%2F%2Ffolkd.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:734c5183-433c-0410-aefa-573050149c45,c:25LHsw,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7b546d5668-j9tr4,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:235,mot:0,app:0,maw:0,fm:u29AU4D+11%7C12%7C13%7C14111%7C14112%7C141131%7C141132%7C141133%7C141134%7C141135%7C14114%7C14115%7C14116%7C14117%7C1412%7C1413%7C1414%7C1415%7C15%7C16%7C171*.8095%7C1711%7C1811%7C1911%7C1a%7C1b%7C1c%7C1d,idMap:171*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:254,oid:e334acf5-b9a0-11ee-9f80-8abac4049abe,v:19.8.473,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.204.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-204-174.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
server
nginx
x-server-name
app02.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
track.adform.net/csimpr/ Frame DE85
35 B
626 B
Ping
General
Full URL
https://track.adform.net/csimpr/?bn=67903450&csi=fyXQi5YakQBt5bS4jjeJ2Wr5h_Co5atXMdFigg9QXkIJDwKV3Zer3AZU1ud_ztNqbjWk1mPLtXUUBBNSkPqsbCQf6BfgfukZEBQ5juPi97UDvP-67D9Y4w2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
dt
dt.adsafeprotected.com/ Frame DE85
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=8095&asId=734c5183-433c-0410-aefa-573050149c45&tv=%7Bc:25LHt8,pingTime:-3,time:291,type:v,im:%7BpBlk:262%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:253%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:291,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:253,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B54~0%5D,as:%5B54~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:u29AU4D+11%7C12%7C13%7C14111%7C14112%7C141131%7C141132%7C141133%7C141134%7C141135%7C14114%7C14115%7C14116%7C14117%7C1412%7C1413%7C1414%7C1415%7C15%7C16%7C171*.8095%7C1711%7C1811%7C1911%7C1a%7C1b%7C1c%7C1d,idMap:171*,rmeas:1,rend:0,renddet:IMG.us,siq:254%7D&br=c
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:e315:15fa:9bb4:390c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame DE85
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=8095&asId=734c5183-433c-0410-aefa-573050149c45&tv=%7Bc:25LHt8,pingTime:-6,time:291,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:291,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:253,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B54~0%5D,as:%5B54~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:u29AU4D+11%7C12%7C13%7C14111%7C14112%7C141131%7C141132%7C141133%7C141134%7C141135%7C14114%7C14115%7C14116%7C14117%7C1412%7C1413%7C1414%7C1415%7C15%7C16%7C171*.8095%7C1711%7C1811%7C1911%7C1a%7C1b%7C1c%7C1d,idMap:171*,rmeas:1,rend:0,renddet:IMG.us,siq:254%7D&tpiLookup=ao:folkd.com*%2C428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com*&br=c
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:e315:15fa:9bb4:390c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
securepubads.g.doubleclick.net/pcs/ Frame BDB0
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJfph8lcef5UVKIGUKC3tEWZ3VjyHgoZ7SFbmkA-DBKet9gzQ_8d2ZhrTTK5O2LA66o_WJyqaNBgQ-qFSh0nmYFC8_CZUVK-n6P3P3cdMb4-GSCjOnUv2bIYfHM-NZuO9nLZLNVvANkQ9T-dT7JVkUJACH-V4ZMBp9i60LKmE5bdeyguavvqGX_eS24zoSOsWgMTmp4otrLVBLEPcwvNfsmDUVFhpBAB9MBSp-9VOGyxmXb3kRPnQXKPiyD_kni1BH7QkysZOja5TQGQcu-H3O7vwBjQAMrUTVEU2C_zYzO7OGGfcp47XkJaUuEvolk4t1nsYEiTWApek4b-Ag2rOmMA2zyqCBrFQTuEtV8w6PO1w64qkxqUQ&sai=AMfl-YQE17I1VH_ZudN6g9LJfq0ToEoegk7bjmA2oCrjBeMiFK4Y8y5bV8MySc4rAeseEe2U08bSxni2d6IJaPemvdNmbZp9J-1OUaHIligNqTjn6bQpvLLYOkX-9ndoHpM&sig=Cg0ArKJSzHf6pXvxLV7REAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
30 KB
13 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3801837833584460&correlator=570651688594835&eid=31079957%2C31080496%2C31079724&output=ldjh&gdfp_req=1&vrg=202401180101&ptt=17&impl=fifs&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=12&sfv=1-0-40&ifs=%5B%5B%5B2%2C1%5D%5D%5D&eri=1&sc=1&cookie=ID%3Dd73a653a13f2f49f%3AT%3D1705981113%3ART%3D1705981113%3AS%3DALNI_Mb1JF_cD5eBfkgoBO3S1ziePAa9sA&gpic=UID%3D00000d47b8500e9b%3AT%3D1705981113%3ART%3D1705981113%3AS%3DALNI_MbfupWRtW_bgqrzZWS6Cr1ei-ta8w&abxe=1&dt=1705981115880&lmt=1705981115&adxs=386&adys=7278&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=9&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=740&psts=AOrYGsman6824urSO2NodxDYNpWvkpYVgvY6Rcgio3v1ixjb%2CAOrYGsl3Hc4o5wg9SoAhEKvUAWsLv5DJovfl6w3SR3khPRamDwtaAV24df3rwELmsuAfDFKxeojKzAILJAM3CXj31-7UOA%2CAOrYGsnEQtl9vThQ_W1ayFAjT25eLLiuQZT7I4UPIA_23lIu2ylX9Jt2iGp1m4OFnLojsh-cPddxBohjxc3DHgN-Lxvo7Q%2CAOrYGskP0WogTJeuA2wXBAEkR5KxvxUh6sV9IGBlSbdkusXJk6H1OigERR4KtYC1K0HoZNi32mkIpD-37bXr0c0i6zphiA%2CAOrYGslzUN0dbcsrdQy-yWSz4ZWrD13kzO3ER4wRfiS4S3dO94MIUHDaLKmXWAO3SMfM418ct-A7kdtQiS8pM1QbjDxQtw%2CAOrYGskSmD66oghlbuOR1IffPBySRPn8w9Crps5P3VpYjP5SjYoAeHl-l6fTf0DaRTH0crjY1np4YdeBo0ITgO9BGB95rQ%2CAOrYGskZi5EENzEtb-Aq1Vd4aJlCAua1BHoxIkgnbYC-PYj2lq4NvRL5RO-b3kP96UWh4rw-4Kg2Cy72lyXPzY6NHctpig%2CAOrYGskhqTDAKrQM4-R3ybm8i6zlEPr6ZaCu6gWoD1s5_GtGavxiZPGK6HmBdTXZRLADP8I0PDECvABr3PfCkeruwmvxXg&ga_vid=1374325086.1705981113&ga_sid=1705981114&ga_hid=827497303&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Y0-qXo9MxSABSAghkEhsKDGlkNS1zeW5jLmNvbRib65ej0zFIAFICCGoSGgoNY3J3ZGNudHJsLm5ldBIAGLXrl6PTMUgAEjsKCnB1YmNpZC5vcmcSJGU3ZTM4YWMxLTkxNzEtNGJkYi05ODA5LWNjM2E5NTMyMTA0MRj26pej0zFIABIdCg5lc3AuY3JpdGVvLmNvbRjT6pej0zFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pY0U1cGNFaFVSV3BVV2l0V00wWXlNbTF1Y25BMVVUMDlJbjA9GNDul6PTMUgAEq4BCghydGJob3VzZRKYAXJ0aHJSQkpoU2dDSENwOHdTUU16b0ZRcE1CWEZLbUJjKzU2ZFpBZHZJU3A0RzFiajBYUXE2ditERm5pbFZFOTFaQXpHSmoxUTBxVCs0eTViRXVWdFhiVkdPdVk5VXF0NW1oZVFYaXZKbTFHR0JtWFF6QkxJNTlVd1Y2eXBCV0N5R2MrKzNOSk5kTHdVVi9TRjB6MGVTQT09GKHsl6PTMUgA&prev_scp=pos%3D1%26monu%3D728x90_A1%26slotNum%3D1%26placementNum%3D9%26allowNative%3Dfalse%26amznbid%3D2%26amznp%3D2%26bidder_responseTime%3Dix_200%26auction_id%3D5d543e45-13ef-443e-95e9-71230b1bd131%26monu_df%3D0.05%26safeframe%3Dtrue%26bid_source%3Dclient%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_adid%3D2819e7beb2a3aca5%26hb_bidder%3Dix%26lastRefreshEmpty%3Dfalse%26refresh_count%3D0%26lre_rc%3Dfalse_0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Ddf%26provider_performance%3Dix_notchrome_0.05%26context%3D3_ZH_notchrome%26browser_hour_refresh%3Dundefined_3_0%26slotOnScreen%3Dfalse&cust_params=page_num%3D0%26big4%3Dfalse%26iabCategory%3D264%26url%3Dfolkd.com%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2041785808&frm=20&eo_id_str=ID%3Dd583b5ec4e3a5c9c%3AT%3D1705981113%3ART%3D1705981113%3AS%3DAA-AfjZMvcohb3uIGzb4FJhEix2b
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f3a2f23b87726a7e734ba9e86fe91b3eaa06cdc872ca2391c72f01f4105ba28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12965
x-xss-protection
0
google-lineitem-id
6125550888
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138406914026
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://folkd.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4F93
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQiCxC0WxYMYC3GISDWr4YzB0ceMOh1deDgNisu70eE9tswYcndUo8S_GYAX8lBlgeokqbcOmD1oBS9O_epNdOMNiY7zjN3gV6mUgHJYuDYN5S5okcXLbxMJ4Xh_uTbXEfxB7PA2acefwqKnxhmgwApuD8H7yAVytDAm-9ec-d0rn9t-buVtV7t3ClRawEMYlTD9F-s36MujKYFPj1i4LEnwGbRxqHX8pmnQnyHsF1QE5-DfOISTQCBKkPphg8Fxb1qJZAUE4Z1R-jOwImSzOr2nzr8Mx3gnV6bWM8P6W46yjDHxCjxX-eoTV3wgk-IFCIUcxwlNQto0di3xsbN3sfO1secX9pCaGg3xSOVb2Jxlt53JkPPvM&sai=AMfl-YQpOGsImixrrzDtBAIDAytI9aw_tVqy70OSlRFuK49N_fydHNvQ-cDdY3YQs6ByER789t2fIS2cTyRplTgXv-7Dp6uVlAKXSAXZtI7k7rXFIui4crBzoCdcMZTULxU&sig=Cg0ArKJSzE1hLifXkNpBEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1113
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 01:04:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
527640
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Jan 2025 01:04:35 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 1113
26 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5693
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRvr7GwucCe5U%2FAceiWr%2BzHlr%2BBRbg5cIQhgxb%2BjSsYg0XgJTWQSN4vrIB1VFkf4VzoTj88DDSL7vUD3ROP9%2BXOpEcmSfAiyGe9bRE7yg2%2F66I7B4mOMbwlIZQzJa8ThK5Wx8MpxZD%2BV9lZmJuk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
849d01368f0f927a-FRA
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1113
206 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 03:38:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0776
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4574284053670&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0776
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4574284053670&version=m202309260101&ct=77&x=13&cor=8979418068587765000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0776
36 KB
20 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-76pagFm_ESL9jQ-UQlhN9911I0RvK3Srz3tVno09Od7Tw9dSrk2dGBmlQWBxivDu87xnb3wZSOABthCSZ9sbkDwDDyh_nWYtWAJhFjHcsIo9xXBzkqorzRfu6KxYAHl7SLcRbTDcgC9Qpcw3cYWg__f9mFV5mbQSV3g4-iQg0W8q8KQ&cry=1&dbm_d=AKAmf-BEc9V64glLQoAbN4TsEVmZQX-YO7QhSjYqzLS-XKoLWjiRiCpoJwJXT9dVx7f8KAEjTVIuY9YTZktloB8xo2Ih18MHfIZPSy6zu8iSX29T6_j0003Jp8MmVS--Y0_0iIgBx6DFAOPuNd9oNprayDxEgi1T8l8F6ZYXOTJsDOpdMvm_N8Pzu88KWnc1SjR5wmHuavjUGiFX8gm0LmBa9EihIQpVLm87VTzgOMjei6qRwS4m79UZpIf81KyQEeRO2sLmk_CekPLF11q5DRqAST7XaJaJmkfgx30O8yjwW1L5K3H-kcyBCy9n-erRMQMGZ5ASb_xQsYjr6HqKE9QXwX-Qke33X7hgD2v8FgkkrI98n7CQtxOt-QbPTnwxcUChWeS31ssM6LWGdiLPFl_bS0Wp5eN7l7B4Wuy8tk5BbZbd6sUQ4SoOs5LR155OgBJdGI-IfWR9h9OCUzI_rSsmvh5xdGstqP3PR56iihIjUZJhijW99RERDoLCwSPVevKHURXC-6TAB-hLHznLB2NHOa3ZoiMtKKv7qpJa_qrbqrcomAmY8npLrV4qvyq4DDMO9dVVw-JH0Ma5aKmWorlyGPn6TUQtKOMdxf7RV242_zNBWh7gJ62rsEyYy0HMCQv1_xw6Uiyj1Ief5FUOiKzE_klpBRhmyEsbYVycbL-edmjZZJW7eIfSgoZhYZNlmnbY263WzXYmTZCVNxRE5ZTAlXPxKSqidEqbeW-gw6MmtNEeIK-cuAYrg71dqA4rS9vzRdSByrAZ3CDrw9qVJSTNUl9NqUvA6AUUx947M-YGBDGmIPNhYOQl8pEEZ5RkEeZr9HW0os0KLHJji7T91Mcmegju5p311N98PKY_w3-V4sE9xRcfEyXEKQhPfymCISglwwd0pabcMSIKeWafIPgJjjXlrzy00c7yJih6IyPae9aAFWCY9ytDz7oKttpIgAbnWx8jPjMFGOzBI0hI78gfzOqTc6S8ZJo1LdxLtucUrpKzWeNbYCv1AirEDCtEjEREkjsPvZTkttdcfPQUoqRBDBxw7VDrStWDAXLyJW_XJfkPUgMVdK5-90EWROS5lVura4XgvR1rk65B3XxW1NbEY9qus8O1-n_GMnzLkguM7h0hxkv1IGXQSDnQh_odwFYPzK0XYRTjJIa5yUfrmr5XyOecGJsig3j5xql_WHj2H_E52wFdvwmyjxioPHn87MEC0wMBudLM93_CvwhMAcObCtX7X4-Zj0Lj334SlK7yqZm9YLDVnObumLechs6jFi1v21lVkrMhFEpEXOpPVy2PDZ4iPSwQ0FWkyhNyuRB--8EZpV0jyeBQisoKZaDiG6LcQddyC0NZmjHuMkuS7jnynaEUppwCUwli0oJ5ktqkYBF6Vo2hZL_hYleAzJCUAFjuMfJO7E0_0YWrlSXNGhfmwhS0z-N_zUvLbK1KR00wAkqnLzpLenNgxjORn4khO1dErJU4yXLKrRGNU7dFbN8wLjPzk_x8XeGhhPaHGEK-zaKVkOdZh_i5oWj505QOg8XVAvXLfYdQUGt_SwN1TQ6O9Wwty6c85vnUve6YSrBLJewMfyRYg4uXbhKFX3nBJtZ1In-dX9zV4lCJs6I--KNCVnIJD500ukQq59TDSeZdbWT0eaEXWbg1MAhGhzLi3-9WjtFtuGJ5n0fdlP_U4_xFWFZHdIrRAurKulgQ10JO13KjgUROIEiX3BbxAF0mA1vYTWk4n3w-p1HdnojSsedkBUiVRnLDPU-lxJTO0bre9TFT_nR2DsKnBdqYo2Fi0CDACE0s6wxkhyGIkYf8fXRoX89wUw0wYajJ09IR4nzDcOIIWX0u0bJRdRaQwFHCUkLmWJtN1rHlqlz_zaTkCaPQ3Uavr0FEVdfnPi5_mfmhipmKX6ykKthexVTq2ytdwucKLzv1mL9YZ8tmKpPOndpuL4E95xpYUBExOn1fIDX-F2M51W18QcA3csNrXHbioa5I6cUFNpx8xtK5gDW-ACJaK3ypgIJAq-CbtOj7MSONwU7_SB3E_0ro5aDf9UqsVntJ04cVjgNXAVhhztUgcg5m5HJBIHw-2vtrLlHe96-Nfzg0E8dVigbmzoB6zykopu4y_aRbv29OqjQBdBCOJhJqXx7v4PqM__xeUUY1EnWnsEIYzhhmWI0wFFwvHa3bAuAYi3YIRtS9l6bHA3IhRt0zX5_-OMBnOHmIo5XMiVlo8ZcvNMZw-C280yfZ9jKxjXOdPm8a0Nidq8HZOXuvAil_SmH5QbOk1SDT9JL_ttA5RP3krXVhr4-zpJykftDePWnXa6UZtdoH2omMVP7pixClk-B1dDDBKX4QAlgjJ7DMcn9QwoisdE7xGW-kU2RVrPoP5NhdUQaOfiJlY03p8ogqN-_uWASvdxsdpK94x77HKk0TLpWEj2_H4dKvQe2rhCPk2uZFlA552heUS9RG5834a6g2mLntd5eDRQ-Jx_qnnhLMAAk-3l1qoUvJLbulrU1T6WNndd3GT_z9LWeOd1PCBuV27NrPLumNqZNq6mdNGfcGmp5rogxdSjA4NlYGFSmQR2EzUWgBtO9fQeLC3P7VkEN-QOcFx6pUoMCvH3qaFRUM8fRq8MJ3cJBQgsr4emS_iRvf4AGUlP-r9sG5Vvik_HPJqFPSpFJSESDnqSVbStgNOY5_0IamFO1u-kLRTOFP-FPXaPTzc5YkCP6hbPJrLN1lhnZJJLP7ySy0JzpWZ6JSj8AAuoE9KrC2J31UZMxsr4L48cHk7mc-W85ASoYNtMc6FqT_Sk1Oc7ngom9ldKpNNx4xo0KY39bzTq1FwQ24Z-iag037r-JWyHGru53ro78L_ti9H9z_-7nB_aCtfJlkqtXesCUAgsdiUtoIqN8wioyjAngCd5mAVToY5ZAWUv8tPkvmABDifx0qmSHQwE8Ev4UmW7zzqk9L0WwfqgkjSdnE2_XBzFXUP3uoENDfN7_evvsv9JkBzUXLtdJz_FUREYAA_TipJ7c2POWmP_2aRvUPpsrwsK9aslhCGC4E2PQFmj-xNRL0F99FPM7EIGAl3qMBj6XM8AjClFZGhMQ2lrQ8hcb2nnuFe6kggHI2ljQOBx_vfeU0WcSM79LtSjw3zspZ-5cebgLNv9QOmnLXmALJaHwufEwbt4Ly8FziCpWSukUytZlTTAY9MCMcD3gal34z2xZiZ7zRuU6FHVnkWovEaWIrT017JbCoT--wOmqHVDG0d7tlLYOST7gs9zqfJThtVNhNDv3ghKlUwMyLg9TgzlLH86ePa58d45dPwl1SIodf_dgQaYrJ1Lk2M3V2wAvjF5zfBp_IU64JK8KiaKN8PXvYkcGGtpd1v5q6tbv-oN4KQe7z6Jvy6oUVV0JoyI3O5b7T1x5c37rdeJe5vNir1DyILngxmBd49rYBgARIYWfEMzi42ERnMPOLgkzpmasIZH1Owu1tQqo4-DHqUn1r-L5F8wLJeaSwsfGwO-RagHSb8YmeEsn6gjFWjsE0AAfTKwayXy387R3vVfGBHiuIgSK-2JVNgxvSRhwOIExs6D46lGVW4KB8g-wi3abdYNNJ5qbwMCsP0dTr95KEdeJNv7FMnvxRsKgVfbMGsD4goCrC3Zbf1G1JyBaAFPnOK25H3NWxrSOIwqcE5RGdEPIKwWyih1nZKQdPFoI4ebbFOs-4MA&pr=13%3AZa80ugAAAAAmfdAEyQ3u-tqXhpTujTWB_5ZomA&cid=CAQSMgAvHhf_6L8TZ9aLiR_2VgnSH_FeGxSVGM_csWy0zp8toKysWP-JuLVXi2H2fIqfhXVwGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=8979418068587765000&adk=2232634997&idt=170&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e3dca4c611a512a601e5df44a84d42b0b833d22601bc42561c6ab0483e80b4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20541
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ad.sxp.smartclip.net/ Frame 2743
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOilPGYPjrFuf7Qr44ZNEno&google_cver=1
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOilPGYPjrFuf7Qr44ZNEno&google_cver=1&ang_testid=1
42 B
437 B
Image
General
Full URL
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOilPGYPjrFuf7Qr44ZNEno&google_cver=1&ang_testid=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNXsep3PQv_uhdB5qyEWO8MXuMEytqIump6wDqMtg7NlPq4f3-aHStND0b6dBGoyHe5xVk5EJU1-I2bKJ4i5-ZPHVAAnEg
Protocol
H2
Server
35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.194.186.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Tue, 23 Jan 2024 03:38:36 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOilPGYPjrFuf7Qr44ZNEno&google_cver=1&ang_testid=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
m
ad.yieldlab.net/ Frame 2743
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEB5as0qm5Kg7lSYCnxzDP6k&google_cver=1
0
235 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEB5as0qm5Kg7lSYCnxzDP6k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNXsep3PQv_uhdB5qyEWO8MXuMEytqIump6wDqMtg7NlPq4f3-aHStND0b6dBGoyHe5xVk5EJU1-I2bKJ4i5-ZPHVAAnEg
Protocol
HTTP/1.1
Server
184.30.17.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-243.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:36 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Mon, 22 Jan 2024 03:38:36 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEB5as0qm5Kg7lSYCnxzDP6k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame DE85
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=8095&asId=734c5183-433c-0410-aefa-573050149c45&tv=%7Bc:25LHul,pingTime:-2,time:366,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:409,beZ:410,mfA:644,cmA:645,inA:645,inZ:648,prA:648,prZ:660,si:663,poA:663,bl:672,poZ:672,cmZ:672,mfZ:672,loA:700,loZ:702,ltA:775,ltZ:775,mdA:410,mdZ:486,idA:672,idZ:736%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:253%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:366,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:253,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B129~0%5D,as:%5B129~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:u29AU4D+11%7C12%7C13%7C14111%7C14112%7C141131%7C141132%7C141133%7C141134%7C141135%7C14114%7C14115%7C14116%7C14117%7C1412%7C1413%7C1414%7C1415%7C15%7C16%7C171*.8095%7C1711%7C1811%7C1911%7C1a%7C1b%7C1c%7C1d,idMap:171*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:254,sinceFw:112,readyFired:true%7D&br=c
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:e315:15fa:9bb4:390c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
securepubads.g.doubleclick.net/pcs/ Frame EF46
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjQmgWwTcN1TT-DDRqHlVK7nGILHCggSRe-Zejx2qxzIKCRxXdevXZ88gf_lSlyLULDHfijVcvV9W6VtfHcHUJfrsUYjZXEHNxLugkOJ3KJ-r1nwCOMj4tUr4pN27SgIZHgzQUIKbgP-HJaWORAf11v3gRERdrF2C8ZXCMZcEiyXgMwEX_5vqcBZh3eppYKZ-qFLoZEUkUtTI3wZ79NGIcLktPuW_0h9Vu7QnCa1W0zGSxKZHpgvKlQ-Chl1COGaWTG5HsduGT-ZSOr1Ot1ESeSHvnmitjsih_PFZ2hrHN_u181Ub7dW4LjHyguNWbL_eydtpMx_z2Gz9Aue_zBmhWEDarbMfxND44NYBmsCf-Gmp0aceaWSQ&sai=AMfl-YR9j-acfw_rXQf9A37TfcL2FzBmwqFnVN4N-llfewfT10LKsH0A3rZbS0FokTE_zluyqzmk57yxbLj1WdUrflV6Nl1ZhFZJ--JUHauVCPa1cGE_blXLwTUuoO47KiA&sig=Cg0ArKJSzGjbTOED6w2vEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
13004045.js
s1.adform.net/Banners/Elements/Files/2135726/13004045/ Frame E0BD
3 KB
2 KB
Script
General
Full URL
https://s1.adform.net/Banners/Elements/Files/2135726/13004045/13004045.js?ADFassetID=13004045&bv=257
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
527e8ed040f143bdae1e2dd9b09e0af5b41a40ec8c593b06d9a3764d647a30ac

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
last-modified
Wed, 07 Jun 2023 14:48:51 GMT
server
nginx
x-amz-request-id
tx0000073bf9345fdbf2334-0065a0c7d6-3295f919-default
etag
W/"e93acdcc4ed1cf10a46550b9fe6f84a6"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
truncated
/ Frame BDB0
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4572a18dfe4a5f4b5b77648eaacda37a1e0cb08e261be3bcb44f94e98bb17fae

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
track.adform.net/adfscript/ Frame DEEE
1 KB
1 KB
Script
General
Full URL
https://track.adform.net/adfscript/?bn=67903448;rtbwp=Za80uwAAAAA7pnV2O9a3cB7Oos5tkGOHjZSYew;rtbdata=JmhGGE0Ooy5Tbg1lboNz3LthwCTVQ9-2ou39pUlP6FPjJolEA22bjRkwoOAsi8rWzdigAwChWcnjKe-guS5X7JB_CSiecMu3VF31rLo_PT_rUBCvIMmTM_I9jq6yvuQ0yFg1YNsgsVG76FslKcgL6xMwbL2NIc_uZzFAo0AlJT3rMeRwyzzhnzZLcBQglqsM1z0UFkcNjzGyXC15ITRgAeslGEgS6KLK8YxBSGWzhUIOdTWiwKb_g9rGlAmoAVco2IfsOfphMFTGtluoRAQdE6JjdfnOlL1K0
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
922eaa1f6eacdfd6639c4863e1cbb3fa180c02c39ceeaa9264691170275b2fe9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
895
expires
-1
92cae3e4-5e25-48bf-81ac-96d4fabdc069
a1214.casalemedia.com/impression/v2/201336/111/cmnj9euhqut85rqrf380/ Frame DEEE
43 B
303 B
Image
General
Full URL
https://a1214.casalemedia.com/impression/v2/201336/111/cmnj9euhqut85rqrf380/92cae3e4-5e25-48bf-81ac-96d4fabdc069?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1705981715&profileIDs=&creativeID=232a58b&pubID=182762&format=banner&channel=site
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.60.145 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:36 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
container.html
428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8423
6 KB
3 KB
Document
General
Full URL
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:33 GMT
expires
Wed, 22 Jan 2025 03:38:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame AC9E
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1557010678775&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AC9E
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1557010678775&version=m202309260101&ct=77&x=13&cor=11442618358939790000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame AC9E
36 KB
20 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B6lFgUcQ2ynvGRoXE0XjMPvfJymyNGFuohae3jG_L-JHrqs52L_PCSeI1MtJOo9UtLyLnWz_iBW_5OeCfyS9QLZxIBEHLJKdrsE_Z0abAY9LIe9dkDCV5F8CeAIiTGZj_2bxjFPcHlzLkAjqLXu_xQXdcZi_XLFSw6WwdRwLMKxvEUxjs&cry=1&dbm_d=AKAmf-CBTd0YgGTGAcv6z72CNV4-oSm3tDVwrSlZzQNx2WThZLci7IGY-vZmaCpfwkZQb80w5nUOW8_maopaTriTur6ewSVaMDKia9pLD-bRRVCqjI_nEug0i-qqObLmnPYIUv7JaaLn5e3wEznOfdgYIQTRL0VQl2wVJRRaeaP7hm_mHbQlYExUIywpszN_f3mz1taaz7pTn9K2efZI6iYt_MAAAvFihDNDUj2rln0noepug-T4dwNgWAD7Bx1VYHcRT_HRHy5Q4ofpvIwyeLfB49DMTSoMKkHuXL90kU4AcGCPkYBJ4zAaOLy3OMA6uUSjUQnKsyNgd9v8NEdtSX9NPNiNEjFnJ5VjYvg2vM7QkoqP9eOxmPhUXEVrig1COKjbm068yruy9hUJOSVhtH1LwhL8_iuD7i9pD9FMwVznAx9Pcr9lLtS4UfTu-ZvHQH6LSvTofCcOwFSu6_ocu3QFMDZa5KpDHePYsZ0TiIup6hTlmo-UuPt1LxgRp_2HHkYOwRu1ZxfRPNTqLiR8KWTBBNYMpVOk982YhwqSZ4gzj4m7z8oKW5rCww5sprHpgJxIybsKaI9QS8SPUBlUS2B_7xUD13HBoTKj0UDCI69SEf_mWqDjfAdX-ipaEU2QRKjqxqYERGhvaGXG_iU7rpyJIcLQET1USp-AO0TEgktP6cyotj6Kb67uN7XrrfQc43-NUmFlMP-kb7_H7dbw7a1zIeiGeeTC0snakSvsD1E8BoK6ZTVBMSnYvhPUCE-O-2klVxrOH8QSa3cWREbASWYmDLJ3ySM-DBXF0kNyF7O7fw4Rh0IM-h8LKXDD2dDC0FH1Ez80NaaBYMwVKzf6N-TOvwszRjoMNpA7O5DlKKx3Vi4QiENLh7RsFw0r5Rkp7t-93RIVYWcCvb6V42KYEy6ckQCaKwHZJD-GIvMcUqQkEpzxRTv-QuZnu7zPP5Gg14ruEcLPPaXZJ5pYuNY2I7ezojkFA60bz-8F84VPXNW2VxOFEnxIWjSlt-ruDkxcJzIelRUbHM4P0Xy_Kn05BomFzGykoKQMdFEq8IKtxsi0CIX48oLcPhQRVuy9SWUqpDTu5aRZuduQnvhybIh9UWpTzqp5fleEluJLHTJ8ksFyuhVIY4wkaU-l6u2KbhBYTSd7T1YwZc4w_tlV8_mSK4vwkN7LBaD8T_lmBLzCswmIkt-CkNYcO2aq2wCUpxX-g4sS6mfulpq4pbFaIRNEtn2-QRAlQV1GTFk6vja-Q3QjPf57vwI_gVnkyK6N1cUWNWqc2QDNnmoFVTyCL01NlvU8xeVNcxjTiqTpacpW7zMAdG7GAzVkPA2U9MkWiGelGTqsN8tEmizqJHNzH3O47drZNNInCwQk0333Ci_HCHSEBWaJ4hNXsxKmE4NzcewwJrbJM14FhZmMEOvpVu9kb-_nGq9UnFNi2L4HSJaehkL_ZiPQ1AU-1lMkTvuNsEsG3Smx_CjIOXr9KVSsUzQQdyxNxDQHY5P3YFef7eK1B8uACWH64KV0X2dPDXXd5HWQmlIhPl9d2BOg5FMLjjjB063k0kFRj8ieZI4D9JTF-RhMnSXcPfrhAU29Sd-ZjiFPNxjMj1PrN1LZgJw9-t4-V31OLZVU9KiQWuJDL8sUmc8gJCB5Ns_uE_ClIntiZdgjQAbikpFOydQKlTeB_8f2AGZXhJ8BkadFIXzt7hQmD7nv__7WwmCLvZYD-G34FBYbjjPwWusfTw9sCAkTl36D3xC1muYEg3Sv4aOBZElQDm7BAqOv1_Tp2eTO1ZP9BrU5IFT6-L79_Hq_VQg_IpCZEQWUnTYSQAQrqlXaCppaMUSBwlP1oBQBdomptSQMW6PIsqCQXXP8nLvWTUDob4d8UHmNE0MrkuGFaWd8KAQzbw0-_bIDUysQwgRMImyuzQvXjIUdkPKqbSOpw3asHYABirWRyxgatrJwwComfq9UZgkSVvioeynrYM61Jjs4twf3mNmrh_9-OIoEGkmDPAzG4uWtsiY414x2dPfLeOmsw6RfFGyR0up5CdAL7AiedvzlCfcGEiIWnNBf-4BD0y6FXkYZdJVeS1TrzyG2TGhLjndtNLh-1uKYAcI5aa76JsH2MXq58_8BSBPMe4J4l3WQ-NWrG-0Vw56ujYVovGFmEnbkTSI4rkMcHMrt9F7s-PnZWjBNoyQtjoci4SYPYrc9wPUwc0zKff_vkFynbiRmcJdtMzSz5e9b4EdPxLiZ78NCQRqpjAQIebE0P9rqI0JRQF6iCPr8VmGbICsDw8fUo9X1hF6m4vr173hnC_ZA_PJISePmC1sOnMSnu9UFCH55fsfS2VjU6mog77tHn5ZLOIfCtmszHFxrFndDbqXo6QjkH4D_aD9AvV2xSUQo8a_kxXTm-Cvik7aMnseJ_e3CItR3-M14cwQVCTyaMuiTFhwfGPjuMLMZZR-bUdWqwbtPaoPtegD3bp8GuvmLAQKyC-FvvkFPeQmaoSQHe8L8FjydhkcLENmdPaaayXgaQJc_pc_6aB4G2fW8T308W2r1LE52VuvP61vb96LeFjflD2IN_U17ZmNiy63cuLbRj_JDsqDsAV0AZaV0bYD1vlJyuvdVIb6rSyoSHZIKfzxRwFTkDbYsOCeXdBg8q4aHdygVzZjoofL4MP51hqbkYG31TOAonCqevPpuQyeql7SiE4u3aC0OUG1M1L0GO8_QMaiSN0onQhQqEuCxMtBFmgmDsgO_QH_40xQqGG7TxQJVgaIfoA5z5tD_1n8Wvu2sTgzkNtBrHX6mMyIzUcI7oildnHOBhyq5YwjoUP1AX-aKHqFAAn2Z69Ty1odZSzZUEnjXMBdnLLYXgRBjQ1qM7Q8t9iv-7QEzEKoNoutpe9_cScvSv1wkidTieE6PR8qOQtFwgoQTy3YEqxMeRNchuSFk3SxCVuSgx-C9cn12hhWQ4DkDs_cHYlwXyCiSTmVpQcFs-FyuH5sxXNbCdw5wOPxU0oTGH3sJmbrLfrLYz0eSnWiiPel3RhV-oqbSn6EopHLxVTqDfKQ-zmA5USp2nzG70-W6hLwyrxNo_sWiLOictXgV4yUFtlvJScRzCTLGzIW7Eh82vsNNnoo47UW4JDuZ0fypvMX2pSciP2_veYH7jI0TEleAG9BNVtzzVUfqkU5o1uFKyZCauLATK1nIdgyIeHBUuhZgN5pY9ILiVnHfHMRWCP0btuYwTqYqy2VNjdhPjz6DC5j7G_x255jPNNoFMYMo5XKuHQXwY0qizbHBkSoC0h_TcV_T2hSwXeKOlrqiQ8icGpUDWA_RsC8jsfy4Ns27TFAgKCtaVDQQWCHZqygIJaMQwcCqM6CmSzSdQyqVUImkQQj4roTpqxfVIAXJRlUBCARIKWixQMBD02WNwkTJuN44NgL6wpskUV9jZYbHjsG074IaMYC6uo4CeL2mRIulc5XmPfuCi2inE65ZNx2duntrLMOMK1S7PYaP_fm712fD38yZVJCrG7E2BfJLq-7nv3PRd7aex4oerPxnF8ZWOxF_aWYwpq9RG6i7nvJdAfFkY8jqqSmXZj6idGQ7uyp9w01i4lUW-Mm8qVN22Wdlk_9VBHpZQsWjEU9D3mg3LnuAUlccM6n3-7vEZr-3b6CyhAIvKLqMLK_IUAVdw-aCp8xA1gRuZ-Wl&pr=13%3AZa80ugAAAAASjIY2abPb4c0LPJicZHbNBmPDnQ&cid=CAQSMgAvHhf_67iS8AYdOINZx2XjgZW3fx7i21BL10VqHUBQbeWYuav5q_ZNoTZuvct2FQa6GAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=11442618358939790000&adk=1210347684&idt=110&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a3ef347399b85cdbb13aa57682829b1cdd528ee68a8cfa2e489a3601108e121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20779
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 4F93
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5cb0409c5348f33ced7149cb31ad6354c386883773600d579dde61e792901028

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame CF9C
264 B
126 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNW332Ln1Q_G4XkYxyREqcCbDdM-pOH33gcYxf4VP8arCKN42F7-gpIwSBur04srcYunnKfdoy4vla-a653lDp0eprj5MQ
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05deee3fdf1fcfaf986017678f334ea2733f5e233f80b1081f3f0867fb55179f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C20C
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 03:38:36 GMT
r62eglto.js
ad4m.at/ Frame C20C
24 KB
10 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Jan 2024 06:20:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
595059
etag
W/"ea6b8b5621410c697cbfca30307bc4ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79GAr0Xn%2BxReamrsG0eslXG79NEyrDKGGb%2FAXAdl9hkRnvjsO1f%2BW4pz1XZn5lT5kSpu7bveodILlqP8N8h2ur8mWhxGpaWmUKfElQ2D3XwgPVpGYReAP0EMvr4N8BFXKxxebkg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
849d0137099b6ae1-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Jan 2024 06:20:57 GMT
a3ce5bfb-2475-4ca9-ac69-09c4ba32aa14
a5134.casalemedia.com/impression/v2/201336/85/cmnj9eli6i0ut1do0o9g/ Frame C20C
43 B
303 B
Image
General
Full URL
https://a5134.casalemedia.com/impression/v2/201336/85/cmnj9eli6i0ut1do0o9g/a3ce5bfb-2475-4ca9-ac69-09c4ba32aa14?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1705981714&profileIDs=&creativeID=18d3727&pubID=182762&format=banner&channel=site
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.91.45.48 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:36 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C20C
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CQyy95LBmlhgQqUxJrgHLpfWR73CNWLMujpLcLd6rWotdY3eKN7JR4XABbiU50_i_PhVqT38se3TYlMGFb8HLceEHn86x4hEf-smo--mooT_jSgsU
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame EF46
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e5657c282317e3e7792d92fed4e3cfe8bdb1f5241ecc28889fb0f67318f8732

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 37B7
663 B
258 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNWAU2bHC1BMvwMFG0DCrL9QRSQAhOSaGOxbhifp3ekg_fYgwe2NIUFlxn_CsEsFI1tlX6bKP5169zBcrJ9dbUKcBvDEUg
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame DC66
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 03:38:36 GMT
r62eglto.js
ad4m.at/ Frame DC66
24 KB
10 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Jan 2024 06:20:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
595059
etag
W/"ea6b8b5621410c697cbfca30307bc4ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P34pI62%2B5Nt8Jhdot5s78nQ6VtfbPCSTzYM6YzWLEKBZC%2BgaogbsYZRIi%2BI8Y%2F4qkoLd2QRxks3lsTrZWzyHrPeF9rUr50Z%2BOE93ZYM8j5i0pDqJKHwhKkW3UU004k8VWdJ7b%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
849d013729a86ae1-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Jan 2024 06:20:57 GMT
9c0a481d-084e-44f5-a2ef-8d4f014eacd5
a1131.casalemedia.com/impression/v2/201336/85/cmnj9eq26bq913p31pe0/ Frame DC66
43 B
303 B
Image
General
Full URL
https://a1131.casalemedia.com/impression/v2/201336/85/cmnj9eq26bq913p31pe0/9c0a481d-084e-44f5-a2ef-8d4f014eacd5?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1705981715&profileIDs=&creativeID=18d3727&pubID=182762&format=banner&channel=site
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.60.62 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:36 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame DC66
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DaXPDpynar0Ty28jQOOodHBXBF9vp0svSJJjpTwbthCiA5g91HQAIuafpQTwHkcpStdF6ASDwMdWrr_OqJE5iZKe-4Z-IaPTZJTbYRCA2fiexywdE
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1113
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4RPhx7EX0lfQandunAlEOis5cu3A3ClRhksednaTOA8zL1HKvBDxw0umFIbYxynyZk6prKG2_9kZMBybmkGy3uhw4Id3nZRD8N_KqUIS5BhYn0U9yhsy9ANYGQO0Hwut19m4O6rOMM0yeyIvcE9Jp8GQO0wTO9NCeDsgEDyD8JkDu0Oc7kWo0_KWRP1XJO1sFyP0mqcZOC94XV3mgvOXq3Wv4LihFQaaFwtYn6V6LoTJ2VCxps6yuv-QObKU_nQQ7N55ydQy4OoK3xC8Zg0qrt0OhgB3mgkrmh3DQmzN1Vabuw1267TboRH3HjDWnYB90kA21zI6-_G_08wD6pbe4A-S2CwTai27FhcAkGWLci8fpl8bn-L0&sai=AMfl-YRq2VIUQ2VP3MWVkLcamczojKr2AWm6pJvuZo-oF-cMC2auEEXLGKOkByUh67_N-BEydx3pOditQfVS_t0LjEwGM4Oord5fnkpLdGqN2j1dYHu7XUEMzeaGil-Fkrw&sig=Cg0ArKJSzKKPoJc6UZXEEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 0776
31 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-76pagFm_ESL9jQ-UQlhN9911I0RvK3Srz3tVno09Od7Tw9dSrk2dGBmlQWBxivDu87xnb3wZSOABthCSZ9sbkDwDDyh_nWYtWAJhFjHcsIo9xXBzkqorzRfu6KxYAHl7SLcRbTDcgC9Qpcw3cYWg__f9mFV5mbQSV3g4-iQg0W8q8KQ&cry=1&dbm_d=AKAmf-BEc9V64glLQoAbN4TsEVmZQX-YO7QhSjYqzLS-XKoLWjiRiCpoJwJXT9dVx7f8KAEjTVIuY9YTZktloB8xo2Ih18MHfIZPSy6zu8iSX29T6_j0003Jp8MmVS--Y0_0iIgBx6DFAOPuNd9oNprayDxEgi1T8l8F6ZYXOTJsDOpdMvm_N8Pzu88KWnc1SjR5wmHuavjUGiFX8gm0LmBa9EihIQpVLm87VTzgOMjei6qRwS4m79UZpIf81KyQEeRO2sLmk_CekPLF11q5DRqAST7XaJaJmkfgx30O8yjwW1L5K3H-kcyBCy9n-erRMQMGZ5ASb_xQsYjr6HqKE9QXwX-Qke33X7hgD2v8FgkkrI98n7CQtxOt-QbPTnwxcUChWeS31ssM6LWGdiLPFl_bS0Wp5eN7l7B4Wuy8tk5BbZbd6sUQ4SoOs5LR155OgBJdGI-IfWR9h9OCUzI_rSsmvh5xdGstqP3PR56iihIjUZJhijW99RERDoLCwSPVevKHURXC-6TAB-hLHznLB2NHOa3ZoiMtKKv7qpJa_qrbqrcomAmY8npLrV4qvyq4DDMO9dVVw-JH0Ma5aKmWorlyGPn6TUQtKOMdxf7RV242_zNBWh7gJ62rsEyYy0HMCQv1_xw6Uiyj1Ief5FUOiKzE_klpBRhmyEsbYVycbL-edmjZZJW7eIfSgoZhYZNlmnbY263WzXYmTZCVNxRE5ZTAlXPxKSqidEqbeW-gw6MmtNEeIK-cuAYrg71dqA4rS9vzRdSByrAZ3CDrw9qVJSTNUl9NqUvA6AUUx947M-YGBDGmIPNhYOQl8pEEZ5RkEeZr9HW0os0KLHJji7T91Mcmegju5p311N98PKY_w3-V4sE9xRcfEyXEKQhPfymCISglwwd0pabcMSIKeWafIPgJjjXlrzy00c7yJih6IyPae9aAFWCY9ytDz7oKttpIgAbnWx8jPjMFGOzBI0hI78gfzOqTc6S8ZJo1LdxLtucUrpKzWeNbYCv1AirEDCtEjEREkjsPvZTkttdcfPQUoqRBDBxw7VDrStWDAXLyJW_XJfkPUgMVdK5-90EWROS5lVura4XgvR1rk65B3XxW1NbEY9qus8O1-n_GMnzLkguM7h0hxkv1IGXQSDnQh_odwFYPzK0XYRTjJIa5yUfrmr5XyOecGJsig3j5xql_WHj2H_E52wFdvwmyjxioPHn87MEC0wMBudLM93_CvwhMAcObCtX7X4-Zj0Lj334SlK7yqZm9YLDVnObumLechs6jFi1v21lVkrMhFEpEXOpPVy2PDZ4iPSwQ0FWkyhNyuRB--8EZpV0jyeBQisoKZaDiG6LcQddyC0NZmjHuMkuS7jnynaEUppwCUwli0oJ5ktqkYBF6Vo2hZL_hYleAzJCUAFjuMfJO7E0_0YWrlSXNGhfmwhS0z-N_zUvLbK1KR00wAkqnLzpLenNgxjORn4khO1dErJU4yXLKrRGNU7dFbN8wLjPzk_x8XeGhhPaHGEK-zaKVkOdZh_i5oWj505QOg8XVAvXLfYdQUGt_SwN1TQ6O9Wwty6c85vnUve6YSrBLJewMfyRYg4uXbhKFX3nBJtZ1In-dX9zV4lCJs6I--KNCVnIJD500ukQq59TDSeZdbWT0eaEXWbg1MAhGhzLi3-9WjtFtuGJ5n0fdlP_U4_xFWFZHdIrRAurKulgQ10JO13KjgUROIEiX3BbxAF0mA1vYTWk4n3w-p1HdnojSsedkBUiVRnLDPU-lxJTO0bre9TFT_nR2DsKnBdqYo2Fi0CDACE0s6wxkhyGIkYf8fXRoX89wUw0wYajJ09IR4nzDcOIIWX0u0bJRdRaQwFHCUkLmWJtN1rHlqlz_zaTkCaPQ3Uavr0FEVdfnPi5_mfmhipmKX6ykKthexVTq2ytdwucKLzv1mL9YZ8tmKpPOndpuL4E95xpYUBExOn1fIDX-F2M51W18QcA3csNrXHbioa5I6cUFNpx8xtK5gDW-ACJaK3ypgIJAq-CbtOj7MSONwU7_SB3E_0ro5aDf9UqsVntJ04cVjgNXAVhhztUgcg5m5HJBIHw-2vtrLlHe96-Nfzg0E8dVigbmzoB6zykopu4y_aRbv29OqjQBdBCOJhJqXx7v4PqM__xeUUY1EnWnsEIYzhhmWI0wFFwvHa3bAuAYi3YIRtS9l6bHA3IhRt0zX5_-OMBnOHmIo5XMiVlo8ZcvNMZw-C280yfZ9jKxjXOdPm8a0Nidq8HZOXuvAil_SmH5QbOk1SDT9JL_ttA5RP3krXVhr4-zpJykftDePWnXa6UZtdoH2omMVP7pixClk-B1dDDBKX4QAlgjJ7DMcn9QwoisdE7xGW-kU2RVrPoP5NhdUQaOfiJlY03p8ogqN-_uWASvdxsdpK94x77HKk0TLpWEj2_H4dKvQe2rhCPk2uZFlA552heUS9RG5834a6g2mLntd5eDRQ-Jx_qnnhLMAAk-3l1qoUvJLbulrU1T6WNndd3GT_z9LWeOd1PCBuV27NrPLumNqZNq6mdNGfcGmp5rogxdSjA4NlYGFSmQR2EzUWgBtO9fQeLC3P7VkEN-QOcFx6pUoMCvH3qaFRUM8fRq8MJ3cJBQgsr4emS_iRvf4AGUlP-r9sG5Vvik_HPJqFPSpFJSESDnqSVbStgNOY5_0IamFO1u-kLRTOFP-FPXaPTzc5YkCP6hbPJrLN1lhnZJJLP7ySy0JzpWZ6JSj8AAuoE9KrC2J31UZMxsr4L48cHk7mc-W85ASoYNtMc6FqT_Sk1Oc7ngom9ldKpNNx4xo0KY39bzTq1FwQ24Z-iag037r-JWyHGru53ro78L_ti9H9z_-7nB_aCtfJlkqtXesCUAgsdiUtoIqN8wioyjAngCd5mAVToY5ZAWUv8tPkvmABDifx0qmSHQwE8Ev4UmW7zzqk9L0WwfqgkjSdnE2_XBzFXUP3uoENDfN7_evvsv9JkBzUXLtdJz_FUREYAA_TipJ7c2POWmP_2aRvUPpsrwsK9aslhCGC4E2PQFmj-xNRL0F99FPM7EIGAl3qMBj6XM8AjClFZGhMQ2lrQ8hcb2nnuFe6kggHI2ljQOBx_vfeU0WcSM79LtSjw3zspZ-5cebgLNv9QOmnLXmALJaHwufEwbt4Ly8FziCpWSukUytZlTTAY9MCMcD3gal34z2xZiZ7zRuU6FHVnkWovEaWIrT017JbCoT--wOmqHVDG0d7tlLYOST7gs9zqfJThtVNhNDv3ghKlUwMyLg9TgzlLH86ePa58d45dPwl1SIodf_dgQaYrJ1Lk2M3V2wAvjF5zfBp_IU64JK8KiaKN8PXvYkcGGtpd1v5q6tbv-oN4KQe7z6Jvy6oUVV0JoyI3O5b7T1x5c37rdeJe5vNir1DyILngxmBd49rYBgARIYWfEMzi42ERnMPOLgkzpmasIZH1Owu1tQqo4-DHqUn1r-L5F8wLJeaSwsfGwO-RagHSb8YmeEsn6gjFWjsE0AAfTKwayXy387R3vVfGBHiuIgSK-2JVNgxvSRhwOIExs6D46lGVW4KB8g-wi3abdYNNJ5qbwMCsP0dTr95KEdeJNv7FMnvxRsKgVfbMGsD4goCrC3Zbf1G1JyBaAFPnOK25H3NWxrSOIwqcE5RGdEPIKwWyih1nZKQdPFoI4ebbFOs-4MA&pr=13%3AZa80ugAAAAAmfdAEyQ3u-tqXhpTujTWB_5ZomA&cid=CAQSMgAvHhf_6L8TZ9aLiR_2VgnSH_FeGxSVGM_csWy0zp8toKysWP-JuLVXi2H2fIqfhXVwGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=8979418068587765000&adk=2232634997&idt=170&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
32907
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 18:30:09 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0776
206 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-76pagFm_ESL9jQ-UQlhN9911I0RvK3Srz3tVno09Od7Tw9dSrk2dGBmlQWBxivDu87xnb3wZSOABthCSZ9sbkDwDDyh_nWYtWAJhFjHcsIo9xXBzkqorzRfu6KxYAHl7SLcRbTDcgC9Qpcw3cYWg__f9mFV5mbQSV3g4-iQg0W8q8KQ&cry=1&dbm_d=AKAmf-BEc9V64glLQoAbN4TsEVmZQX-YO7QhSjYqzLS-XKoLWjiRiCpoJwJXT9dVx7f8KAEjTVIuY9YTZktloB8xo2Ih18MHfIZPSy6zu8iSX29T6_j0003Jp8MmVS--Y0_0iIgBx6DFAOPuNd9oNprayDxEgi1T8l8F6ZYXOTJsDOpdMvm_N8Pzu88KWnc1SjR5wmHuavjUGiFX8gm0LmBa9EihIQpVLm87VTzgOMjei6qRwS4m79UZpIf81KyQEeRO2sLmk_CekPLF11q5DRqAST7XaJaJmkfgx30O8yjwW1L5K3H-kcyBCy9n-erRMQMGZ5ASb_xQsYjr6HqKE9QXwX-Qke33X7hgD2v8FgkkrI98n7CQtxOt-QbPTnwxcUChWeS31ssM6LWGdiLPFl_bS0Wp5eN7l7B4Wuy8tk5BbZbd6sUQ4SoOs5LR155OgBJdGI-IfWR9h9OCUzI_rSsmvh5xdGstqP3PR56iihIjUZJhijW99RERDoLCwSPVevKHURXC-6TAB-hLHznLB2NHOa3ZoiMtKKv7qpJa_qrbqrcomAmY8npLrV4qvyq4DDMO9dVVw-JH0Ma5aKmWorlyGPn6TUQtKOMdxf7RV242_zNBWh7gJ62rsEyYy0HMCQv1_xw6Uiyj1Ief5FUOiKzE_klpBRhmyEsbYVycbL-edmjZZJW7eIfSgoZhYZNlmnbY263WzXYmTZCVNxRE5ZTAlXPxKSqidEqbeW-gw6MmtNEeIK-cuAYrg71dqA4rS9vzRdSByrAZ3CDrw9qVJSTNUl9NqUvA6AUUx947M-YGBDGmIPNhYOQl8pEEZ5RkEeZr9HW0os0KLHJji7T91Mcmegju5p311N98PKY_w3-V4sE9xRcfEyXEKQhPfymCISglwwd0pabcMSIKeWafIPgJjjXlrzy00c7yJih6IyPae9aAFWCY9ytDz7oKttpIgAbnWx8jPjMFGOzBI0hI78gfzOqTc6S8ZJo1LdxLtucUrpKzWeNbYCv1AirEDCtEjEREkjsPvZTkttdcfPQUoqRBDBxw7VDrStWDAXLyJW_XJfkPUgMVdK5-90EWROS5lVura4XgvR1rk65B3XxW1NbEY9qus8O1-n_GMnzLkguM7h0hxkv1IGXQSDnQh_odwFYPzK0XYRTjJIa5yUfrmr5XyOecGJsig3j5xql_WHj2H_E52wFdvwmyjxioPHn87MEC0wMBudLM93_CvwhMAcObCtX7X4-Zj0Lj334SlK7yqZm9YLDVnObumLechs6jFi1v21lVkrMhFEpEXOpPVy2PDZ4iPSwQ0FWkyhNyuRB--8EZpV0jyeBQisoKZaDiG6LcQddyC0NZmjHuMkuS7jnynaEUppwCUwli0oJ5ktqkYBF6Vo2hZL_hYleAzJCUAFjuMfJO7E0_0YWrlSXNGhfmwhS0z-N_zUvLbK1KR00wAkqnLzpLenNgxjORn4khO1dErJU4yXLKrRGNU7dFbN8wLjPzk_x8XeGhhPaHGEK-zaKVkOdZh_i5oWj505QOg8XVAvXLfYdQUGt_SwN1TQ6O9Wwty6c85vnUve6YSrBLJewMfyRYg4uXbhKFX3nBJtZ1In-dX9zV4lCJs6I--KNCVnIJD500ukQq59TDSeZdbWT0eaEXWbg1MAhGhzLi3-9WjtFtuGJ5n0fdlP_U4_xFWFZHdIrRAurKulgQ10JO13KjgUROIEiX3BbxAF0mA1vYTWk4n3w-p1HdnojSsedkBUiVRnLDPU-lxJTO0bre9TFT_nR2DsKnBdqYo2Fi0CDACE0s6wxkhyGIkYf8fXRoX89wUw0wYajJ09IR4nzDcOIIWX0u0bJRdRaQwFHCUkLmWJtN1rHlqlz_zaTkCaPQ3Uavr0FEVdfnPi5_mfmhipmKX6ykKthexVTq2ytdwucKLzv1mL9YZ8tmKpPOndpuL4E95xpYUBExOn1fIDX-F2M51W18QcA3csNrXHbioa5I6cUFNpx8xtK5gDW-ACJaK3ypgIJAq-CbtOj7MSONwU7_SB3E_0ro5aDf9UqsVntJ04cVjgNXAVhhztUgcg5m5HJBIHw-2vtrLlHe96-Nfzg0E8dVigbmzoB6zykopu4y_aRbv29OqjQBdBCOJhJqXx7v4PqM__xeUUY1EnWnsEIYzhhmWI0wFFwvHa3bAuAYi3YIRtS9l6bHA3IhRt0zX5_-OMBnOHmIo5XMiVlo8ZcvNMZw-C280yfZ9jKxjXOdPm8a0Nidq8HZOXuvAil_SmH5QbOk1SDT9JL_ttA5RP3krXVhr4-zpJykftDePWnXa6UZtdoH2omMVP7pixClk-B1dDDBKX4QAlgjJ7DMcn9QwoisdE7xGW-kU2RVrPoP5NhdUQaOfiJlY03p8ogqN-_uWASvdxsdpK94x77HKk0TLpWEj2_H4dKvQe2rhCPk2uZFlA552heUS9RG5834a6g2mLntd5eDRQ-Jx_qnnhLMAAk-3l1qoUvJLbulrU1T6WNndd3GT_z9LWeOd1PCBuV27NrPLumNqZNq6mdNGfcGmp5rogxdSjA4NlYGFSmQR2EzUWgBtO9fQeLC3P7VkEN-QOcFx6pUoMCvH3qaFRUM8fRq8MJ3cJBQgsr4emS_iRvf4AGUlP-r9sG5Vvik_HPJqFPSpFJSESDnqSVbStgNOY5_0IamFO1u-kLRTOFP-FPXaPTzc5YkCP6hbPJrLN1lhnZJJLP7ySy0JzpWZ6JSj8AAuoE9KrC2J31UZMxsr4L48cHk7mc-W85ASoYNtMc6FqT_Sk1Oc7ngom9ldKpNNx4xo0KY39bzTq1FwQ24Z-iag037r-JWyHGru53ro78L_ti9H9z_-7nB_aCtfJlkqtXesCUAgsdiUtoIqN8wioyjAngCd5mAVToY5ZAWUv8tPkvmABDifx0qmSHQwE8Ev4UmW7zzqk9L0WwfqgkjSdnE2_XBzFXUP3uoENDfN7_evvsv9JkBzUXLtdJz_FUREYAA_TipJ7c2POWmP_2aRvUPpsrwsK9aslhCGC4E2PQFmj-xNRL0F99FPM7EIGAl3qMBj6XM8AjClFZGhMQ2lrQ8hcb2nnuFe6kggHI2ljQOBx_vfeU0WcSM79LtSjw3zspZ-5cebgLNv9QOmnLXmALJaHwufEwbt4Ly8FziCpWSukUytZlTTAY9MCMcD3gal34z2xZiZ7zRuU6FHVnkWovEaWIrT017JbCoT--wOmqHVDG0d7tlLYOST7gs9zqfJThtVNhNDv3ghKlUwMyLg9TgzlLH86ePa58d45dPwl1SIodf_dgQaYrJ1Lk2M3V2wAvjF5zfBp_IU64JK8KiaKN8PXvYkcGGtpd1v5q6tbv-oN4KQe7z6Jvy6oUVV0JoyI3O5b7T1x5c37rdeJe5vNir1DyILngxmBd49rYBgARIYWfEMzi42ERnMPOLgkzpmasIZH1Owu1tQqo4-DHqUn1r-L5F8wLJeaSwsfGwO-RagHSb8YmeEsn6gjFWjsE0AAfTKwayXy387R3vVfGBHiuIgSK-2JVNgxvSRhwOIExs6D46lGVW4KB8g-wi3abdYNNJ5qbwMCsP0dTr95KEdeJNv7FMnvxRsKgVfbMGsD4goCrC3Zbf1G1JyBaAFPnOK25H3NWxrSOIwqcE5RGdEPIKwWyih1nZKQdPFoI4ebbFOs-4MA&pr=13%3AZa80ugAAAAAmfdAEyQ3u-tqXhpTujTWB_5ZomA&cid=CAQSMgAvHhf_6L8TZ9aLiR_2VgnSH_FeGxSVGM_csWy0zp8toKysWP-JuLVXi2H2fIqfhXVwGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=8979418068587765000&adk=2232634997&idt=170&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 03:38:36 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 0776
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-76pagFm_ESL9jQ-UQlhN9911I0RvK3Srz3tVno09Od7Tw9dSrk2dGBmlQWBxivDu87xnb3wZSOABthCSZ9sbkDwDDyh_nWYtWAJhFjHcsIo9xXBzkqorzRfu6KxYAHl7SLcRbTDcgC9Qpcw3cYWg__f9mFV5mbQSV3g4-iQg0W8q8KQ&cry=1&dbm_d=AKAmf-BEc9V64glLQoAbN4TsEVmZQX-YO7QhSjYqzLS-XKoLWjiRiCpoJwJXT9dVx7f8KAEjTVIuY9YTZktloB8xo2Ih18MHfIZPSy6zu8iSX29T6_j0003Jp8MmVS--Y0_0iIgBx6DFAOPuNd9oNprayDxEgi1T8l8F6ZYXOTJsDOpdMvm_N8Pzu88KWnc1SjR5wmHuavjUGiFX8gm0LmBa9EihIQpVLm87VTzgOMjei6qRwS4m79UZpIf81KyQEeRO2sLmk_CekPLF11q5DRqAST7XaJaJmkfgx30O8yjwW1L5K3H-kcyBCy9n-erRMQMGZ5ASb_xQsYjr6HqKE9QXwX-Qke33X7hgD2v8FgkkrI98n7CQtxOt-QbPTnwxcUChWeS31ssM6LWGdiLPFl_bS0Wp5eN7l7B4Wuy8tk5BbZbd6sUQ4SoOs5LR155OgBJdGI-IfWR9h9OCUzI_rSsmvh5xdGstqP3PR56iihIjUZJhijW99RERDoLCwSPVevKHURXC-6TAB-hLHznLB2NHOa3ZoiMtKKv7qpJa_qrbqrcomAmY8npLrV4qvyq4DDMO9dVVw-JH0Ma5aKmWorlyGPn6TUQtKOMdxf7RV242_zNBWh7gJ62rsEyYy0HMCQv1_xw6Uiyj1Ief5FUOiKzE_klpBRhmyEsbYVycbL-edmjZZJW7eIfSgoZhYZNlmnbY263WzXYmTZCVNxRE5ZTAlXPxKSqidEqbeW-gw6MmtNEeIK-cuAYrg71dqA4rS9vzRdSByrAZ3CDrw9qVJSTNUl9NqUvA6AUUx947M-YGBDGmIPNhYOQl8pEEZ5RkEeZr9HW0os0KLHJji7T91Mcmegju5p311N98PKY_w3-V4sE9xRcfEyXEKQhPfymCISglwwd0pabcMSIKeWafIPgJjjXlrzy00c7yJih6IyPae9aAFWCY9ytDz7oKttpIgAbnWx8jPjMFGOzBI0hI78gfzOqTc6S8ZJo1LdxLtucUrpKzWeNbYCv1AirEDCtEjEREkjsPvZTkttdcfPQUoqRBDBxw7VDrStWDAXLyJW_XJfkPUgMVdK5-90EWROS5lVura4XgvR1rk65B3XxW1NbEY9qus8O1-n_GMnzLkguM7h0hxkv1IGXQSDnQh_odwFYPzK0XYRTjJIa5yUfrmr5XyOecGJsig3j5xql_WHj2H_E52wFdvwmyjxioPHn87MEC0wMBudLM93_CvwhMAcObCtX7X4-Zj0Lj334SlK7yqZm9YLDVnObumLechs6jFi1v21lVkrMhFEpEXOpPVy2PDZ4iPSwQ0FWkyhNyuRB--8EZpV0jyeBQisoKZaDiG6LcQddyC0NZmjHuMkuS7jnynaEUppwCUwli0oJ5ktqkYBF6Vo2hZL_hYleAzJCUAFjuMfJO7E0_0YWrlSXNGhfmwhS0z-N_zUvLbK1KR00wAkqnLzpLenNgxjORn4khO1dErJU4yXLKrRGNU7dFbN8wLjPzk_x8XeGhhPaHGEK-zaKVkOdZh_i5oWj505QOg8XVAvXLfYdQUGt_SwN1TQ6O9Wwty6c85vnUve6YSrBLJewMfyRYg4uXbhKFX3nBJtZ1In-dX9zV4lCJs6I--KNCVnIJD500ukQq59TDSeZdbWT0eaEXWbg1MAhGhzLi3-9WjtFtuGJ5n0fdlP_U4_xFWFZHdIrRAurKulgQ10JO13KjgUROIEiX3BbxAF0mA1vYTWk4n3w-p1HdnojSsedkBUiVRnLDPU-lxJTO0bre9TFT_nR2DsKnBdqYo2Fi0CDACE0s6wxkhyGIkYf8fXRoX89wUw0wYajJ09IR4nzDcOIIWX0u0bJRdRaQwFHCUkLmWJtN1rHlqlz_zaTkCaPQ3Uavr0FEVdfnPi5_mfmhipmKX6ykKthexVTq2ytdwucKLzv1mL9YZ8tmKpPOndpuL4E95xpYUBExOn1fIDX-F2M51W18QcA3csNrXHbioa5I6cUFNpx8xtK5gDW-ACJaK3ypgIJAq-CbtOj7MSONwU7_SB3E_0ro5aDf9UqsVntJ04cVjgNXAVhhztUgcg5m5HJBIHw-2vtrLlHe96-Nfzg0E8dVigbmzoB6zykopu4y_aRbv29OqjQBdBCOJhJqXx7v4PqM__xeUUY1EnWnsEIYzhhmWI0wFFwvHa3bAuAYi3YIRtS9l6bHA3IhRt0zX5_-OMBnOHmIo5XMiVlo8ZcvNMZw-C280yfZ9jKxjXOdPm8a0Nidq8HZOXuvAil_SmH5QbOk1SDT9JL_ttA5RP3krXVhr4-zpJykftDePWnXa6UZtdoH2omMVP7pixClk-B1dDDBKX4QAlgjJ7DMcn9QwoisdE7xGW-kU2RVrPoP5NhdUQaOfiJlY03p8ogqN-_uWASvdxsdpK94x77HKk0TLpWEj2_H4dKvQe2rhCPk2uZFlA552heUS9RG5834a6g2mLntd5eDRQ-Jx_qnnhLMAAk-3l1qoUvJLbulrU1T6WNndd3GT_z9LWeOd1PCBuV27NrPLumNqZNq6mdNGfcGmp5rogxdSjA4NlYGFSmQR2EzUWgBtO9fQeLC3P7VkEN-QOcFx6pUoMCvH3qaFRUM8fRq8MJ3cJBQgsr4emS_iRvf4AGUlP-r9sG5Vvik_HPJqFPSpFJSESDnqSVbStgNOY5_0IamFO1u-kLRTOFP-FPXaPTzc5YkCP6hbPJrLN1lhnZJJLP7ySy0JzpWZ6JSj8AAuoE9KrC2J31UZMxsr4L48cHk7mc-W85ASoYNtMc6FqT_Sk1Oc7ngom9ldKpNNx4xo0KY39bzTq1FwQ24Z-iag037r-JWyHGru53ro78L_ti9H9z_-7nB_aCtfJlkqtXesCUAgsdiUtoIqN8wioyjAngCd5mAVToY5ZAWUv8tPkvmABDifx0qmSHQwE8Ev4UmW7zzqk9L0WwfqgkjSdnE2_XBzFXUP3uoENDfN7_evvsv9JkBzUXLtdJz_FUREYAA_TipJ7c2POWmP_2aRvUPpsrwsK9aslhCGC4E2PQFmj-xNRL0F99FPM7EIGAl3qMBj6XM8AjClFZGhMQ2lrQ8hcb2nnuFe6kggHI2ljQOBx_vfeU0WcSM79LtSjw3zspZ-5cebgLNv9QOmnLXmALJaHwufEwbt4Ly8FziCpWSukUytZlTTAY9MCMcD3gal34z2xZiZ7zRuU6FHVnkWovEaWIrT017JbCoT--wOmqHVDG0d7tlLYOST7gs9zqfJThtVNhNDv3ghKlUwMyLg9TgzlLH86ePa58d45dPwl1SIodf_dgQaYrJ1Lk2M3V2wAvjF5zfBp_IU64JK8KiaKN8PXvYkcGGtpd1v5q6tbv-oN4KQe7z6Jvy6oUVV0JoyI3O5b7T1x5c37rdeJe5vNir1DyILngxmBd49rYBgARIYWfEMzi42ERnMPOLgkzpmasIZH1Owu1tQqo4-DHqUn1r-L5F8wLJeaSwsfGwO-RagHSb8YmeEsn6gjFWjsE0AAfTKwayXy387R3vVfGBHiuIgSK-2JVNgxvSRhwOIExs6D46lGVW4KB8g-wi3abdYNNJ5qbwMCsP0dTr95KEdeJNv7FMnvxRsKgVfbMGsD4goCrC3Zbf1G1JyBaAFPnOK25H3NWxrSOIwqcE5RGdEPIKwWyih1nZKQdPFoI4ebbFOs-4MA&pr=13%3AZa80ugAAAAAmfdAEyQ3u-tqXhpTujTWB_5ZomA&cid=CAQSMgAvHhf_6L8TZ9aLiR_2VgnSH_FeGxSVGM_csWy0zp8toKysWP-JuLVXi2H2fIqfhXVwGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=8979418068587765000&adk=2232634997&idt=170&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:28:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
522623
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:28:13 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTk4MTExNTk0MTQ3NAogIHNlcnZlcl9pcDogMTQ2NTMzODg1CiAgcHJvY2Vzc19pZDogMjcwMTgyNjgzMQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA0MzYyOTYy...
ad.doubleclick.net/ddm/activity/ Frame 0776
0
746 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTk4MTExNTk0MTQ3NAogIHNlcnZlcl9pcDogMTQ2NTMzODg1CiAgcHJvY2Vzc19pZDogMjcwMTgyNjgzMQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA0MzYyOTYyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9hZGZvcm0ubmV0Igp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDE2NjEyNjYyOTY5MjUyNjE3MTA1CmRlYnVnX2tleTogMTY5MDMxOTM2ODM1NzcxODc0MzYKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAxLTIzIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDM2Mjk2MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDI2NzQwMDY1MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzIyNDc2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIwNzA5MTkKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMjE3Nzg3NzQKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWRmb3JtLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2NvbnJhZC5jaCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2R5c29uLmNoIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzU0OTc0NzIwCg
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xbc3881d16fa45c210000000000000000","13":"0x358a6dbb1d547b7c0000000000000000","14":"0xc83bc5d0f57841320000000000000000","15":"0x6b47af8fccf29dce0000000000000000"},"debug_key":"16903193683577187436","debug_reporting":true,"destination":"https://adform.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["4362962"]},"priority":"0","source_event_id":"16612662969252617105"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 93A4
1 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee0ae4248563dc381f487aa661d074894d4d675025f2e09d83fff30804396323

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
849d01374d284d22-FRA
content-encoding
br
content-type
text/html
date
Tue, 23 Jan 2024 03:38:36 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdnwBrtWOpI7oXj7aqXX0TMoqR0I0rMYQkyX0PHynPQEd2o2BO4Oa7SbrpWCNNoBfxkwWofop9swrHm%2BDSQSapkwrvpU2Ym2dhXXg9hJ6yh0nFJXKaQh57xKcEp9n3lAs2%2BfV%2FyqGq%2BS%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame E0BD
Redirect Chain
  • https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js
  • https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
30 KB
14 KB
Script
General
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7a785e8b2ad30e6279397d656a61f70ad6341ee944c310df19593d8fabd79d9f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
last-modified
Tue, 21 Nov 2023 08:14:37 GMT
server
nginx
x-amz-request-id
tx00000df74e44f68a2232d-00655c671a-3295cc06-default
etag
W/"d66b8df08256b7e89279e9f83d1d7c5e"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800

Redirect headers

location
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
content-type
text/html
bootstrap.js
s1.adform.net/stoat/631/s1.adform.net/ Frame DEEE
37 KB
17 KB
Script
General
Full URL
https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=67903448;rtbwp=Za80uwAAAAA7pnV2O9a3cB7Oos5tkGOHjZSYew;rtbdata=JmhGGE0Ooy5Tbg1lboNz3LthwCTVQ9-2ou39pUlP6FPjJolEA22bjRkwoOAsi8rWzdigAwChWcnjKe-guS5X7JB_CSiecMu3VF31rLo_PT_rUBCvIMmTM_I9jq6yvuQ0yFg1YNsgsVG76FslKcgL6xMwbL2NIc_uZzFAo0AlJT3rMeRwyzzhnzZLcBQglqsM1z0UFkcNjzGyXC15ITRgAeslGEgS6KLK8YxBSGWzhUIOdTWiwKb_g9rGlAmoAVco2IfsOfphMFTGtluoRAQdE6JjdfnOlL1K0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3e172351681175a64b1e409719b4e5275cce06c8620547ce26fe08f6a669198e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
last-modified
Tue, 19 Dec 2023 10:28:27 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 19 Jan 2024 16:52:30 GMT
container.html
428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3C73
6 KB
3 KB
Document
General
Full URL
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:33 GMT
expires
Wed, 22 Jan 2025 03:38:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1113
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12c538c22dc32893f9ac5aabda5b75c0e2335dd5ef9bfa92e1a613f23ca2a420

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 1113
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAeLyFbBOCJJW7iqscmmQtc5lyBuoMCaSfp9pRbYSLPTQpVFKPSYszWzkYogO_3kSDtV9RkA2DWaazKRB7Na5MmXG4GdD5lp-Tl1T31f3sXtyQKeH92iXYZ_oQJqWWhvsQmbq5ynOVSUGU__ddwpPZqbXySdFgVfyZluHJdKK5dGJbVUahX8UOVqLVYWfdXi4GIiNqzRa7_kU9ywB3CMgx1ePc5rbr6YELDK0AND29pV_Jo9ofFoMrloNK_UeFH95flbJgRr9xB54QYPPzNuakheRvCKUolydZSKXKDbHKuUSRpNq018foxrzRYAo9KtvKhcpIg5Vkgc_l78azno2fpk1IBxuHVvRLr4vsB_D3Oyi8ubqoR2CT6Q&sai=AMfl-YS86NBwRaA87xLQMxC69uAjHLaWSOq0AE4IRF8HaV7M4SAHt1sJROivJCQyzMKQ3-LM9qhIeaWdeHK5pxdRF_JjbQM_vtTJv5Iirz1uWnBdQ7o8ny6tSg7mbj1Wc6U&sig=Cg0ArKJSzPH2_16isvFbEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 23 Jan 2024 03:38:36 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8423
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 01:04:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
527641
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Jan 2025 01:04:35 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 8423
26 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5694
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGPXnEwpuDZCy8CfMiw1q%2B1wZmsCckSggcy%2FSVeK3OJX%2BZwMiMoLseZDxsXQCC6Jb5dZcwIm5qqYD7EkCbgZ3m6G%2BJJjR9kMlP1%2BR23%2F%2F%2Bba9aAH4BqszppOwgV28hvEvP0DIWjXZ4UHMtm0uwQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
849d01379f5b927a-FRA
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8423
206 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 03:38:36 GMT
r62eglto.js
ad4m.at/ Frame 0776
24 KB
10 KB
Other
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Jan 2024 06:20:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
595059
etag
W/"ea6b8b5621410c697cbfca30307bc4ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fv2qJMGdxcvGTJDDC2S52%2FZQK8oiE9mNuADNqNDLFMdyp0kqooRfhU3IS%2BINSeGWYPuNtIXUyed4%2Bk4IDrM%2BBmPsM2oXsktPO4w6Gk34hVHwu7%2BwGhrPZAHoOot3VuN9zKlgPmo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
849d013799e86ae1-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Jan 2024 06:20:57 GMT
cookie-frame.html
ad4m.at/ Frame E9AA
2 KB
1 KB
Document
General
Full URL
https://ad4m.at/cookie-frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
2117721
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status
HIT
cf-ray
849d013799e96ae1-FRA
content-encoding
br
content-language
en
content-type
text/html
date
Tue, 23 Jan 2024 03:38:36 GMT
expires
Wed, 29 Nov 2023 11:19:10 GMT
last-modified
Tue, 28 Nov 2023 11:49:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMDC%2F2%2BUmqodOAsQmA%2F6sh%2BL1hNyZK%2FWEHaPo3VVeWvEtOtx0T73%2BxCGD8Wnnoy5Eed8hMSHooHD%2BfYBOxPxwDIAkIqqzi9ECS%2Berb2XZhUG9HP%2FE59YKrutVLsRJMYSrK8ENzQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sync
ad.sxp.smartclip.net/ Frame CF9C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOilPGYPjrFuf7Qr44ZNEno&google_cver=1
42 B
60 B
Image
General
Full URL
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOilPGYPjrFuf7Qr44ZNEno&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNW332Ln1Q_G4XkYxyREqcCbDdM-pOH33gcYxf4VP8arCKN42F7-gpIwSBur04srcYunnKfdoy4vla-a653lDp0eprj5MQ
Protocol
H3
Server
35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.194.186.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
via
1.1 google
server
openresty/1.19.9.1
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEOilPGYPjrFuf7Qr44ZNEno&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
309
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
ad.yieldlab.net/ Frame CF9C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEB5as0qm5Kg7lSYCnxzDP6k&google_cver=1
0
235 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEB5as0qm5Kg7lSYCnxzDP6k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNW332Ln1Q_G4XkYxyREqcCbDdM-pOH33gcYxf4VP8arCKN42F7-gpIwSBur04srcYunnKfdoy4vla-a653lDp0eprj5MQ
Protocol
HTTP/1.1
Server
184.30.17.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-243.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:36 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Mon, 22 Jan 2024 03:38:36 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEB5as0qm5Kg7lSYCnxzDP6k&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3F76
663 B
258 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNWCZ8J9ly2PdD6LwUTvf7_B6yHdy7u9IpYWfAdRu71HIA6gswxRG7bQd6nvdYsOzjypCnyVQBNfVSyLnzcAwQKE4O7O8A
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1C74
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 03:38:36 GMT
r62eglto.js
ad4m.at/ Frame 1C74
24 KB
10 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Jan 2024 06:20:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
595059
etag
W/"ea6b8b5621410c697cbfca30307bc4ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7asmkDXiz4VhE1hVr5Z%2BTWtK19M8TvwkaJLbCeCI4ct3wohlqJJII87kLtkuzbHyTc3BvtBrO03Wr4jgs6O5PeSoP3wRLHltRmvEwYT22mHpvt%2FnRupD1qZFJ%2B2JPg%2BxyLFdXE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
849d0137a9f36ae1-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Jan 2024 06:20:57 GMT
f8cf4fd8-146c-48a0-a7c2-177daf45c38a
a5176.casalemedia.com/impression/v2/201336/85/cmnj9eq33c090lgba18g/ Frame 1C74
43 B
303 B
Image
General
Full URL
https://a5176.casalemedia.com/impression/v2/201336/85/cmnj9eq33c090lgba18g/f8cf4fd8-146c-48a0-a7c2-177daf45c38a?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1705981715&profileIDs=&creativeID=18d3727&pubID=182762&format=banner&channel=site
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.91.45.90 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:36 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C74
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-APWhSkTtb6A7V2Y5AQA8pfPU5CP9is1o08_iGX8Htetm26VbxdoVmN1fVzy-aRe0ALJsovbDFLm_zxqKbB_y1tqRu1QFMGca27s4Yf7Z-ZH7JUHP8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.lkqd.net/ Frame 37B7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEHPoxzC9kyhEgi6IpdX2H1U&google_cver=1
43 B
535 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEHPoxzC9kyhEgi6IpdX2H1U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNWAU2bHC1BMvwMFG0DCrL9QRSQAhOSaGOxbhifp3ekg_fYgwe2NIUFlxn_CsEsFI1tlX6bKP5169zBcrJ9dbUKcBvDEUg
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEHPoxzC9kyhEgi6IpdX2H1U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 37B7
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=YTFmdkMyc1pnRW8
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=YTFmdkMyc1pnRW8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNWAU2bHC1BMvwMFG0DCrL9QRSQAhOSaGOxbhifp3ekg_fYgwe2NIUFlxn_CsEsFI1tlX6bKP5169zBcrJ9dbUKcBvDEUg
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 23 Jan 2024 03:38:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=YTFmdkMyc1pnRW8
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 37B7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIHFEWS3q0MQPplEPCDI1sk&google_cver=1
43 B
736 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIHFEWS3q0MQPplEPCDI1sk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNWAU2bHC1BMvwMFG0DCrL9QRSQAhOSaGOxbhifp3ekg_fYgwe2NIUFlxn_CsEsFI1tlX6bKP5169zBcrJ9dbUKcBvDEUg
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khLaRiy31ZDiVWpkVjUigpU3IL1FLU0eHbjGPhS5kgbz7KqjYAezFhjqy%2BPbX1z4ecQqcMRLRE0%2BL9xYhaQhFAw1gnYKo9%2B089qkg3efF9wYv8Ns%2FKCQAcEBJ%2FbnIlep3s%2Bq181q2T94bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d01382da54d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIHFEWS3q0MQPplEPCDI1sk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 37B7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za80ux4LORIGoWQwyWak5QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIHFEWS3q0MQPplEPCDI1sk&google_cver=1
43 B
734 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIHFEWS3q0MQPplEPCDI1sk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNWAU2bHC1BMvwMFG0DCrL9QRSQAhOSaGOxbhifp3ekg_fYgwe2NIUFlxn_CsEsFI1tlX6bKP5169zBcrJ9dbUKcBvDEUg
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NztshgYPFnKXB4P6v1EF28t96SaJRXsFRpRYDbfY9vJeUN37q3Jf5jMNGLXYv8uve4dSFrRqMmw%2BwPqNJV0%2F6wP8YI6Y0%2B1BR8uHclYtmHt44%2BnkoKfzu05qruDr09mdbVskWTQ2rztmhA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d01387dd24d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIHFEWS3q0MQPplEPCDI1sk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
401726.gif
idsync.rlcdn.com/ Frame 93A4
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=2ba2ab4170c645d789519ef87add91a7
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3205897004932985690
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=2ba2ab41-70c6-45d7-8951-9ef87add91a7
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=6e91cd93-5d5a-4ea2-b2e7-c8ee3088fc55%3A1705981116.8684406&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D6e91cd93-5d5a-4ea2-b2e7-c8ee308...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433832264167376&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D6e91cd93-5d5a-4ea2-b2...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=6e91cd93-5d5a-4ea2-b2e7-c8ee3088fc55%3A1705981116.8684406&_=1705981116.870299
  • https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=rd&d.k=acxiom_id&d.u=https://idsync.rlcdn.com/401726.gif?partner_uid={WEBO_CID}
  • https://idsync.rlcdn.com/401726.gif?partner_uid=v3zS0d6CY0GO5W/MGOYBuO
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/401726.gif?partner_uid=v3zS0d6CY0GO5W/MGOYBuO
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
last-modified
Tue, 23 Jan 2024 03:38:37 GMT
server
Apache
transfer-encoding
chunked
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
location
https://idsync.rlcdn.com/401726.gif?partner_uid=v3zS0d6CY0GO5W/MGOYBuO
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Tue, 03 Jul 2001 06:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 93A4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Za80ux4LORIGoWQwyWak5QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIHFEWS3q0MQPplEPCDI1sk&google_cver=1
43 B
728 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIHFEWS3q0MQPplEPCDI1sk&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VagreOICWkAbeCRcMs2YEP72pMhdC89EwpZNSzeLlZZHc0f6ahAbCi3vfb2XMKIZcqgVOc%2F46WgtEAyaRiKJlhLkVBsCAdPnd0turPWbSZfS1WepOtAj827tJQnY6CJTe4QIDwpfnpbew%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d01382da74d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIHFEWS3q0MQPplEPCDI1sk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 93A4
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame 93A4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDS-bhrpNLZGf7A3kAf3D7s&google_cver=1
43 B
732 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDS-bhrpNLZGf7A3kAf3D7s&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BqOlVF4%2B8ovdso12iZFeu1P0O2wuZt%2Fa0DHan9SVmhbVNIJQmBrcX2PEg2m80QUYj3hwqcQI%2BcxD00hFjNoMZ7p17o1YfhjtQCa9P%2FixdLpGpfLAE8RL8t60aK2JbrW80WOsgOhYQKsUA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d01382da84d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDS-bhrpNLZGf7A3kAf3D7s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 93A4
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433832264167376
43 B
735 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433832264167376
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4xUItk92jceF9Phl8ACuG6dMjx%2Fm0CnE%2F3%2BcMHDuPqztC7oXN1bcSUM136ToEQfPLEx6ngRPjInUQvYQPldxH8SFvlh0fndjtJhqxyEdBi6l99zPIzQjd2ROxBb0lNO2%2Bw0GAQWHQLR0w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d0138ee054d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433832264167376
Date
Tue, 23 Jan 2024 03:38:36 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame 93A4
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAACx07LXmkAABMh1hX3Cw&expiration=1707190716
43 B
737 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAACx07LXmkAABMh1hX3Cw&expiration=1707190716
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwc%2F4r%2FSgfH35aqLaeDphreSh%2BMGsP8XgCtk6gKX5CxRLalQcaP5jW4W8zufXC5dP%2BCFLK8mlbM7su1qMhaQRIJF%2BuLMbu7oSG34DjeoMzmo%2FNMIbq88oWDHDvXgVR1LA69RHsDKZgc7HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d01384db54d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAACx07LXmkAABMh1hX3Cw&expiration=1707190716
Date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
bridge
cm.adgrx.com/ Frame 93A4
43 B
283 B
Image
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.181 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-8
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
CookieIndex
rtb.adentifi.com/ Frame 93A4
0
287 B
Image
General
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.213.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-213-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 93A4
43 B
152 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Za80ux4LORIGoWQwyWak5QAA%262130
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
21
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
849d0137efd218ef-FRA
content-length
43
expires
Tue, 23 Jan 2024 07:38:36 GMT
container.html
428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4A06
6 KB
3 KB
Document
General
Full URL
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:33 GMT
expires
Wed, 22 Jan 2025 03:38:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame AC9E
31 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B6lFgUcQ2ynvGRoXE0XjMPvfJymyNGFuohae3jG_L-JHrqs52L_PCSeI1MtJOo9UtLyLnWz_iBW_5OeCfyS9QLZxIBEHLJKdrsE_Z0abAY9LIe9dkDCV5F8CeAIiTGZj_2bxjFPcHlzLkAjqLXu_xQXdcZi_XLFSw6WwdRwLMKxvEUxjs&cry=1&dbm_d=AKAmf-CBTd0YgGTGAcv6z72CNV4-oSm3tDVwrSlZzQNx2WThZLci7IGY-vZmaCpfwkZQb80w5nUOW8_maopaTriTur6ewSVaMDKia9pLD-bRRVCqjI_nEug0i-qqObLmnPYIUv7JaaLn5e3wEznOfdgYIQTRL0VQl2wVJRRaeaP7hm_mHbQlYExUIywpszN_f3mz1taaz7pTn9K2efZI6iYt_MAAAvFihDNDUj2rln0noepug-T4dwNgWAD7Bx1VYHcRT_HRHy5Q4ofpvIwyeLfB49DMTSoMKkHuXL90kU4AcGCPkYBJ4zAaOLy3OMA6uUSjUQnKsyNgd9v8NEdtSX9NPNiNEjFnJ5VjYvg2vM7QkoqP9eOxmPhUXEVrig1COKjbm068yruy9hUJOSVhtH1LwhL8_iuD7i9pD9FMwVznAx9Pcr9lLtS4UfTu-ZvHQH6LSvTofCcOwFSu6_ocu3QFMDZa5KpDHePYsZ0TiIup6hTlmo-UuPt1LxgRp_2HHkYOwRu1ZxfRPNTqLiR8KWTBBNYMpVOk982YhwqSZ4gzj4m7z8oKW5rCww5sprHpgJxIybsKaI9QS8SPUBlUS2B_7xUD13HBoTKj0UDCI69SEf_mWqDjfAdX-ipaEU2QRKjqxqYERGhvaGXG_iU7rpyJIcLQET1USp-AO0TEgktP6cyotj6Kb67uN7XrrfQc43-NUmFlMP-kb7_H7dbw7a1zIeiGeeTC0snakSvsD1E8BoK6ZTVBMSnYvhPUCE-O-2klVxrOH8QSa3cWREbASWYmDLJ3ySM-DBXF0kNyF7O7fw4Rh0IM-h8LKXDD2dDC0FH1Ez80NaaBYMwVKzf6N-TOvwszRjoMNpA7O5DlKKx3Vi4QiENLh7RsFw0r5Rkp7t-93RIVYWcCvb6V42KYEy6ckQCaKwHZJD-GIvMcUqQkEpzxRTv-QuZnu7zPP5Gg14ruEcLPPaXZJ5pYuNY2I7ezojkFA60bz-8F84VPXNW2VxOFEnxIWjSlt-ruDkxcJzIelRUbHM4P0Xy_Kn05BomFzGykoKQMdFEq8IKtxsi0CIX48oLcPhQRVuy9SWUqpDTu5aRZuduQnvhybIh9UWpTzqp5fleEluJLHTJ8ksFyuhVIY4wkaU-l6u2KbhBYTSd7T1YwZc4w_tlV8_mSK4vwkN7LBaD8T_lmBLzCswmIkt-CkNYcO2aq2wCUpxX-g4sS6mfulpq4pbFaIRNEtn2-QRAlQV1GTFk6vja-Q3QjPf57vwI_gVnkyK6N1cUWNWqc2QDNnmoFVTyCL01NlvU8xeVNcxjTiqTpacpW7zMAdG7GAzVkPA2U9MkWiGelGTqsN8tEmizqJHNzH3O47drZNNInCwQk0333Ci_HCHSEBWaJ4hNXsxKmE4NzcewwJrbJM14FhZmMEOvpVu9kb-_nGq9UnFNi2L4HSJaehkL_ZiPQ1AU-1lMkTvuNsEsG3Smx_CjIOXr9KVSsUzQQdyxNxDQHY5P3YFef7eK1B8uACWH64KV0X2dPDXXd5HWQmlIhPl9d2BOg5FMLjjjB063k0kFRj8ieZI4D9JTF-RhMnSXcPfrhAU29Sd-ZjiFPNxjMj1PrN1LZgJw9-t4-V31OLZVU9KiQWuJDL8sUmc8gJCB5Ns_uE_ClIntiZdgjQAbikpFOydQKlTeB_8f2AGZXhJ8BkadFIXzt7hQmD7nv__7WwmCLvZYD-G34FBYbjjPwWusfTw9sCAkTl36D3xC1muYEg3Sv4aOBZElQDm7BAqOv1_Tp2eTO1ZP9BrU5IFT6-L79_Hq_VQg_IpCZEQWUnTYSQAQrqlXaCppaMUSBwlP1oBQBdomptSQMW6PIsqCQXXP8nLvWTUDob4d8UHmNE0MrkuGFaWd8KAQzbw0-_bIDUysQwgRMImyuzQvXjIUdkPKqbSOpw3asHYABirWRyxgatrJwwComfq9UZgkSVvioeynrYM61Jjs4twf3mNmrh_9-OIoEGkmDPAzG4uWtsiY414x2dPfLeOmsw6RfFGyR0up5CdAL7AiedvzlCfcGEiIWnNBf-4BD0y6FXkYZdJVeS1TrzyG2TGhLjndtNLh-1uKYAcI5aa76JsH2MXq58_8BSBPMe4J4l3WQ-NWrG-0Vw56ujYVovGFmEnbkTSI4rkMcHMrt9F7s-PnZWjBNoyQtjoci4SYPYrc9wPUwc0zKff_vkFynbiRmcJdtMzSz5e9b4EdPxLiZ78NCQRqpjAQIebE0P9rqI0JRQF6iCPr8VmGbICsDw8fUo9X1hF6m4vr173hnC_ZA_PJISePmC1sOnMSnu9UFCH55fsfS2VjU6mog77tHn5ZLOIfCtmszHFxrFndDbqXo6QjkH4D_aD9AvV2xSUQo8a_kxXTm-Cvik7aMnseJ_e3CItR3-M14cwQVCTyaMuiTFhwfGPjuMLMZZR-bUdWqwbtPaoPtegD3bp8GuvmLAQKyC-FvvkFPeQmaoSQHe8L8FjydhkcLENmdPaaayXgaQJc_pc_6aB4G2fW8T308W2r1LE52VuvP61vb96LeFjflD2IN_U17ZmNiy63cuLbRj_JDsqDsAV0AZaV0bYD1vlJyuvdVIb6rSyoSHZIKfzxRwFTkDbYsOCeXdBg8q4aHdygVzZjoofL4MP51hqbkYG31TOAonCqevPpuQyeql7SiE4u3aC0OUG1M1L0GO8_QMaiSN0onQhQqEuCxMtBFmgmDsgO_QH_40xQqGG7TxQJVgaIfoA5z5tD_1n8Wvu2sTgzkNtBrHX6mMyIzUcI7oildnHOBhyq5YwjoUP1AX-aKHqFAAn2Z69Ty1odZSzZUEnjXMBdnLLYXgRBjQ1qM7Q8t9iv-7QEzEKoNoutpe9_cScvSv1wkidTieE6PR8qOQtFwgoQTy3YEqxMeRNchuSFk3SxCVuSgx-C9cn12hhWQ4DkDs_cHYlwXyCiSTmVpQcFs-FyuH5sxXNbCdw5wOPxU0oTGH3sJmbrLfrLYz0eSnWiiPel3RhV-oqbSn6EopHLxVTqDfKQ-zmA5USp2nzG70-W6hLwyrxNo_sWiLOictXgV4yUFtlvJScRzCTLGzIW7Eh82vsNNnoo47UW4JDuZ0fypvMX2pSciP2_veYH7jI0TEleAG9BNVtzzVUfqkU5o1uFKyZCauLATK1nIdgyIeHBUuhZgN5pY9ILiVnHfHMRWCP0btuYwTqYqy2VNjdhPjz6DC5j7G_x255jPNNoFMYMo5XKuHQXwY0qizbHBkSoC0h_TcV_T2hSwXeKOlrqiQ8icGpUDWA_RsC8jsfy4Ns27TFAgKCtaVDQQWCHZqygIJaMQwcCqM6CmSzSdQyqVUImkQQj4roTpqxfVIAXJRlUBCARIKWixQMBD02WNwkTJuN44NgL6wpskUV9jZYbHjsG074IaMYC6uo4CeL2mRIulc5XmPfuCi2inE65ZNx2duntrLMOMK1S7PYaP_fm712fD38yZVJCrG7E2BfJLq-7nv3PRd7aex4oerPxnF8ZWOxF_aWYwpq9RG6i7nvJdAfFkY8jqqSmXZj6idGQ7uyp9w01i4lUW-Mm8qVN22Wdlk_9VBHpZQsWjEU9D3mg3LnuAUlccM6n3-7vEZr-3b6CyhAIvKLqMLK_IUAVdw-aCp8xA1gRuZ-Wl&pr=13%3AZa80ugAAAAASjIY2abPb4c0LPJicZHbNBmPDnQ&cid=CAQSMgAvHhf_67iS8AYdOINZx2XjgZW3fx7i21BL10VqHUBQbeWYuav5q_ZNoTZuvct2FQa6GAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=11442618358939790000&adk=1210347684&idt=110&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
32907
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 18:30:09 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame AC9E
206 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B6lFgUcQ2ynvGRoXE0XjMPvfJymyNGFuohae3jG_L-JHrqs52L_PCSeI1MtJOo9UtLyLnWz_iBW_5OeCfyS9QLZxIBEHLJKdrsE_Z0abAY9LIe9dkDCV5F8CeAIiTGZj_2bxjFPcHlzLkAjqLXu_xQXdcZi_XLFSw6WwdRwLMKxvEUxjs&cry=1&dbm_d=AKAmf-CBTd0YgGTGAcv6z72CNV4-oSm3tDVwrSlZzQNx2WThZLci7IGY-vZmaCpfwkZQb80w5nUOW8_maopaTriTur6ewSVaMDKia9pLD-bRRVCqjI_nEug0i-qqObLmnPYIUv7JaaLn5e3wEznOfdgYIQTRL0VQl2wVJRRaeaP7hm_mHbQlYExUIywpszN_f3mz1taaz7pTn9K2efZI6iYt_MAAAvFihDNDUj2rln0noepug-T4dwNgWAD7Bx1VYHcRT_HRHy5Q4ofpvIwyeLfB49DMTSoMKkHuXL90kU4AcGCPkYBJ4zAaOLy3OMA6uUSjUQnKsyNgd9v8NEdtSX9NPNiNEjFnJ5VjYvg2vM7QkoqP9eOxmPhUXEVrig1COKjbm068yruy9hUJOSVhtH1LwhL8_iuD7i9pD9FMwVznAx9Pcr9lLtS4UfTu-ZvHQH6LSvTofCcOwFSu6_ocu3QFMDZa5KpDHePYsZ0TiIup6hTlmo-UuPt1LxgRp_2HHkYOwRu1ZxfRPNTqLiR8KWTBBNYMpVOk982YhwqSZ4gzj4m7z8oKW5rCww5sprHpgJxIybsKaI9QS8SPUBlUS2B_7xUD13HBoTKj0UDCI69SEf_mWqDjfAdX-ipaEU2QRKjqxqYERGhvaGXG_iU7rpyJIcLQET1USp-AO0TEgktP6cyotj6Kb67uN7XrrfQc43-NUmFlMP-kb7_H7dbw7a1zIeiGeeTC0snakSvsD1E8BoK6ZTVBMSnYvhPUCE-O-2klVxrOH8QSa3cWREbASWYmDLJ3ySM-DBXF0kNyF7O7fw4Rh0IM-h8LKXDD2dDC0FH1Ez80NaaBYMwVKzf6N-TOvwszRjoMNpA7O5DlKKx3Vi4QiENLh7RsFw0r5Rkp7t-93RIVYWcCvb6V42KYEy6ckQCaKwHZJD-GIvMcUqQkEpzxRTv-QuZnu7zPP5Gg14ruEcLPPaXZJ5pYuNY2I7ezojkFA60bz-8F84VPXNW2VxOFEnxIWjSlt-ruDkxcJzIelRUbHM4P0Xy_Kn05BomFzGykoKQMdFEq8IKtxsi0CIX48oLcPhQRVuy9SWUqpDTu5aRZuduQnvhybIh9UWpTzqp5fleEluJLHTJ8ksFyuhVIY4wkaU-l6u2KbhBYTSd7T1YwZc4w_tlV8_mSK4vwkN7LBaD8T_lmBLzCswmIkt-CkNYcO2aq2wCUpxX-g4sS6mfulpq4pbFaIRNEtn2-QRAlQV1GTFk6vja-Q3QjPf57vwI_gVnkyK6N1cUWNWqc2QDNnmoFVTyCL01NlvU8xeVNcxjTiqTpacpW7zMAdG7GAzVkPA2U9MkWiGelGTqsN8tEmizqJHNzH3O47drZNNInCwQk0333Ci_HCHSEBWaJ4hNXsxKmE4NzcewwJrbJM14FhZmMEOvpVu9kb-_nGq9UnFNi2L4HSJaehkL_ZiPQ1AU-1lMkTvuNsEsG3Smx_CjIOXr9KVSsUzQQdyxNxDQHY5P3YFef7eK1B8uACWH64KV0X2dPDXXd5HWQmlIhPl9d2BOg5FMLjjjB063k0kFRj8ieZI4D9JTF-RhMnSXcPfrhAU29Sd-ZjiFPNxjMj1PrN1LZgJw9-t4-V31OLZVU9KiQWuJDL8sUmc8gJCB5Ns_uE_ClIntiZdgjQAbikpFOydQKlTeB_8f2AGZXhJ8BkadFIXzt7hQmD7nv__7WwmCLvZYD-G34FBYbjjPwWusfTw9sCAkTl36D3xC1muYEg3Sv4aOBZElQDm7BAqOv1_Tp2eTO1ZP9BrU5IFT6-L79_Hq_VQg_IpCZEQWUnTYSQAQrqlXaCppaMUSBwlP1oBQBdomptSQMW6PIsqCQXXP8nLvWTUDob4d8UHmNE0MrkuGFaWd8KAQzbw0-_bIDUysQwgRMImyuzQvXjIUdkPKqbSOpw3asHYABirWRyxgatrJwwComfq9UZgkSVvioeynrYM61Jjs4twf3mNmrh_9-OIoEGkmDPAzG4uWtsiY414x2dPfLeOmsw6RfFGyR0up5CdAL7AiedvzlCfcGEiIWnNBf-4BD0y6FXkYZdJVeS1TrzyG2TGhLjndtNLh-1uKYAcI5aa76JsH2MXq58_8BSBPMe4J4l3WQ-NWrG-0Vw56ujYVovGFmEnbkTSI4rkMcHMrt9F7s-PnZWjBNoyQtjoci4SYPYrc9wPUwc0zKff_vkFynbiRmcJdtMzSz5e9b4EdPxLiZ78NCQRqpjAQIebE0P9rqI0JRQF6iCPr8VmGbICsDw8fUo9X1hF6m4vr173hnC_ZA_PJISePmC1sOnMSnu9UFCH55fsfS2VjU6mog77tHn5ZLOIfCtmszHFxrFndDbqXo6QjkH4D_aD9AvV2xSUQo8a_kxXTm-Cvik7aMnseJ_e3CItR3-M14cwQVCTyaMuiTFhwfGPjuMLMZZR-bUdWqwbtPaoPtegD3bp8GuvmLAQKyC-FvvkFPeQmaoSQHe8L8FjydhkcLENmdPaaayXgaQJc_pc_6aB4G2fW8T308W2r1LE52VuvP61vb96LeFjflD2IN_U17ZmNiy63cuLbRj_JDsqDsAV0AZaV0bYD1vlJyuvdVIb6rSyoSHZIKfzxRwFTkDbYsOCeXdBg8q4aHdygVzZjoofL4MP51hqbkYG31TOAonCqevPpuQyeql7SiE4u3aC0OUG1M1L0GO8_QMaiSN0onQhQqEuCxMtBFmgmDsgO_QH_40xQqGG7TxQJVgaIfoA5z5tD_1n8Wvu2sTgzkNtBrHX6mMyIzUcI7oildnHOBhyq5YwjoUP1AX-aKHqFAAn2Z69Ty1odZSzZUEnjXMBdnLLYXgRBjQ1qM7Q8t9iv-7QEzEKoNoutpe9_cScvSv1wkidTieE6PR8qOQtFwgoQTy3YEqxMeRNchuSFk3SxCVuSgx-C9cn12hhWQ4DkDs_cHYlwXyCiSTmVpQcFs-FyuH5sxXNbCdw5wOPxU0oTGH3sJmbrLfrLYz0eSnWiiPel3RhV-oqbSn6EopHLxVTqDfKQ-zmA5USp2nzG70-W6hLwyrxNo_sWiLOictXgV4yUFtlvJScRzCTLGzIW7Eh82vsNNnoo47UW4JDuZ0fypvMX2pSciP2_veYH7jI0TEleAG9BNVtzzVUfqkU5o1uFKyZCauLATK1nIdgyIeHBUuhZgN5pY9ILiVnHfHMRWCP0btuYwTqYqy2VNjdhPjz6DC5j7G_x255jPNNoFMYMo5XKuHQXwY0qizbHBkSoC0h_TcV_T2hSwXeKOlrqiQ8icGpUDWA_RsC8jsfy4Ns27TFAgKCtaVDQQWCHZqygIJaMQwcCqM6CmSzSdQyqVUImkQQj4roTpqxfVIAXJRlUBCARIKWixQMBD02WNwkTJuN44NgL6wpskUV9jZYbHjsG074IaMYC6uo4CeL2mRIulc5XmPfuCi2inE65ZNx2duntrLMOMK1S7PYaP_fm712fD38yZVJCrG7E2BfJLq-7nv3PRd7aex4oerPxnF8ZWOxF_aWYwpq9RG6i7nvJdAfFkY8jqqSmXZj6idGQ7uyp9w01i4lUW-Mm8qVN22Wdlk_9VBHpZQsWjEU9D3mg3LnuAUlccM6n3-7vEZr-3b6CyhAIvKLqMLK_IUAVdw-aCp8xA1gRuZ-Wl&pr=13%3AZa80ugAAAAASjIY2abPb4c0LPJicZHbNBmPDnQ&cid=CAQSMgAvHhf_67iS8AYdOINZx2XjgZW3fx7i21BL10VqHUBQbeWYuav5q_ZNoTZuvct2FQa6GAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=11442618358939790000&adk=1210347684&idt=110&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 03:38:36 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame AC9E
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B6lFgUcQ2ynvGRoXE0XjMPvfJymyNGFuohae3jG_L-JHrqs52L_PCSeI1MtJOo9UtLyLnWz_iBW_5OeCfyS9QLZxIBEHLJKdrsE_Z0abAY9LIe9dkDCV5F8CeAIiTGZj_2bxjFPcHlzLkAjqLXu_xQXdcZi_XLFSw6WwdRwLMKxvEUxjs&cry=1&dbm_d=AKAmf-CBTd0YgGTGAcv6z72CNV4-oSm3tDVwrSlZzQNx2WThZLci7IGY-vZmaCpfwkZQb80w5nUOW8_maopaTriTur6ewSVaMDKia9pLD-bRRVCqjI_nEug0i-qqObLmnPYIUv7JaaLn5e3wEznOfdgYIQTRL0VQl2wVJRRaeaP7hm_mHbQlYExUIywpszN_f3mz1taaz7pTn9K2efZI6iYt_MAAAvFihDNDUj2rln0noepug-T4dwNgWAD7Bx1VYHcRT_HRHy5Q4ofpvIwyeLfB49DMTSoMKkHuXL90kU4AcGCPkYBJ4zAaOLy3OMA6uUSjUQnKsyNgd9v8NEdtSX9NPNiNEjFnJ5VjYvg2vM7QkoqP9eOxmPhUXEVrig1COKjbm068yruy9hUJOSVhtH1LwhL8_iuD7i9pD9FMwVznAx9Pcr9lLtS4UfTu-ZvHQH6LSvTofCcOwFSu6_ocu3QFMDZa5KpDHePYsZ0TiIup6hTlmo-UuPt1LxgRp_2HHkYOwRu1ZxfRPNTqLiR8KWTBBNYMpVOk982YhwqSZ4gzj4m7z8oKW5rCww5sprHpgJxIybsKaI9QS8SPUBlUS2B_7xUD13HBoTKj0UDCI69SEf_mWqDjfAdX-ipaEU2QRKjqxqYERGhvaGXG_iU7rpyJIcLQET1USp-AO0TEgktP6cyotj6Kb67uN7XrrfQc43-NUmFlMP-kb7_H7dbw7a1zIeiGeeTC0snakSvsD1E8BoK6ZTVBMSnYvhPUCE-O-2klVxrOH8QSa3cWREbASWYmDLJ3ySM-DBXF0kNyF7O7fw4Rh0IM-h8LKXDD2dDC0FH1Ez80NaaBYMwVKzf6N-TOvwszRjoMNpA7O5DlKKx3Vi4QiENLh7RsFw0r5Rkp7t-93RIVYWcCvb6V42KYEy6ckQCaKwHZJD-GIvMcUqQkEpzxRTv-QuZnu7zPP5Gg14ruEcLPPaXZJ5pYuNY2I7ezojkFA60bz-8F84VPXNW2VxOFEnxIWjSlt-ruDkxcJzIelRUbHM4P0Xy_Kn05BomFzGykoKQMdFEq8IKtxsi0CIX48oLcPhQRVuy9SWUqpDTu5aRZuduQnvhybIh9UWpTzqp5fleEluJLHTJ8ksFyuhVIY4wkaU-l6u2KbhBYTSd7T1YwZc4w_tlV8_mSK4vwkN7LBaD8T_lmBLzCswmIkt-CkNYcO2aq2wCUpxX-g4sS6mfulpq4pbFaIRNEtn2-QRAlQV1GTFk6vja-Q3QjPf57vwI_gVnkyK6N1cUWNWqc2QDNnmoFVTyCL01NlvU8xeVNcxjTiqTpacpW7zMAdG7GAzVkPA2U9MkWiGelGTqsN8tEmizqJHNzH3O47drZNNInCwQk0333Ci_HCHSEBWaJ4hNXsxKmE4NzcewwJrbJM14FhZmMEOvpVu9kb-_nGq9UnFNi2L4HSJaehkL_ZiPQ1AU-1lMkTvuNsEsG3Smx_CjIOXr9KVSsUzQQdyxNxDQHY5P3YFef7eK1B8uACWH64KV0X2dPDXXd5HWQmlIhPl9d2BOg5FMLjjjB063k0kFRj8ieZI4D9JTF-RhMnSXcPfrhAU29Sd-ZjiFPNxjMj1PrN1LZgJw9-t4-V31OLZVU9KiQWuJDL8sUmc8gJCB5Ns_uE_ClIntiZdgjQAbikpFOydQKlTeB_8f2AGZXhJ8BkadFIXzt7hQmD7nv__7WwmCLvZYD-G34FBYbjjPwWusfTw9sCAkTl36D3xC1muYEg3Sv4aOBZElQDm7BAqOv1_Tp2eTO1ZP9BrU5IFT6-L79_Hq_VQg_IpCZEQWUnTYSQAQrqlXaCppaMUSBwlP1oBQBdomptSQMW6PIsqCQXXP8nLvWTUDob4d8UHmNE0MrkuGFaWd8KAQzbw0-_bIDUysQwgRMImyuzQvXjIUdkPKqbSOpw3asHYABirWRyxgatrJwwComfq9UZgkSVvioeynrYM61Jjs4twf3mNmrh_9-OIoEGkmDPAzG4uWtsiY414x2dPfLeOmsw6RfFGyR0up5CdAL7AiedvzlCfcGEiIWnNBf-4BD0y6FXkYZdJVeS1TrzyG2TGhLjndtNLh-1uKYAcI5aa76JsH2MXq58_8BSBPMe4J4l3WQ-NWrG-0Vw56ujYVovGFmEnbkTSI4rkMcHMrt9F7s-PnZWjBNoyQtjoci4SYPYrc9wPUwc0zKff_vkFynbiRmcJdtMzSz5e9b4EdPxLiZ78NCQRqpjAQIebE0P9rqI0JRQF6iCPr8VmGbICsDw8fUo9X1hF6m4vr173hnC_ZA_PJISePmC1sOnMSnu9UFCH55fsfS2VjU6mog77tHn5ZLOIfCtmszHFxrFndDbqXo6QjkH4D_aD9AvV2xSUQo8a_kxXTm-Cvik7aMnseJ_e3CItR3-M14cwQVCTyaMuiTFhwfGPjuMLMZZR-bUdWqwbtPaoPtegD3bp8GuvmLAQKyC-FvvkFPeQmaoSQHe8L8FjydhkcLENmdPaaayXgaQJc_pc_6aB4G2fW8T308W2r1LE52VuvP61vb96LeFjflD2IN_U17ZmNiy63cuLbRj_JDsqDsAV0AZaV0bYD1vlJyuvdVIb6rSyoSHZIKfzxRwFTkDbYsOCeXdBg8q4aHdygVzZjoofL4MP51hqbkYG31TOAonCqevPpuQyeql7SiE4u3aC0OUG1M1L0GO8_QMaiSN0onQhQqEuCxMtBFmgmDsgO_QH_40xQqGG7TxQJVgaIfoA5z5tD_1n8Wvu2sTgzkNtBrHX6mMyIzUcI7oildnHOBhyq5YwjoUP1AX-aKHqFAAn2Z69Ty1odZSzZUEnjXMBdnLLYXgRBjQ1qM7Q8t9iv-7QEzEKoNoutpe9_cScvSv1wkidTieE6PR8qOQtFwgoQTy3YEqxMeRNchuSFk3SxCVuSgx-C9cn12hhWQ4DkDs_cHYlwXyCiSTmVpQcFs-FyuH5sxXNbCdw5wOPxU0oTGH3sJmbrLfrLYz0eSnWiiPel3RhV-oqbSn6EopHLxVTqDfKQ-zmA5USp2nzG70-W6hLwyrxNo_sWiLOictXgV4yUFtlvJScRzCTLGzIW7Eh82vsNNnoo47UW4JDuZ0fypvMX2pSciP2_veYH7jI0TEleAG9BNVtzzVUfqkU5o1uFKyZCauLATK1nIdgyIeHBUuhZgN5pY9ILiVnHfHMRWCP0btuYwTqYqy2VNjdhPjz6DC5j7G_x255jPNNoFMYMo5XKuHQXwY0qizbHBkSoC0h_TcV_T2hSwXeKOlrqiQ8icGpUDWA_RsC8jsfy4Ns27TFAgKCtaVDQQWCHZqygIJaMQwcCqM6CmSzSdQyqVUImkQQj4roTpqxfVIAXJRlUBCARIKWixQMBD02WNwkTJuN44NgL6wpskUV9jZYbHjsG074IaMYC6uo4CeL2mRIulc5XmPfuCi2inE65ZNx2duntrLMOMK1S7PYaP_fm712fD38yZVJCrG7E2BfJLq-7nv3PRd7aex4oerPxnF8ZWOxF_aWYwpq9RG6i7nvJdAfFkY8jqqSmXZj6idGQ7uyp9w01i4lUW-Mm8qVN22Wdlk_9VBHpZQsWjEU9D3mg3LnuAUlccM6n3-7vEZr-3b6CyhAIvKLqMLK_IUAVdw-aCp8xA1gRuZ-Wl&pr=13%3AZa80ugAAAAASjIY2abPb4c0LPJicZHbNBmPDnQ&cid=CAQSMgAvHhf_67iS8AYdOINZx2XjgZW3fx7i21BL10VqHUBQbeWYuav5q_ZNoTZuvct2FQa6GAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=11442618358939790000&adk=1210347684&idt=110&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:28:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
522623
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:28:13 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTk4MTExNjAxNDIxNgogIHNlcnZlcl9pcDogMTI2MDY1OTUyCiAgcHJvY2Vzc19pZDogMjY4NDU0NTc1MAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA0MzYyOTYy...
ad.doubleclick.net/ddm/activity/ Frame AC9E
0
22 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTk4MTExNjAxNDIxNgogIHNlcnZlcl9pcDogMTI2MDY1OTUyCiAgcHJvY2Vzc19pZDogMjY4NDU0NTc1MAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA0MzYyOTYyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9hZGZvcm0ubmV0Igp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDExOTQxMjI3MzY4MjUzMTA1NjIwCmRlYnVnX2tleTogMTIxMDk2NDMwNTIyNDQ1OTk4NjgKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAxLTIzIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDM2Mjk2MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDI2NzQwMDY1MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzIyNDc2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIwNzA5MTkKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMjE3Nzg3NzQKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWRmb3JtLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2NvbnJhZC5jaCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2R5c29uLmNoIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzU0OTc0NzIwCg
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xbc3881d16fa45c210000000000000000","13":"0x358a6dbb1d547b7c0000000000000000","14":"0xc83bc5d0f57841320000000000000000","15":"0x6b47af8fccf29dce0000000000000000"},"debug_key":"12109643052244599868","debug_reporting":true,"destination":"https://adform.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["4362962"]},"priority":"0","source_event_id":"11941227368253105620"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 70B8
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
043be5caa4b29446e3ca043ed9aee58108c3dab806b7a34b562dae0df1c36253

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
849d0137ed704d22-FRA
content-encoding
br
content-type
text/html
date
Tue, 23 Jan 2024 03:38:36 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asTz%2BhkaLHCnOX3bkT7H8AE8hLSiWIBfX%2B02oMKqQhMYPOSEEiHOYa8xOQt9wWm0lC3COkstg2zDNypIzg%2FM5x9qr%2Bsj4IdQTAb06fcnjV09sQNcqS98u6pjpfd5aC6laJfqrO%2Fm65UKsg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3C73
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 01:04:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
527641
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Jan 2025 01:04:35 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 3C73
26 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5694
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fqeno5t0RCQPM2CYLNwCgIcxtpXnIODOWxpSU7noUa5h2quo9psNtDB7QTQEICKwSsRZnk6Nk7%2Fa8NXwtf6nHRlLDYaisaqpm3wUDrE%2FGYFI4sQrPmhOYx%2FB3ugEYNwe85w2VqrODcGYfjCHJac%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
849d01380f7b927a-FRA
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3C73
206 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 03:38:36 GMT
/
track.adform.net/adfserve/ Frame DEEE
5 KB
3 KB
Script
General
Full URL
https://track.adform.net/adfserve/?bn=67903448;rtbwp=Za80uwAAAAA7pnV2O9a3cB7Oos5tkGOHjZSYew;rtbdata=JmhGGE0Ooy5Tbg1lboNz3LthwCTVQ9-2ou39pUlP6FPjJolEA22bjRkwoOAsi8rWzdigAwChWcnjKe-guS5X7JB_CSiecMu3VF31rLo_PT_rUBCvIMmTM_I9jq6yvuQ0yFg1YNsgsVG76FslKcgL6xMwbL2NIc_uZzFAo0AlJT3rMeRwyzzhnzZLcBQglqsM1z0UFkcNjzGyXC15ITRgAeslGEgS6KLK8YxBSGWzhUIOdTWiwKb_g9rGlAmoAVco2IfsOfphMFTGtluoRAQdE6JjdfnOlL1K0;js=1;adfxid=2x;9397;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ffolkd.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0fec3d2ea95826f5eea652013d20b1ce91c54990f011fdd4355e3d84ebce03db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2324
expires
-1
r62eglto.js
ad4m.at/ Frame AC9E
24 KB
10 KB
Other
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Jan 2024 06:20:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
595059
etag
W/"ea6b8b5621410c697cbfca30307bc4ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVn6IX4I0NIV%2BF1NMTzGw0trFyDOLn%2FuYbOZeJiqF2m0kHob%2BZvxwArn3oNcOBoz5YFvXsYIhp%2FWJd7ws%2FgNtrFj42%2BI7QZiMSfYICOabUNFspKKfw%2B7hPwdbVL8QzOaGkv3L84%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
849d01382a616ae1-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Jan 2024 06:20:57 GMT
cookie-frame.html
ad4m.at/ Frame D512
2 KB
1 KB
Document
General
Full URL
https://ad4m.at/cookie-frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
2117721
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status
HIT
cf-ray
849d01382a656ae1-FRA
content-encoding
br
content-language
en
content-type
text/html
date
Tue, 23 Jan 2024 03:38:36 GMT
expires
Wed, 29 Nov 2023 11:19:10 GMT
last-modified
Tue, 28 Nov 2023 11:49:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PH4exxdkIgyC5Mx0SyBv%2BYiFTVMkqLgk15TX54IxOnxWYnnyDMR8zXlcdiA46koD5a8mggtYc2MYv2IXOFjzPpSnE%2F4zsJQ%2FdVJTJxFLczTTXuI%2F9g05iT2pm9jwSfyB%2F%2BmJk1c%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gen_204
pagead2.googlesyndication.com/pagead/ Frame C20C
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1672410928112&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C20C
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1672410928112&version=m202309260101&ct=77&x=13&cor=13360751143494547000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C20C
36 KB
20 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFlZQDoMIIawABusXTDDFE7KJNJT385SSErXotRNcc8R4WDbQu63c9gTef8u4U5cggSCU9ih4NH-O_HC7hztNhpb_G8EU62ImPxocX3fFqk-PCc1R6gUNsNMUDFP0fPqELVOKlCx0MLkPidGgPWwFg-wcNH1lZFCgLchvvp8ghwa3XLW8&cry=1&dbm_d=AKAmf-ArJcDew6kK-xlT_QANCUV4dPtgoHZKV4sCZ9cFMjviXaeqCkHkeUePYDir_dERi_KA3Vw9P-FWZ5nTTjL-tbx5hWh7CzlTSLT2aJAg8_Bf-6KpLIJVcXKShpGg67WUUlOg9DoSvkuxdz6RBxoalJuX-1xekt4s7CqTD7BTkJXRVysMNCPPwj1asnaYRJ6UwG8A_q3oYqI_jdNbnV7SMl2AujS1PsCnKVxXqMoFRuLQWg_jsCjzosfDXuS-JglqBe2ZM6R-YfOxwf5vJwMXu0GxNyznnhALczWk1igk-UwfFQ7dJNsqy7HivmWCCiFZ_1wqWYR6aCnoncCKT-4S4mz9Dxxn3HNEwNlZkLgv8NMNrZ3m0gjAdess9rO84SQ1Wrt0S3AwAs5AL0xqR-ydbW5VsWM8WGeC9ShsBN_-0NKMC4Z015ez7fX6xxh8UK_KpqsColuLiHeYmSHb_tmo3KoecDSzDg4EJpU_eM1e6nTJnCqj4nrufDItFgMJucU7qVecGErQNPx3A7CzI9kZLZqHcoDxwFnw11E5Xdt22bguL0RcO656LcpCuUBceZqZEZOMWhEjQ1UlITpftdw-mBQ0rW_6Y9yJImls4LGuoLO1-5Xy-LvxFLfFHuE1pVZV_flSQAzpXGKXX6jEcs5aM_e9Dqnu1y2T-grBMbuf-QYLmpXU-Qbnz_OoWWuIa65433rWRuBLIvj4F-Gteu-6P38UT1nLbNnIFMoW9-0EmE-WBo9tBme__FOsrCm7j4mg0E8X4vdhtfpIOJzNQoH5lEOBMP6UQkz07HeVvb-nU3f8ZG5mpvh61VLv2mzpO1lNEN_s_BvLwBF0AJWtoHURHUSp5krw-3q-8qBcz4OY8omor0Ueizy9-v4E93scWxCnJiTlu89B5P5OMGjdiC--m_8V5MUA78KxriJ_kdozNa922unDeSF9YqKyFCUp4698J2CxOJk0ivS5i29XpSbxEHad0QfOrSnWPoxEvSjLm4-K1UCuTzbIJHVVRenP8gsyFTKCdgXs4V596SLT_AdvebDgb4pDWNo-G4KLi7txwXOOLg_DEPft0hCjKXOsscYVD7hqIXkEZ8R6HUEfEnTg5s2cl314upHUqbYkKqWRx6BrrKEN1JWhJFxesF5QlPKWmG6T6CQWZWlY_7UFUfUSDf7KtAqPhNTO12cRarvBvhyqnOvOGV3CmcSAzSuCY3efSujOCkfM-3uo357tWjATDcSKERT01AJF4iYAv0r_KTZzzhXOJuOjN1EFMDBYymRdqMpckU7vtIKwicJIfR-Z99MAFkx58oBApUqZQeFirfYi-CeI_lxbJLes9L-7pTHyzWsBL8gbGRspSFfwzUhFuLccnje-0_Z5IPsKAAEtPIT9yJURZtadOtAKYt3h7LlUgPriq96pbdQapF09JsXc1xWkp7BE14Rv1H3vQlj-ecnPMSlJsGnPreuL2mEwh9lzHeIZ_3z7pYj-JmT3U9kbORTobC1LycPKf9H4nU1F0hOSEArOtgmil6vH8KF6dDoyvYf9WmkhRf-IkDlRf9n77P5aGc4Ai1lY0_oqA1gxKejDqEfO_1GHAnkCIGdFwnRq6QNI9Ye4QCbtjen8XX7W7Z6gBOBJpwL6kkrErcbFBcmcYQvxvg5guLdk2QocLugAaJMKYQ9iP3OT9gTQp5m2YH1itRkyu1_hx-ApKLd-NsAIqtzPoK7TAoIMsPKWULFKd9gxPTsDCDPdn014FOtkKRbQYG5fKoDnJONUg2jI-m1H8tcpvDw-gcHZ6se9RsgdnfedqiJG6LkFLVsH8OPnWwGl8HsXlvcZc1XiqWjrR93q6Y7lGP8HkOO86GPrPh8TDSPSS6iPqzNpfvpeH7i3ZDWdJFNt5aBM398U_3Pi_PwwB2JVYQrtxU2T9CoEDUtvB5mZwVaFsZTtRBOg81ATR3F7O78bzqRl_fnOAIarUL0QezQjOuz4GH7B4vN9uZaBijHb2JMiyyifeKUmfXQWMtBktQU7EtbE3CTWXIrthzd2HTFWK4Ciupcxw4P3NTSY4hL5U93ssqNwsJWkNYeIvp8m4HNOCfzuY5nvj9R_mLnhUVdOnkyno-q5X02Y_lPaQMLm44rdMMxmsq6ES6tyN9mI5_Y87Mln6mU9nov55izxCRwTI2OJNiWV33aK5ErBu0xt9ojxCUGE-obL1F8KEPDvdrrv8RILHAJAz2F-JzpPq85kdsEMbHASQ7fYb4LiSM8NwGAsBOmyEs7ztOTfiK1e_DorBi4HKB70Nz669e0OtZfrKZkicnanJK4T3SRjNz5Plu_Y5igRBo81HT2QYRC6_8HP-cP-h_8cRTceSlwm7Ap738QGKCyz9xdIUBxWXTOUKkfl5mINyKbPQEChvOPXZCmeOajBDHW5-F7goE02eDIXF9WkfvfhME5dcc9va6VLa1lRqR36L3ckVPUqLJPtWkyOL1b1XrpTtS_m9029BTuy5ey8Nuq7bIXD3-YQ-HssE1-vt0BT-5rd7_PKfgTpRs9c97K_fa1hUXVPzE7YifTpHhCTc_oyaOqc0srXvJGGh83ybwqfA1-6cHjma5qcopOUjE_cYquu0b67yXZjN_UBefkQ_egNX07MB2vMkxVkrSoVxVME0jMGfLmfynTaI64jQqGQQKdOb987LpaXkXT5IneplTAe1yoPqIG922KmZr1G_w87Swg95pDXTyO0izbTbKCGfGDy7Aok48SegEY79HyALbhSwqtZt52Lv3ctRl0EGauKwb6KW1iiwMECi4VHKVWE6ZWJCuWQ2_p_lCbOm5o19hjuckFwhVg7HUj2X3Quhg0DlU-SVONa7MHedJYgGL7pJTCQHJQYPrhnoN76pQt1a4XIzOyOO4PYmuOU4TKbDkykrwqrI5iH662s0NoRxw3vh_EaJ8564i-ikhaQMBd2EsZwH7gxhZiBeCg4psBdsfciR3-GXa_faasSdA7DPkEhHgCMhiQ85iaBozajap1-EIkEKhlKBMNmu5wN5MYloVX8kAOs3ZX3Q9bB9nh178Mjstf9klJjGojEPdK5xcE8E9Xv-9CvsN6JBIVIHaSVxf8qUKAj1ncomuigrG9n9ViCWVKLuJUPYdUBGizewPNckS35R92JPFjCTJzdM0VgLUMqkq86dx_MaF4P-RtsMEOIjNNpnmEnEkrPe4Ip2dfdXPeeY6twSk5ChZZlT83yf7eTA9tXC7zbfMV9NDQsjct99lY6_YoLI8BgCr-q2P2ZWD8N5vHpXyCn6I7kRN6qIhNC-iFwJI40H37jBXpg9gR2UfYUmKiETw9gOU4dx3f1vIxDYfoB8YRNTMDK6gruuMD_Hzs2CyR8vJvU_LjxExpw_018lJwAs31bfzOjC9vtJCQeh6n-e54z4UEd8eZ6AGmER59XASBxLrVgSjSZ8ndvQw9IvTyLoU-JxaLgn3fD_o-z87O9uTqnWQ0N29LzcNPQEagDGd6-9EuZ-oqLu5cTzkXjy61Nb74n03hcVToDyp5qhN9t79Icv6k5K5KAmxTijRmjjeHvF7qM_iTEcqayWT5eA577DB-fUUmPgLTyJMlNcPGQClW4RNYQgg-8F-D7aHXiZg5khp8jY1WGC4_0gm6GED79naUDM4RyP0mF5ck95KYFRnRZBVLrW5b6&pr=13%3AZa80ugAAAACg5Iv_XVtHAyBdp3EQlSDOYBmDtw&cid=CAQSMgAvHhf_mr2gDCcx2rxvT3HZ0UDOYuqbe6FpBUZ6ysTpQA_OfOw2134FEhnKLdQAnZr9GAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=13360751143494547000&adk=196163434&idt=125&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19bfd1c6283762f6aabb023c7dfacc2132b247d6adc0dccf00c5e05bcab8b719
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20597
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.lkqd.net/ Frame 3F76
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEHPoxzC9kyhEgi6IpdX2H1U&google_cver=1
43 B
535 B
Image
General
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEHPoxzC9kyhEgi6IpdX2H1U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNWCZ8J9ly2PdD6LwUTvf7_B6yHdy7u9IpYWfAdRu71HIA6gswxRG7bQd6nvdYsOzjypCnyVQBNfVSyLnzcAwQKE4O7O8A
Protocol
H2
Server
69.20.43.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEHPoxzC9kyhEgi6IpdX2H1U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3F76
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=V3JCLS1YalBMYTg
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=V3JCLS1YalBMYTg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNWCZ8J9ly2PdD6LwUTvf7_B6yHdy7u9IpYWfAdRu71HIA6gswxRG7bQd6nvdYsOzjypCnyVQBNfVSyLnzcAwQKE4O7O8A
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 23 Jan 2024 03:38:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=V3JCLS1YalBMYTg
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 3F76
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIHFEWS3q0MQPplEPCDI1sk&google_cver=1
43 B
737 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIHFEWS3q0MQPplEPCDI1sk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNWCZ8J9ly2PdD6LwUTvf7_B6yHdy7u9IpYWfAdRu71HIA6gswxRG7bQd6nvdYsOzjypCnyVQBNfVSyLnzcAwQKE4O7O8A
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ws2i0g4SypYVBh9219hZn1Km%2F6BJJrfbNTOUwF9MFBfA7W84o1zDDPLkjYQ52%2FZADvzUNbMsLz02O1Y4v2V7hKCgjw0PWQodrMhHx%2BxgpbbCDRI1vau%2FaVrmUzGvzIEVx51jq6%2Fr%2FW117Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d01391e284d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIHFEWS3q0MQPplEPCDI1sk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3F76
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Za80ux4LORIGoWQwyWak5QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIHFEWS3q0MQPplEPCDI1sk&google_cver=1
43 B
734 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIHFEWS3q0MQPplEPCDI1sk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCs1xMY1qbgaTAB&v=APEucNWCZ8J9ly2PdD6LwUTvf7_B6yHdy7u9IpYWfAdRu71HIA6gswxRG7bQd6nvdYsOzjypCnyVQBNfVSyLnzcAwQKE4O7O8A
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQcJZqbOpDTsgolz36wp%2FhDrlr6SXsBUABHvr4XUdAZm42T%2F2MxcE1GBY0GfF9%2B6tQ7ArLUOEdOGHz5wPaLCx6R4SUm%2B0eRJHZgK6lz9gSz0AhhnbOBK89FepvvgH2TR5dptvYDOmJ8s8g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d01394e414d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIHFEWS3q0MQPplEPCDI1sk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6BD4
6 KB
3 KB
Document
General
Full URL
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202401101304/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:33 GMT
expires
Wed, 22 Jan 2025 03:38:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
362358.gif
idsync.rlcdn.com/ Frame 70B8
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3133839410895057754
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=c7bb4041-e7e5-4ef9-a286-c7845e42f86c
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=9a07b014-ad2e-49a3-addd-dea1cb9e67f9%3A1705981116.816523&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D9a07b014-ad2e-49a3-addd-dea1cb9e...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433832264167376&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D9a07b014-ad2e-49a3-ad...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=9a07b014-ad2e-49a3-addd-dea1cb9e67f9%3A1705981116.816523&_=1705981116.818333
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEItnTGkuHtN0xuIXx0cOFbQ&google_cver=1
42 B
293 B
Image
General
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEItnTGkuHtN0xuIXx0cOFbQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEItnTGkuHtN0xuIXx0cOFbQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 70B8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2380373011570053850
43 B
736 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2380373011570053850
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BGjQjfNjfI849nPTQe2nXd0o%2B5U1cDPEnPXqMmuU3g4l7sa7SdHOZ2Qa4slnp6VdxUOPg7VXIofRM2qM6BJ6%2B1ox3FZH4At5U8f78xeu%2FVLxfXROCa9O57jWTE58EfVqh%2FXe0fzDXqIKFA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d0138ade74d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
an-x-request-uuid
4894d86e-48bd-4acc-be7f-ef213f72e22c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2380373011570053850
x-proxy-origin
149.88.27.82; 149.88.27.82; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Za80ux4LORIGoWQwyWak5QAACFIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 70B8
43 B
601 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:a6fa:b563:be0e:7526 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Za80ux4LORIGoWQwyWak5QAACFIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 70B8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB
43 B
601 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Server
2a05:d018:d29:3605:a6fa:b563:be0e:7526 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB
date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 70B8
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=Za80ux4LORIGoWQwyWak5QAA%262130
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=Za80ux4LORIGoWQwyWak5QAA%262130
43 B
735 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=Za80ux4LORIGoWQwyWak5QAA%262130
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HuH13zB%2Fqongfp3xcQmILERys2IRDRRTyeVGvKAgB%2FJs7GapkLiK8UgQSIPhz2AWQUJYe%2Fs7yt1%2FCGABhxpgid9CrViCaviilzFHhzz4b5aKdOpYYU3QtV16%2FUpzubFcENtyBgr58yLJQw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d01391e2a4d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=133&external_user_id=ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&pi=index&gpdr=&gdpr_consent=&us_privacy=&user_id=Za80ux4LORIGoWQwyWak5QAA%262130
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT, Tue, 23 Jan 2024 03:38:36 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
bridge
cm.adgrx.com/ Frame 70B8
43 B
282 B
Image
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.181 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-8
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame 70B8
Redirect Chain
  • https://match.adsby.bidtheatre.com/indexmatch?gpdr=&gdpr_consent=&us_privacy=&user_id=Za80ux4LORIGoWQwyWak5QAA%262130
  • https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=cc2aa801-4ca5-4833-8ef2-1f58b6885a72
43 B
734 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=cc2aa801-4ca5-4833-8ef2-1f58b6885a72
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WsO0sCQ4sPx8UdDLiSVIgXinA%2FLgT99xX0p51r0%2FA7G%2F4%2FWUBeKfbvos5ye5ciCICMya65LWwI7E2q9s5clP8%2BT3bp1LmHuxhdn9tVurwr5L09DWlBTX2CFpSXt7opvQpoEukAGQKw3QAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d01397e564d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?gdpr=&gdpr_consent=&cm_dsp_id=226&external_user_id=cc2aa801-4ca5-4833-8ef2-1f58b6885a72
Date
Tue, 23 Jan 2024 03:38:36 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
user-registering
ads.stickyadstv.com/ Frame 70B8
43 B
652 B
Image
General
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:36 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1705981116384005-525
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 70B8
43 B
103 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Za80ux4LORIGoWQwyWak5QAA%262130
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
21
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
849d0138f85318ef-FRA
content-length
43
expires
Tue, 23 Jan 2024 07:38:36 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 0066
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
542668
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 20:54:08 GMT
expires
Wed, 15 Jan 2025 20:54:08 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
6480988eb614435d92f82800
c.bannerflow.net/a/ Frame E0BD
73 KB
24 KB
Script
General
Full URL
https://c.bannerflow.net/a/6480988eb614435d92f82800?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2f428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com%2f
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db96b6a99086c9be15073bd9c0d579f9621c39684c0918a51b028e13381c6239

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 23 Jan 2024 03:38:36 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
849d0138ea5c9b95-FRA
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 4A06
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 01:04:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
527641
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Jan 2025 01:04:35 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 4A06
26 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5694
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIENMzs%2FBL2U217a7CWrnJH5bTipDPsKnk%2BGmfKiyRAsqiRfbBEE%2Bg0P8GFWbk7%2BqO4lTW%2Fxnlw08CjCZCGRvHJaPMFl%2BzYLOg0V43rJ62Dx%2BCTZ%2Fcnl9e0p2QjCFtFLnNQdicOPMPt4CXjP%2BUw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
849d0138cfa9927a-FRA
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4A06
206 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 03:38:36 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8423
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvf4U10IkK921Zpop3uKyn5g_8roc7CBN5XoQ7VhjIEHzimQIjtCJhvF8qoUdiyBZAUV8LiUBfbe5aF9LfliCygahLyFjNfcQHoY1Am1370plrIfzGCkKmAQmyTQUoCQUy2y1KJXg5XukA4HVhICjzZ7iSnSrctFz2RuGcQE2xrk1jO6O_4xCl9bSdSJYOYTRJMMhyiGVxnpYAqPGxNs29s8QQ6s8DPqxBoSqnjcCvla0pqYNUsWxoqS8WNukMRx4qzRow5jknV83aVmlGU4iY8ASPFKI_KbrtvLxpxxc3ClZr4Hlioa1HL-X0Q4Qh5B-JICm26QeE23u7RJdcjMDMLinR1iWOHnhxMFfPLQcPvvvz3WcNXH3s&sai=AMfl-YRt69xqEpAzwOdT1A-KHwqov3rsJvZ5RHo93Lz1-TILqGLeh9WGPhtl5z1WOy1sXh9UC3pcSyjiO9YqdU3LDOzsEgf113cHXF24VPZfHlpjvAEjZCsOVyw1XOF92P4&sig=Cg0ArKJSzIFtzBgvuA-2EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame DC66
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7811168493908&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DC66
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7811168493908&version=m202309260101&ct=77&x=13&cor=14407094710569122000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame DC66
36 KB
20 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXKR48btxKl8ZxFQNRt8f9YB1d778DQyE4gOxctAbNX8BUdMvTsWUy21q-a6noa5_OAOARrGUVb-FDyEHRBLf-Sp8A8UKuvdhdVozzlx-vfJ7k8MgeIf4QZY2QgfrD7BmCFM8GIDALWcvG5-gMamNsY1HQfrzz7-OD52-SajibxkezBbs&cry=1&dbm_d=AKAmf-B8H0PPX-gVi3D7HgSxEQADPhbo_EM_GeWGpvvTvmPynUPP95PEF6qxZMtRhgljbD91bbYIMN_VsxhANENeL1c0sphQRkdyMSyWvktOf7-er1u7Xfw83uZ2K_3IWnu84xTTW2eUvVbDze3AjKKUaumb_IfeN-PpkdmhLHN1YF-cxo2-ilviYDanWhXGkI1dpUTUNOhs0PJPz6ynVfNcFndwOnvfnAnzRbq0SBsGHj2zG_RyS5pCsBJ9DEmmPPiiokQfF9Zgjt9OqopyuxbDVOVe2ZhMgU86-t46oMm4Y8rT1KkDgqqdmqW_7ygqbJI8vhyF37OqxW4UMGhHLmILJx0I_yDKzYzD-9kEOxNU_9EwdDgBtVknDKUUwflxgorbpGtfgJ8hCNpvU6-G_lj-qkK1Q8w4vQv5dRDvyBANpgTApnENrtQGgNIVRBuzYGXVbzAk328PxvhdzS1GA8BJINyDuommScO3sbe1Bj6pFjHG20h-UijcgKLIhs4QCM0KhV4xF1frz35zVA6JKTc7zai0yq1BLQ_YDq6FSs4bFXhPvUuhIwMp1ZTWiOhDy1fMresMsYtUnqqRu97rZu1b3oeCtP_k7l2qNzYtfhikzoYL1sEcemzlVPR3zUS0uVoZwtJ1Y_yG8PblG72nTmgnbahh11db6Ga6kbcbf1PyIMN9UJ-GhhzMLUus1ODl-9OcSwTW-encNZ-2ibfO--6TxZXNybv_BNPXLUoYnl3uXMEXoQClNCUP8saoHdKeDoP2qd3IIjwbM04F0FRZxrVwlWs-jkFR-o1sbSn3Auk13z87RNkWXvt8clFZ-dUGWEstNxXnNYTkwVlnNhtr5EsYvRpNUMdbyDH8neT2_RuqvhzCpTH57gl4NCpojrGXIxPPXpPKO5ahvggo3XQtFh9h4kBEOVqACYiuG5IJ3EUUKLs8bgNcy1oCR-itbMs0DYASsDtbCDR5nOepY34bz_h1PSS6HrXDGNj3DM1lnyQfAWMZUcd_W-7pQBcGItycJcLExlA-iklfpiLNuIUa8Ql603MWz5s717SEZbBca1Mbi01-Trp-6NZVnscfGnwcOyunW-6d0Xffa5GceJxgcLP9s04zLztCQa07wgzrqFz9JukaGKFbd71ba-XJ7HFhVJUtJdwhcAHwiPernIMmbY3-I7rCDrdxyOdJ804PR5oFIFAaUXNB12lqPmbLNvwjrsK0FVQZUcC5ZGd2CjUpoc_7jvtHtHaMJFfU8if7BUa7TKLfPCC0pGk_gBgxSFlyuB3O5773vjOkHFmZ4isYMw1EfUFuLVaBAdh0VPSGVm4_9cyVhOQ5RSAU7eUe88ND97WX2aVmftGKQlBIMlEydNhJ1anwvcj4EY-sVH1nax4woid-a9YjuvwWZ-lBtst6E_L3LIhgBoPQFpXJmze5bIicWbz1Q-RcOZjZw6rtcgKBCZ0SCUfWE3KubnMolTabC-MXHNViic6ItTQ6h5FiwtGelzhMQBlj3fC8nNQpaAeXtmTTe8YQx9-NQ8Rz5RaiiOxR8PLq5ggqBHrEaB2b9pnJWID3mBn_7FuJrdqpzjRhHP6q1iepwVm8IdOPZRO7eCdd7NiGa0vhh_00FgCpse_9Z6eznWhSk1LDgKW0bAPwafAm6ragKWh29ewikYMLrO-BWCpzbaJvUjV9d5GnszETcTRhKXHbdX2p-VEFEijrOjDKj27gbav-7HkWO09_6H6rrP3R7f_znythGs0PSw70tHf1LFrDgsixFbR28mZg8e6Xjwu0Jngt3i8Q96k1sbc68acogjEnwuqnqjFngk3OM6G1-F8wnOfPVhb4vPhjnkLiz9SUgherbXZzwY7vgkrBX85dW9Ey86qvIO-Qiz86DSFnlUGOtkUZbsZ5nJxcyqRej4txJzhA8r8VkJKlTZ2HJ5BDDwTfOQoqPUnX4WqplnofObllCXh_WpB3hlyZq2ucI1xmgN80snm-czLbyEKxbD0gTp5vpta9UcwP_cfwrUjFcuMxusFWPXv4dFBLUJXsICGmJxPoMrgMN_dNDtg2oNn2g9shMyUlf-Xba0TwtOpeQ15OPSqoIa4U0JdrPf9ADSrTrtL8lgIJzEuZiTRoQsMzaJ-Qz_ZvnRGxbF-qOMoapOz0U-6XoVttzVizCMObKrc0DZcdZLq55d2sj02fEmToDDVO6bnN4Auok1kzNTr62UkbNeOvhjvWrKkyH5h0I5ZH73rfO5AD7-k_iudLj1JN3OBXCzsZKc58tU9h1AmEC9K-zXffqvXdXtDzNcMnW288jatNP3Ra30Kch17yHeL34_5xrxkpVfTnJeq65pSRtHC9epSLNW-Hc4vak9o0XlW2JctZgnVch6lFMz5oSShTb51v62WH_HLchrubqqo5EDZYzqiUUopb7X8lSuy1DZrybP7f0gKpUoMbzWs-aW-TrDiYR1o6B0WdLx3ce_vbD_Dr7S_MrFpyCiwgWKUR_aTirfd5-l2hLu0aADfSChYwbuneb98XKtRgWr13MQ_6ZO86a4IqYTDVcwlw7bqH68zw05_Mqqt5hhR56x_PU-BuOTu6ra8asoZoLuVhcqrZJBKqoej7142IN63iM5AdjkTgxYbxMAhdYlPXHGMaViXcLCZbs3jvZfuTyh1w0yud0lfvRvNdG2PjyqzjB0zu3m7rhZhybCU8gsBLpgoPcvpIkJjZW2iGBzokv18TZVc0Q7U2cVYVb2XHPOfx7efu2xergXUZqvv1TKEMXztmYCxxRnrWgtYqvAo9Tc-dzI8ZxhiKxXti9aK7kq2dJ147A_nXZWCsgcOFxnOGRi6Sh_JPGbBT0c8ezksp88ZodcPYhG6ab1PHpzZ0jUnKd_VJKB2vdHaDOXOHH-DrJuT_AJ74XRkQlqzFPrsQW4wtuOc_E2rjvYD-xAOArC5qO0jdOTpsMst_ERRbI2z_6GiuSdlby01A6IGEZTCIwWZhFHMqFjSy5L66ULgqMQbvVUFOb27jnw3fC77WVp8YsFfB6Cyp2pxlqndjdKTIKfP42C8MOjSQN9uxfs8fLU5MmTsSgZ7zHjVkpEXfGCz_O3lqTZINUV3bc_5ymJ4eQ6X8tp8MwxiSxL0OCbRN9Fun76yk_MHvcyl69y1DpfaeQcnaOVGMwSQItev0VOoVn8EkG3Y2ph6UCu8FI5Gc0039hnbaazg6B1iUWR835WtMqkMikDzadUf0V-RjVrojCELS65Livvf83TzZv9m5NhWnzm8RO-6PqeQ_mgxT6AwY5sl7oY3eAhBxgQNWFjWGPJ2NJPSmntcEUv9o6CPBRgzfwOaUNia-X_Sn0el86FPGv3Fg8Nq6p9Bvu9e5sei_uPrJ_zP_BcHT_z8pw4YEA6PaATvLxdw-PWbiK5ZP8rtUErgI4SUmIR4oeF1_4ItS4byF6eWFTWFBpM0Bjv_bMMLLXgbqFNKnnsCX6omQA4vft6v9jeKrBErglNmnfJKxJx30J8hkO6bhwLi01F6rY6ZqN8ySCIQ0N6VCyQTta1Dltq5hVDRZusLm3dYDYWmNyAC_b2lHOJy-PPoy3ycRIRkvG7mZPWRMIs9ZcwgLVNejUUbsNGZt3V8kPsDDXygebGAHMSEY09paIQre_ne4tIDcmFgf6Djmhf1ZB8vxN70UFVadSZ5iIs4nIjiP_1UH0SwgwFBl6gRkQg&pr=13%3AZa80uwAAAAC8GKUJK2CgXKc4OZIQXrvgiaz14g&cid=CAQSMgAvHhf_xIDoJIpJbZCUnw4nhwP-ojpHw6AdZaBjU1DCrGWnoK8tBaX_l-bu0iXaZafLGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=14407094710569122000&adk=2707728948&idt=177&cac=0&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad64ce4213a2e267543b033ed1ec4cfa3670c883e7ae58e2f65e6bd538b5589a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20525
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C74
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7064555535844&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C74
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7064555535844&version=m202309260101&ct=77&x=13&cor=16293252838205310000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1C74
36 KB
20 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxlauYDwOEEem4bMMToQb_McyrA06gYn4IokGfvEkRESPADvMWlkHOXdqPd5i5vBOd7yK-zkwB3juK6XeA0IzVQV57x3xRvHBSacZGdD8OoIbVbRAh0N1rmtWugcbFUnPhohwMFW-ZyhwLHg95K9JD6wsBnwWZVck5hG83XZfFScxMZXI&cry=1&dbm_d=AKAmf-CUDsiz1xwDaQ0karHbMoQ_CRjgdG2X2JQ-HJRs-alQGz6TC3o45Wsts0AWvVjoY0f7nLPu7x15HyS7eJI6dRc4aMIXvbRJGAcmDKCp2a43U5qVSDnDoQullFeht5CPSaFO8F9dF_koeF6fTsZTG4hS6nBa8k4aPz6t5DEBx6qxPKvCKZecoqtipPhFrVD3jJPzIuuTPp8GXgo4bHTaTqGHEQTkSJKZ6UAlZ1L8kF2GFu0vb4cFl4Z8kbdSd0VtBYzwlkmsxnEF7g5dqDoQ2tvIXlybTnU8cb-HztyEB4lg_RuQlluxac6KYxvNXVEI-JISw-Mz07Nj6vt34ckuFvP95JD-vXgS1A64yoU_8rLUQQIyjcT4XueYo2iMD5r-KS7YgNhBDPnArQqZZZ1ZWURkzWjEni4JhojCte_gCmpsmEs9nTUQoNEtfUYzK6ZeyFCJbr8TVAxoYFV-08BSRt2rHsZtd9XfDWextApi2OxnX809xXLsBlWc9UpSTiUdd5fLw7u_SVtKXLInbtBS-LoMjSFOlGdVNutQw4ZIYVUq2Gp_fsyTdQzNnD3N5yaD5pew7kiaEcWewJ2f9LtH-X-VQa_amwlXrYuH7buOnLleRCd5k9KM6W4QSTxM8KInVsrhTZtbxUwGCgElIrwMJdtthNy3IlBuy1Bmqs_ZHidfvWlgiWFCBiLtfj-1I2TcUjZ3_obXJEl-7XR0sDLM9U97LAA1wdNOxWPtxsq9-dHwNJdC4JdgxhosgoEvBkU8M79ewqFpoQjziHqh7ef51fkz1O1TzyYyAcoWgbq3SGtFnWCQak-NRdlzQndCshE8htZDD3Pp3i8J0YvkJ6uM04jirUdqlpIIwLLk6TPNQnzY4O6pEkSkw6XAaDkATIT-TO3va8csCISbh7V7wcrJ1vMSbm2FXLE6l-mfd0DDVEtTnA_3p6ujLAgE5koCBoKftQyXujOK7wBAy6atmBM_c--Om40QH6XfzGToC2BVesVcLjnc6wtF2_SyM-9hDCdiUq4qCdXUKdhKaCd6LhZmanAmwdQEyC1v-FW7aMK7uTXf4Bq0MfFruKmjAfsSsT8FYp8FMg_b8ssUVwB8rHRaggAqF2ECHnQ23RSUPxn5NI5Hm7P_c-3OiMvO2k3w1KpgPVtgNwmYne3cvP54RouU0t4_C8wg0EFmnKpfY-sKyPs8LUOOjlSYbEaE1s0GoVFXKErot8xIWQADou-gfjNlVo7FiEwow5grX8hS080LDCg5tfLxyhOHcJGy8J_xjIgQE9O_TJXIhze_XZvla5TbZnzy7v_JjDGFIfVwXdMh6gOwih5f6nANqRqNmcD4PKtTXxjv_DwKo-qGUnHhN_yGV8CLjQSBL44ZO0kGwi5bDeY5boalpwwydOB-YhzrpfZdu0yCQsjbW5SR2LEKo9990ptNBAcljUJ8uTGFOjZdlJ1lvRpfgiggi4KmchIXMAXL5L1VowYGW_sHMmEfC6dgFzwedGJoQSolrNMZn9AeotrigLvzb61rWL-EDvhefiDNJY8F6UMxtzULW5AI_cfj7iQPqDazT75nNL93JDgXVepWdYXeijv8HGYXwC11zvQpoYtmcSSaDJuA2CWeAY0I2zzZ4YYfibEKVnOItHFzOY4D42tiYCxdh2dkZJSPxy3z3XcUqAAKf2-hEU6bZ-0Ir-QK5so_2SH35qlMQMMZxzYNmNmH8gF5gCjONiRTdc60hq_e02xHdzwj-sXd6jmHLAyjEVXiCYSIWef5PnRZgn3Giv5niaeBcADHxMbPh1YN6MMpXee77Pf06kzOW6eGhYRF2K7lnVQy48C7pn37aTcXgDJJMAiJNCxik5sgq4BikDLA59I5IPovCLErCL2KhXfe8ENrqAiw-vj9dqz4N5DA3SiKI0p_VBcoPj2FiVERSnbpPhuJb88ox8TwNMq2Av-HBZQ2qil0kM8iLgRwlUGlKeimppD4QWdVKnmxfnMvx7SNDmdXXh6ds1fHAOJCqxKJCx_emKkujYgIHkmM3idHUm-Ls2LUGm0lMGLJLPmKDUC2ABBV7-7XcNr5ZK3N6gQh-lqsJ3iwuaz-l_JvR5DShUoCqjFGe4Ltg6eSrwU0feSzuh8YQuxdx9fc018NBu5I4F5nhpz1AlB1vhu3enYP9Kv9MrBlWRlx_JXpFYLlbwp8AhZtmF3e9PiaYj6TdFn7llq5P4rW31wGXQuYUhMnDuheR_rxsA31Db_L37CtRDrgKuEwYlZijUOQWLJKdgYePQFFsbr41aiAk-A3u_aZtwJKs4lUy_2brvdoqLWExnDK699C1957mz-zegtNGh-2PMGerJwfUcXoDU-082-3GE5wj3l6s9BgqesTQt5stKo90mH0jTD2oIDfmLPmpfeoyV5kvGGFCkKkGviEMB0nDoGrVhmkNJmSOoLysrUyWJI4JEA0Bi2uv5w0WKPz2FN3QmisaC5W-XEbe7M0waZOAIEFZ-mWlj7iWTDI4gLMF52JhJCwbDnS7-JdZLq9IeytXe2FP1SOJluHdaqp8x2TSmwrluT4NBDMfMC_WvCp1YG4zLi0lep7dW88UHvFNAYToaktlHHjfV4wKY4E6sDlws_ocfqy6_PTikPXTGGZl-Bs9MtEisDhevB_owwX-bYb4iDIGFT0xkvgyAAdI7E2D55_6L6WCEJXoRV3omOfPSa6SPepKAKnGNTnXMUlEmPnMG1wFU7gk51eYBR9FMbTymWx5K0EiJRoz-z68Evu7TnX6U8zICanGY51hXH3Gj2qlpKfZ-4KgXOxI4iZ-JicjeZBlB3JjD-vCTt-Ssv1lb0M2rLnNl3i1uhTOEzNfAFyiRQABQ1MiA9NYKYB-qW6jiRqUMbqeY70YBC6CVZpVElIk3t93BrJ-5qfj7RpggEAYSpXhkmt1q8ywD51UVLOjPvR14gz1_RC1o6hdL5EVM2EyEu0-0wfYnwLVRidp51u3WboXFY1CpYxM3QFIA7Qo2SAiEisnmwe-XDNhXv1wLTW1RG6YGBZ5eVBNNPT96oTooIDc3oSBJxPtmYhNrahPuBwUejdG8h1qdtHN_n5B_HBSUZ_6XnHAcZUFvo2dOSh6vK3qHd3Tq0lVBphEd2v45iqbRRTZNqoyJuV-zc6AqOvtcErIRITBXEL92hwCbKTYBGszlBocvEg1ghS0SlzTSmwcaSicccarLDM303vOoseOTwvBXRipu2s3JAiNeRttFS_ZiWQbpgEIUSQ-hfbW3ngRdjvdF4bks4n2hZ8vQpSjq8IgTbzIf0OjAxz5D2xmJSH71nmYSFkZDUtJd2Wf2PIZzgLkbRLQ7rzQ8bEmLTQyx2DMQRLB2KUGPnI8zrk-t0PAiWMzkfZTQjMxbJHIYju_K5AgXbjjq-wSYyj9aokoV9rcaoLb0o-pesOVrhZAdhHcH0mUUwfuZl7ZfbRY6-ZiGk_ElYJOd12zBRF7ZRwWACSGlzj9et4LYFv-BTKiUzhxqmeVHjD1Dnb-fi6vKPSwFQ00Qy4CxFldkSjKqqMJqDMlx5HmY9J3O0WEoYZ_weijL0KXuQineeJgYc-uw4baaLsyZomrXBoHIASwSU66RyUWVdpPCVHYIh0N4HPeFEUNjhVxn2JhqlgiPy7fU7ULSI&pr=13%3AZa80uwAAAAAowmk94gvyWjyyL6VYGIp5SOQJPA&cid=CAQSMgAvHhf_TGGW2Or_djVvr6u4ETjZNWPAtbvJLXZF3VQJEI5uSI-_ygRbpa-qHOeodXfGGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=16293252838205310000&adk=1346165036&idt=115&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86dd90987bc7c8f495426b395d83455e04d7ab1176b6dac16a88fb6f89367a50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20518
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 4FB8
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e9eae96a4a18d34b91d11b7fb4612d905ca45a110a55056ca05a27981653e37

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
849d01393e354d22-FRA
content-encoding
br
content-type
text/html
date
Tue, 23 Jan 2024 03:38:36 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DejXOVKpBVev4YHONNcbCYR4QP0Zsc8I1YMjjBiX7p5%2FY%2FsvzVzX%2FybBr0GcQ2MsK9FRQcri6HBYM%2BuKzMFYnUP9xIG1YqF9L4iaW5q97Yj4DhiHNd3b%2FoofuL%2F%2BcjHzCkDo5fq0oy9Vwg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 3C73
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssu2dnyATvLZSmnfiETq6pkXM0D6xU8cbmqSxhyy4Tlj3o5V0HhbgXwTz7vNnhCFeOlCuFR99ZN9eR1exv_Wp7m8aq6GIxiy-6wecEnMOmEMu655WS8h3PGp9HTujcX9l1UpEu3Fi-R2h1o1KnpgDZt_Mh7ElzDYiPuydwmc8toc-7sHZvUJ8qgzPpcUQoy3lBbXboTQwe_OYanp8vQCFxtGe0sPKK23jpJ4PYQ9Zb8nNB0cMAJXntHLI7gQ3B5OZWm5i75PURmtV7_TyZf1KEEh2DWFh2Cv3plN-wEHCPpgEUsZJqBlW0-Yma4sEtX6CI8wt2kZau8ZN7oG-eR9abnnnvBR2bVfaQxHhphWlXd428PnBx8Gno&sai=AMfl-YTikWRyRdsTXs6Uh46sMg2hgRTgq7e2fce8Wx93fUMS9QEXXY6zbLaCxizPT60imwLGYXBcS1-G1ICIj0wfR1TlU4HowOsFPDVu0xQmhJtlGXOYAN1OODcx8vbcSoI&sig=Cg0ArKJSzA0jFD-Az1P9EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6BD4
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 01:04:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
527641
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Jan 2025 01:04:35 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 6BD4
26 KB
10 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5694
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=224VLJPOVaIZ2bgfQc9248p7SbfO6NFNOdR3HxEObvvxuxRMBr0YBVGm0ZKroKyCSX8LwRV8zdi6qG12i4hA3BPAnVMS0sKXSmeSVTrKH4lvtpJ1xk1wNyOEbNxIznwFGRk%2Ff96wa7IeS4BQEW8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
849d01396fe0927a-FRA
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6BD4
206 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 03:38:36 GMT
dt
dt.adsafeprotected.com/ Frame DE85
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=8095&asId=734c5183-433c-0410-aefa-573050149c45&tv=%7Bc:25LHBB,pingTime:-10,time:816,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1705981116383%7C%7C470bf1953da1a62d6dc8d0ca6c904fea%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C69a67b079a09c48c2c18ec4f3fee8ae6%7C%7C2c0cb636cf96fe5a2059e553f13ca38a%7C%7C33dc976bc4b4a62a8abe92058751e805%7C%7C3287c7cf48621762fe3332681b976f81%7C%7C5d88ddd05d0f06b5fe3480bdc42f8dfb%7C%7C1663701684,im:%7BpWait:74%7D%7D
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:e315:15fa:9bb4:390c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 35A3
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
542668
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 20:54:08 GMT
expires
Wed, 15 Jan 2025 20:54:08 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame C20C
31 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFlZQDoMIIawABusXTDDFE7KJNJT385SSErXotRNcc8R4WDbQu63c9gTef8u4U5cggSCU9ih4NH-O_HC7hztNhpb_G8EU62ImPxocX3fFqk-PCc1R6gUNsNMUDFP0fPqELVOKlCx0MLkPidGgPWwFg-wcNH1lZFCgLchvvp8ghwa3XLW8&cry=1&dbm_d=AKAmf-ArJcDew6kK-xlT_QANCUV4dPtgoHZKV4sCZ9cFMjviXaeqCkHkeUePYDir_dERi_KA3Vw9P-FWZ5nTTjL-tbx5hWh7CzlTSLT2aJAg8_Bf-6KpLIJVcXKShpGg67WUUlOg9DoSvkuxdz6RBxoalJuX-1xekt4s7CqTD7BTkJXRVysMNCPPwj1asnaYRJ6UwG8A_q3oYqI_jdNbnV7SMl2AujS1PsCnKVxXqMoFRuLQWg_jsCjzosfDXuS-JglqBe2ZM6R-YfOxwf5vJwMXu0GxNyznnhALczWk1igk-UwfFQ7dJNsqy7HivmWCCiFZ_1wqWYR6aCnoncCKT-4S4mz9Dxxn3HNEwNlZkLgv8NMNrZ3m0gjAdess9rO84SQ1Wrt0S3AwAs5AL0xqR-ydbW5VsWM8WGeC9ShsBN_-0NKMC4Z015ez7fX6xxh8UK_KpqsColuLiHeYmSHb_tmo3KoecDSzDg4EJpU_eM1e6nTJnCqj4nrufDItFgMJucU7qVecGErQNPx3A7CzI9kZLZqHcoDxwFnw11E5Xdt22bguL0RcO656LcpCuUBceZqZEZOMWhEjQ1UlITpftdw-mBQ0rW_6Y9yJImls4LGuoLO1-5Xy-LvxFLfFHuE1pVZV_flSQAzpXGKXX6jEcs5aM_e9Dqnu1y2T-grBMbuf-QYLmpXU-Qbnz_OoWWuIa65433rWRuBLIvj4F-Gteu-6P38UT1nLbNnIFMoW9-0EmE-WBo9tBme__FOsrCm7j4mg0E8X4vdhtfpIOJzNQoH5lEOBMP6UQkz07HeVvb-nU3f8ZG5mpvh61VLv2mzpO1lNEN_s_BvLwBF0AJWtoHURHUSp5krw-3q-8qBcz4OY8omor0Ueizy9-v4E93scWxCnJiTlu89B5P5OMGjdiC--m_8V5MUA78KxriJ_kdozNa922unDeSF9YqKyFCUp4698J2CxOJk0ivS5i29XpSbxEHad0QfOrSnWPoxEvSjLm4-K1UCuTzbIJHVVRenP8gsyFTKCdgXs4V596SLT_AdvebDgb4pDWNo-G4KLi7txwXOOLg_DEPft0hCjKXOsscYVD7hqIXkEZ8R6HUEfEnTg5s2cl314upHUqbYkKqWRx6BrrKEN1JWhJFxesF5QlPKWmG6T6CQWZWlY_7UFUfUSDf7KtAqPhNTO12cRarvBvhyqnOvOGV3CmcSAzSuCY3efSujOCkfM-3uo357tWjATDcSKERT01AJF4iYAv0r_KTZzzhXOJuOjN1EFMDBYymRdqMpckU7vtIKwicJIfR-Z99MAFkx58oBApUqZQeFirfYi-CeI_lxbJLes9L-7pTHyzWsBL8gbGRspSFfwzUhFuLccnje-0_Z5IPsKAAEtPIT9yJURZtadOtAKYt3h7LlUgPriq96pbdQapF09JsXc1xWkp7BE14Rv1H3vQlj-ecnPMSlJsGnPreuL2mEwh9lzHeIZ_3z7pYj-JmT3U9kbORTobC1LycPKf9H4nU1F0hOSEArOtgmil6vH8KF6dDoyvYf9WmkhRf-IkDlRf9n77P5aGc4Ai1lY0_oqA1gxKejDqEfO_1GHAnkCIGdFwnRq6QNI9Ye4QCbtjen8XX7W7Z6gBOBJpwL6kkrErcbFBcmcYQvxvg5guLdk2QocLugAaJMKYQ9iP3OT9gTQp5m2YH1itRkyu1_hx-ApKLd-NsAIqtzPoK7TAoIMsPKWULFKd9gxPTsDCDPdn014FOtkKRbQYG5fKoDnJONUg2jI-m1H8tcpvDw-gcHZ6se9RsgdnfedqiJG6LkFLVsH8OPnWwGl8HsXlvcZc1XiqWjrR93q6Y7lGP8HkOO86GPrPh8TDSPSS6iPqzNpfvpeH7i3ZDWdJFNt5aBM398U_3Pi_PwwB2JVYQrtxU2T9CoEDUtvB5mZwVaFsZTtRBOg81ATR3F7O78bzqRl_fnOAIarUL0QezQjOuz4GH7B4vN9uZaBijHb2JMiyyifeKUmfXQWMtBktQU7EtbE3CTWXIrthzd2HTFWK4Ciupcxw4P3NTSY4hL5U93ssqNwsJWkNYeIvp8m4HNOCfzuY5nvj9R_mLnhUVdOnkyno-q5X02Y_lPaQMLm44rdMMxmsq6ES6tyN9mI5_Y87Mln6mU9nov55izxCRwTI2OJNiWV33aK5ErBu0xt9ojxCUGE-obL1F8KEPDvdrrv8RILHAJAz2F-JzpPq85kdsEMbHASQ7fYb4LiSM8NwGAsBOmyEs7ztOTfiK1e_DorBi4HKB70Nz669e0OtZfrKZkicnanJK4T3SRjNz5Plu_Y5igRBo81HT2QYRC6_8HP-cP-h_8cRTceSlwm7Ap738QGKCyz9xdIUBxWXTOUKkfl5mINyKbPQEChvOPXZCmeOajBDHW5-F7goE02eDIXF9WkfvfhME5dcc9va6VLa1lRqR36L3ckVPUqLJPtWkyOL1b1XrpTtS_m9029BTuy5ey8Nuq7bIXD3-YQ-HssE1-vt0BT-5rd7_PKfgTpRs9c97K_fa1hUXVPzE7YifTpHhCTc_oyaOqc0srXvJGGh83ybwqfA1-6cHjma5qcopOUjE_cYquu0b67yXZjN_UBefkQ_egNX07MB2vMkxVkrSoVxVME0jMGfLmfynTaI64jQqGQQKdOb987LpaXkXT5IneplTAe1yoPqIG922KmZr1G_w87Swg95pDXTyO0izbTbKCGfGDy7Aok48SegEY79HyALbhSwqtZt52Lv3ctRl0EGauKwb6KW1iiwMECi4VHKVWE6ZWJCuWQ2_p_lCbOm5o19hjuckFwhVg7HUj2X3Quhg0DlU-SVONa7MHedJYgGL7pJTCQHJQYPrhnoN76pQt1a4XIzOyOO4PYmuOU4TKbDkykrwqrI5iH662s0NoRxw3vh_EaJ8564i-ikhaQMBd2EsZwH7gxhZiBeCg4psBdsfciR3-GXa_faasSdA7DPkEhHgCMhiQ85iaBozajap1-EIkEKhlKBMNmu5wN5MYloVX8kAOs3ZX3Q9bB9nh178Mjstf9klJjGojEPdK5xcE8E9Xv-9CvsN6JBIVIHaSVxf8qUKAj1ncomuigrG9n9ViCWVKLuJUPYdUBGizewPNckS35R92JPFjCTJzdM0VgLUMqkq86dx_MaF4P-RtsMEOIjNNpnmEnEkrPe4Ip2dfdXPeeY6twSk5ChZZlT83yf7eTA9tXC7zbfMV9NDQsjct99lY6_YoLI8BgCr-q2P2ZWD8N5vHpXyCn6I7kRN6qIhNC-iFwJI40H37jBXpg9gR2UfYUmKiETw9gOU4dx3f1vIxDYfoB8YRNTMDK6gruuMD_Hzs2CyR8vJvU_LjxExpw_018lJwAs31bfzOjC9vtJCQeh6n-e54z4UEd8eZ6AGmER59XASBxLrVgSjSZ8ndvQw9IvTyLoU-JxaLgn3fD_o-z87O9uTqnWQ0N29LzcNPQEagDGd6-9EuZ-oqLu5cTzkXjy61Nb74n03hcVToDyp5qhN9t79Icv6k5K5KAmxTijRmjjeHvF7qM_iTEcqayWT5eA577DB-fUUmPgLTyJMlNcPGQClW4RNYQgg-8F-D7aHXiZg5khp8jY1WGC4_0gm6GED79naUDM4RyP0mF5ck95KYFRnRZBVLrW5b6&pr=13%3AZa80ugAAAACg5Iv_XVtHAyBdp3EQlSDOYBmDtw&cid=CAQSMgAvHhf_mr2gDCcx2rxvT3HZ0UDOYuqbe6FpBUZ6ysTpQA_OfOw2134FEhnKLdQAnZr9GAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=13360751143494547000&adk=196163434&idt=125&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
32907
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 18:30:09 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C20C
206 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFlZQDoMIIawABusXTDDFE7KJNJT385SSErXotRNcc8R4WDbQu63c9gTef8u4U5cggSCU9ih4NH-O_HC7hztNhpb_G8EU62ImPxocX3fFqk-PCc1R6gUNsNMUDFP0fPqELVOKlCx0MLkPidGgPWwFg-wcNH1lZFCgLchvvp8ghwa3XLW8&cry=1&dbm_d=AKAmf-ArJcDew6kK-xlT_QANCUV4dPtgoHZKV4sCZ9cFMjviXaeqCkHkeUePYDir_dERi_KA3Vw9P-FWZ5nTTjL-tbx5hWh7CzlTSLT2aJAg8_Bf-6KpLIJVcXKShpGg67WUUlOg9DoSvkuxdz6RBxoalJuX-1xekt4s7CqTD7BTkJXRVysMNCPPwj1asnaYRJ6UwG8A_q3oYqI_jdNbnV7SMl2AujS1PsCnKVxXqMoFRuLQWg_jsCjzosfDXuS-JglqBe2ZM6R-YfOxwf5vJwMXu0GxNyznnhALczWk1igk-UwfFQ7dJNsqy7HivmWCCiFZ_1wqWYR6aCnoncCKT-4S4mz9Dxxn3HNEwNlZkLgv8NMNrZ3m0gjAdess9rO84SQ1Wrt0S3AwAs5AL0xqR-ydbW5VsWM8WGeC9ShsBN_-0NKMC4Z015ez7fX6xxh8UK_KpqsColuLiHeYmSHb_tmo3KoecDSzDg4EJpU_eM1e6nTJnCqj4nrufDItFgMJucU7qVecGErQNPx3A7CzI9kZLZqHcoDxwFnw11E5Xdt22bguL0RcO656LcpCuUBceZqZEZOMWhEjQ1UlITpftdw-mBQ0rW_6Y9yJImls4LGuoLO1-5Xy-LvxFLfFHuE1pVZV_flSQAzpXGKXX6jEcs5aM_e9Dqnu1y2T-grBMbuf-QYLmpXU-Qbnz_OoWWuIa65433rWRuBLIvj4F-Gteu-6P38UT1nLbNnIFMoW9-0EmE-WBo9tBme__FOsrCm7j4mg0E8X4vdhtfpIOJzNQoH5lEOBMP6UQkz07HeVvb-nU3f8ZG5mpvh61VLv2mzpO1lNEN_s_BvLwBF0AJWtoHURHUSp5krw-3q-8qBcz4OY8omor0Ueizy9-v4E93scWxCnJiTlu89B5P5OMGjdiC--m_8V5MUA78KxriJ_kdozNa922unDeSF9YqKyFCUp4698J2CxOJk0ivS5i29XpSbxEHad0QfOrSnWPoxEvSjLm4-K1UCuTzbIJHVVRenP8gsyFTKCdgXs4V596SLT_AdvebDgb4pDWNo-G4KLi7txwXOOLg_DEPft0hCjKXOsscYVD7hqIXkEZ8R6HUEfEnTg5s2cl314upHUqbYkKqWRx6BrrKEN1JWhJFxesF5QlPKWmG6T6CQWZWlY_7UFUfUSDf7KtAqPhNTO12cRarvBvhyqnOvOGV3CmcSAzSuCY3efSujOCkfM-3uo357tWjATDcSKERT01AJF4iYAv0r_KTZzzhXOJuOjN1EFMDBYymRdqMpckU7vtIKwicJIfR-Z99MAFkx58oBApUqZQeFirfYi-CeI_lxbJLes9L-7pTHyzWsBL8gbGRspSFfwzUhFuLccnje-0_Z5IPsKAAEtPIT9yJURZtadOtAKYt3h7LlUgPriq96pbdQapF09JsXc1xWkp7BE14Rv1H3vQlj-ecnPMSlJsGnPreuL2mEwh9lzHeIZ_3z7pYj-JmT3U9kbORTobC1LycPKf9H4nU1F0hOSEArOtgmil6vH8KF6dDoyvYf9WmkhRf-IkDlRf9n77P5aGc4Ai1lY0_oqA1gxKejDqEfO_1GHAnkCIGdFwnRq6QNI9Ye4QCbtjen8XX7W7Z6gBOBJpwL6kkrErcbFBcmcYQvxvg5guLdk2QocLugAaJMKYQ9iP3OT9gTQp5m2YH1itRkyu1_hx-ApKLd-NsAIqtzPoK7TAoIMsPKWULFKd9gxPTsDCDPdn014FOtkKRbQYG5fKoDnJONUg2jI-m1H8tcpvDw-gcHZ6se9RsgdnfedqiJG6LkFLVsH8OPnWwGl8HsXlvcZc1XiqWjrR93q6Y7lGP8HkOO86GPrPh8TDSPSS6iPqzNpfvpeH7i3ZDWdJFNt5aBM398U_3Pi_PwwB2JVYQrtxU2T9CoEDUtvB5mZwVaFsZTtRBOg81ATR3F7O78bzqRl_fnOAIarUL0QezQjOuz4GH7B4vN9uZaBijHb2JMiyyifeKUmfXQWMtBktQU7EtbE3CTWXIrthzd2HTFWK4Ciupcxw4P3NTSY4hL5U93ssqNwsJWkNYeIvp8m4HNOCfzuY5nvj9R_mLnhUVdOnkyno-q5X02Y_lPaQMLm44rdMMxmsq6ES6tyN9mI5_Y87Mln6mU9nov55izxCRwTI2OJNiWV33aK5ErBu0xt9ojxCUGE-obL1F8KEPDvdrrv8RILHAJAz2F-JzpPq85kdsEMbHASQ7fYb4LiSM8NwGAsBOmyEs7ztOTfiK1e_DorBi4HKB70Nz669e0OtZfrKZkicnanJK4T3SRjNz5Plu_Y5igRBo81HT2QYRC6_8HP-cP-h_8cRTceSlwm7Ap738QGKCyz9xdIUBxWXTOUKkfl5mINyKbPQEChvOPXZCmeOajBDHW5-F7goE02eDIXF9WkfvfhME5dcc9va6VLa1lRqR36L3ckVPUqLJPtWkyOL1b1XrpTtS_m9029BTuy5ey8Nuq7bIXD3-YQ-HssE1-vt0BT-5rd7_PKfgTpRs9c97K_fa1hUXVPzE7YifTpHhCTc_oyaOqc0srXvJGGh83ybwqfA1-6cHjma5qcopOUjE_cYquu0b67yXZjN_UBefkQ_egNX07MB2vMkxVkrSoVxVME0jMGfLmfynTaI64jQqGQQKdOb987LpaXkXT5IneplTAe1yoPqIG922KmZr1G_w87Swg95pDXTyO0izbTbKCGfGDy7Aok48SegEY79HyALbhSwqtZt52Lv3ctRl0EGauKwb6KW1iiwMECi4VHKVWE6ZWJCuWQ2_p_lCbOm5o19hjuckFwhVg7HUj2X3Quhg0DlU-SVONa7MHedJYgGL7pJTCQHJQYPrhnoN76pQt1a4XIzOyOO4PYmuOU4TKbDkykrwqrI5iH662s0NoRxw3vh_EaJ8564i-ikhaQMBd2EsZwH7gxhZiBeCg4psBdsfciR3-GXa_faasSdA7DPkEhHgCMhiQ85iaBozajap1-EIkEKhlKBMNmu5wN5MYloVX8kAOs3ZX3Q9bB9nh178Mjstf9klJjGojEPdK5xcE8E9Xv-9CvsN6JBIVIHaSVxf8qUKAj1ncomuigrG9n9ViCWVKLuJUPYdUBGizewPNckS35R92JPFjCTJzdM0VgLUMqkq86dx_MaF4P-RtsMEOIjNNpnmEnEkrPe4Ip2dfdXPeeY6twSk5ChZZlT83yf7eTA9tXC7zbfMV9NDQsjct99lY6_YoLI8BgCr-q2P2ZWD8N5vHpXyCn6I7kRN6qIhNC-iFwJI40H37jBXpg9gR2UfYUmKiETw9gOU4dx3f1vIxDYfoB8YRNTMDK6gruuMD_Hzs2CyR8vJvU_LjxExpw_018lJwAs31bfzOjC9vtJCQeh6n-e54z4UEd8eZ6AGmER59XASBxLrVgSjSZ8ndvQw9IvTyLoU-JxaLgn3fD_o-z87O9uTqnWQ0N29LzcNPQEagDGd6-9EuZ-oqLu5cTzkXjy61Nb74n03hcVToDyp5qhN9t79Icv6k5K5KAmxTijRmjjeHvF7qM_iTEcqayWT5eA577DB-fUUmPgLTyJMlNcPGQClW4RNYQgg-8F-D7aHXiZg5khp8jY1WGC4_0gm6GED79naUDM4RyP0mF5ck95KYFRnRZBVLrW5b6&pr=13%3AZa80ugAAAACg5Iv_XVtHAyBdp3EQlSDOYBmDtw&cid=CAQSMgAvHhf_mr2gDCcx2rxvT3HZ0UDOYuqbe6FpBUZ6ysTpQA_OfOw2134FEhnKLdQAnZr9GAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=13360751143494547000&adk=196163434&idt=125&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 03:38:36 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame C20C
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFlZQDoMIIawABusXTDDFE7KJNJT385SSErXotRNcc8R4WDbQu63c9gTef8u4U5cggSCU9ih4NH-O_HC7hztNhpb_G8EU62ImPxocX3fFqk-PCc1R6gUNsNMUDFP0fPqELVOKlCx0MLkPidGgPWwFg-wcNH1lZFCgLchvvp8ghwa3XLW8&cry=1&dbm_d=AKAmf-ArJcDew6kK-xlT_QANCUV4dPtgoHZKV4sCZ9cFMjviXaeqCkHkeUePYDir_dERi_KA3Vw9P-FWZ5nTTjL-tbx5hWh7CzlTSLT2aJAg8_Bf-6KpLIJVcXKShpGg67WUUlOg9DoSvkuxdz6RBxoalJuX-1xekt4s7CqTD7BTkJXRVysMNCPPwj1asnaYRJ6UwG8A_q3oYqI_jdNbnV7SMl2AujS1PsCnKVxXqMoFRuLQWg_jsCjzosfDXuS-JglqBe2ZM6R-YfOxwf5vJwMXu0GxNyznnhALczWk1igk-UwfFQ7dJNsqy7HivmWCCiFZ_1wqWYR6aCnoncCKT-4S4mz9Dxxn3HNEwNlZkLgv8NMNrZ3m0gjAdess9rO84SQ1Wrt0S3AwAs5AL0xqR-ydbW5VsWM8WGeC9ShsBN_-0NKMC4Z015ez7fX6xxh8UK_KpqsColuLiHeYmSHb_tmo3KoecDSzDg4EJpU_eM1e6nTJnCqj4nrufDItFgMJucU7qVecGErQNPx3A7CzI9kZLZqHcoDxwFnw11E5Xdt22bguL0RcO656LcpCuUBceZqZEZOMWhEjQ1UlITpftdw-mBQ0rW_6Y9yJImls4LGuoLO1-5Xy-LvxFLfFHuE1pVZV_flSQAzpXGKXX6jEcs5aM_e9Dqnu1y2T-grBMbuf-QYLmpXU-Qbnz_OoWWuIa65433rWRuBLIvj4F-Gteu-6P38UT1nLbNnIFMoW9-0EmE-WBo9tBme__FOsrCm7j4mg0E8X4vdhtfpIOJzNQoH5lEOBMP6UQkz07HeVvb-nU3f8ZG5mpvh61VLv2mzpO1lNEN_s_BvLwBF0AJWtoHURHUSp5krw-3q-8qBcz4OY8omor0Ueizy9-v4E93scWxCnJiTlu89B5P5OMGjdiC--m_8V5MUA78KxriJ_kdozNa922unDeSF9YqKyFCUp4698J2CxOJk0ivS5i29XpSbxEHad0QfOrSnWPoxEvSjLm4-K1UCuTzbIJHVVRenP8gsyFTKCdgXs4V596SLT_AdvebDgb4pDWNo-G4KLi7txwXOOLg_DEPft0hCjKXOsscYVD7hqIXkEZ8R6HUEfEnTg5s2cl314upHUqbYkKqWRx6BrrKEN1JWhJFxesF5QlPKWmG6T6CQWZWlY_7UFUfUSDf7KtAqPhNTO12cRarvBvhyqnOvOGV3CmcSAzSuCY3efSujOCkfM-3uo357tWjATDcSKERT01AJF4iYAv0r_KTZzzhXOJuOjN1EFMDBYymRdqMpckU7vtIKwicJIfR-Z99MAFkx58oBApUqZQeFirfYi-CeI_lxbJLes9L-7pTHyzWsBL8gbGRspSFfwzUhFuLccnje-0_Z5IPsKAAEtPIT9yJURZtadOtAKYt3h7LlUgPriq96pbdQapF09JsXc1xWkp7BE14Rv1H3vQlj-ecnPMSlJsGnPreuL2mEwh9lzHeIZ_3z7pYj-JmT3U9kbORTobC1LycPKf9H4nU1F0hOSEArOtgmil6vH8KF6dDoyvYf9WmkhRf-IkDlRf9n77P5aGc4Ai1lY0_oqA1gxKejDqEfO_1GHAnkCIGdFwnRq6QNI9Ye4QCbtjen8XX7W7Z6gBOBJpwL6kkrErcbFBcmcYQvxvg5guLdk2QocLugAaJMKYQ9iP3OT9gTQp5m2YH1itRkyu1_hx-ApKLd-NsAIqtzPoK7TAoIMsPKWULFKd9gxPTsDCDPdn014FOtkKRbQYG5fKoDnJONUg2jI-m1H8tcpvDw-gcHZ6se9RsgdnfedqiJG6LkFLVsH8OPnWwGl8HsXlvcZc1XiqWjrR93q6Y7lGP8HkOO86GPrPh8TDSPSS6iPqzNpfvpeH7i3ZDWdJFNt5aBM398U_3Pi_PwwB2JVYQrtxU2T9CoEDUtvB5mZwVaFsZTtRBOg81ATR3F7O78bzqRl_fnOAIarUL0QezQjOuz4GH7B4vN9uZaBijHb2JMiyyifeKUmfXQWMtBktQU7EtbE3CTWXIrthzd2HTFWK4Ciupcxw4P3NTSY4hL5U93ssqNwsJWkNYeIvp8m4HNOCfzuY5nvj9R_mLnhUVdOnkyno-q5X02Y_lPaQMLm44rdMMxmsq6ES6tyN9mI5_Y87Mln6mU9nov55izxCRwTI2OJNiWV33aK5ErBu0xt9ojxCUGE-obL1F8KEPDvdrrv8RILHAJAz2F-JzpPq85kdsEMbHASQ7fYb4LiSM8NwGAsBOmyEs7ztOTfiK1e_DorBi4HKB70Nz669e0OtZfrKZkicnanJK4T3SRjNz5Plu_Y5igRBo81HT2QYRC6_8HP-cP-h_8cRTceSlwm7Ap738QGKCyz9xdIUBxWXTOUKkfl5mINyKbPQEChvOPXZCmeOajBDHW5-F7goE02eDIXF9WkfvfhME5dcc9va6VLa1lRqR36L3ckVPUqLJPtWkyOL1b1XrpTtS_m9029BTuy5ey8Nuq7bIXD3-YQ-HssE1-vt0BT-5rd7_PKfgTpRs9c97K_fa1hUXVPzE7YifTpHhCTc_oyaOqc0srXvJGGh83ybwqfA1-6cHjma5qcopOUjE_cYquu0b67yXZjN_UBefkQ_egNX07MB2vMkxVkrSoVxVME0jMGfLmfynTaI64jQqGQQKdOb987LpaXkXT5IneplTAe1yoPqIG922KmZr1G_w87Swg95pDXTyO0izbTbKCGfGDy7Aok48SegEY79HyALbhSwqtZt52Lv3ctRl0EGauKwb6KW1iiwMECi4VHKVWE6ZWJCuWQ2_p_lCbOm5o19hjuckFwhVg7HUj2X3Quhg0DlU-SVONa7MHedJYgGL7pJTCQHJQYPrhnoN76pQt1a4XIzOyOO4PYmuOU4TKbDkykrwqrI5iH662s0NoRxw3vh_EaJ8564i-ikhaQMBd2EsZwH7gxhZiBeCg4psBdsfciR3-GXa_faasSdA7DPkEhHgCMhiQ85iaBozajap1-EIkEKhlKBMNmu5wN5MYloVX8kAOs3ZX3Q9bB9nh178Mjstf9klJjGojEPdK5xcE8E9Xv-9CvsN6JBIVIHaSVxf8qUKAj1ncomuigrG9n9ViCWVKLuJUPYdUBGizewPNckS35R92JPFjCTJzdM0VgLUMqkq86dx_MaF4P-RtsMEOIjNNpnmEnEkrPe4Ip2dfdXPeeY6twSk5ChZZlT83yf7eTA9tXC7zbfMV9NDQsjct99lY6_YoLI8BgCr-q2P2ZWD8N5vHpXyCn6I7kRN6qIhNC-iFwJI40H37jBXpg9gR2UfYUmKiETw9gOU4dx3f1vIxDYfoB8YRNTMDK6gruuMD_Hzs2CyR8vJvU_LjxExpw_018lJwAs31bfzOjC9vtJCQeh6n-e54z4UEd8eZ6AGmER59XASBxLrVgSjSZ8ndvQw9IvTyLoU-JxaLgn3fD_o-z87O9uTqnWQ0N29LzcNPQEagDGd6-9EuZ-oqLu5cTzkXjy61Nb74n03hcVToDyp5qhN9t79Icv6k5K5KAmxTijRmjjeHvF7qM_iTEcqayWT5eA577DB-fUUmPgLTyJMlNcPGQClW4RNYQgg-8F-D7aHXiZg5khp8jY1WGC4_0gm6GED79naUDM4RyP0mF5ck95KYFRnRZBVLrW5b6&pr=13%3AZa80ugAAAACg5Iv_XVtHAyBdp3EQlSDOYBmDtw&cid=CAQSMgAvHhf_mr2gDCcx2rxvT3HZ0UDOYuqbe6FpBUZ6ysTpQA_OfOw2134FEhnKLdQAnZr9GAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=13360751143494547000&adk=196163434&idt=125&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:28:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
522623
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:28:13 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTk4MTExNjIyNzgyNgogIHNlcnZlcl9pcDogMTM0MDU0NDQyCiAgcHJvY2Vzc19pZDogMTI5MjcxNTgxMQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA0MzYyOTYy...
ad.doubleclick.net/ddm/activity/ Frame C20C
0
22 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTk4MTExNjIyNzgyNgogIHNlcnZlcl9pcDogMTM0MDU0NDQyCiAgcHJvY2Vzc19pZDogMTI5MjcxNTgxMQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA0MzYyOTYyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9hZGZvcm0ubmV0Igp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDE0NDM3NDYyNzU2NDgyMTExMDIKZGVidWdfa2V5OiAxNDU3NTAxODkyNjQ2ODQwMzg3NQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDEtMjMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MzYyOTYyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjY3NDAwNjUyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMjI0NzYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjA3MDkxOQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIyMTc3ODc3NAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZGZvcm0ubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vY29ucmFkLmNoIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZHlzb24uY2giCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3NTQ5NzQ3MjAK
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xbc3881d16fa45c210000000000000000","13":"0x358a6dbb1d547b7c0000000000000000","14":"0xc83bc5d0f57841320000000000000000","15":"0x6b47af8fccf29dce0000000000000000"},"debug_key":"14575018926468403875","debug_reporting":true,"destination":"https://adform.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["4362962"]},"priority":"0","source_event_id":"1443746275648211102"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame FE9B
1 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6f4557c4456e2a3e62f734b6604267ffd57be136eb46222c5619a36804f5513

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
849d01399e6a4d22-FRA
content-encoding
br
content-type
text/html
date
Tue, 23 Jan 2024 03:38:36 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4Fttr22Qk7hKRfKsbQa3uFODNwp7Yk7WEtn19WvICmq5rnUPKzyqjwrt%2BaaGDihaHC7qlXYbaGplRfBWRL3M8JyiWahAmAP82P1RXLeCGFlOYsbo7kuCtFohpzOMCZsXRByYozXdjtawA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
truncated
/ Frame 8423
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30aa4d7efa4951ec30982e0e1d2028878293a77173af2607472dad22c6456321

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
track.adform.net/adfscript/ Frame 66E3
1 KB
1 KB
Script
General
Full URL
https://track.adform.net/adfscript/?bn=67903448;rtbwp=Za80uwAAAACDgchiK_EiuH7WqgY0wHxhbwk_pg;rtbdata=uQ15ENla1PAuTWs6fRGjRpWb7B1_9tYGM9z7z23GmwFUCvMUhi1CBP2mLURCRhgDzdigAwChWcnjKe-guS5X7JB_CSiecMu3VF31rLo_PT_rUBCvIMmTM_I9jq6yvuQ0yFg1YNsgsVG76FslKcgL6xMwbL2NIc_urPoBPhYJLBJyo15kc15lUTZLcBQglqsM1z0UFkcNjzGyXC15ITRgAeslGEgS6KLK8YxBSGWzhUIOdTWiwKb_g9rGlAmoAVco2IfsOfphMFSPkOudTSbEq6JjdfnOlL1K0
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6545494954a3106704616072f09caa556c3744534687ac605fc1014f1851e432
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
901
expires
-1
16fa2879-2f93-4f5d-aa5b-dea370bd6046
a1181.casalemedia.com/impression/v2/201336/111/cmnj9emihgc8k315uhqg/ Frame 66E3
43 B
303 B
Image
General
Full URL
https://a1181.casalemedia.com/impression/v2/201336/111/cmnj9emihgc8k315uhqg/16fa2879-2f93-4f5d-aa5b-dea370bd6046?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1705981715&profileIDs=&creativeID=232a58b&pubID=182762&format=banner&channel=site
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.60.112 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:36 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
52154.gif
idsync.rlcdn.com/ Frame 4FB8
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=c7bb4041-e7e5-4ef9-a286-c7845e42f86c
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=5fd43287-42d7-495b-a185-4d2beaf02b62%3A1705981116.665907&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D5fd43287-42d7-495b-a185-4d2beaf0...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433832264167376&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D5fd43287-42d7-495b-a1...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=5fd43287-42d7-495b-a185-4d2beaf02b62%3A1705981116.665907&_=1705981116.668451
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=2380373011570053850
42 B
304 B
Image
General
Full URL
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=2380373011570053850
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
an-x-request-uuid
94b07b3b-64df-41ac-bffa-dd4c3cbeb61d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=2380373011570053850
x-proxy-origin
149.88.27.82; 149.88.27.82; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4FB8
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1721705916&external_user_id=5d09b1c6-e8e0-4e1e-a1af-31b2250f8040
43 B
736 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1721705916&external_user_id=5d09b1c6-e8e0-4e1e-a1af-31b2250f8040
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYhObk%2FgdblXStuOCGcHM5rmoGfTrM0dIn%2FJi%2BBCHMpM5wb%2B4c0DJEY7weo1dplgByeu8S7euuklOIYgNmfWCR%2BmmQPUxvrgg%2BLw3QQiug0gfOThoPKbk9pAxGOhgl6inDcOBbSdbLIkDw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d013aef504d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 23 Jan 2024 03:38:36 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1721705916&external_user_id=5d09b1c6-e8e0-4e1e-a1af-31b2250f8040
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum.casalemedia.com/ Frame 4FB8
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=486cdbec8421875&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAI3drnKjEVPgM3lMgYAAAAAAA&expiration=1706067516&is_secure=true
43 B
719 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAI3drnKjEVPgM3lMgYAAAAAAA&expiration=1706067516&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57Z9SKrq%2F9AInPIQBMxpTq4oSoiE7jLkYQsVI5Wm9d2EizPhRmn81i8doYkA6H5s06mDcrE1zpNXMkE8Tr26IuIK4f1SccGpBlGilQ8QwYcpzFEdg18ZtrZWhwnY7m43UWGlAEe4"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d013b4f854d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAI3drnKjEVPgM3lMgYAAAAAAA&expiration=1706067516&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 4FB8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=tAfc8mllVrldEoksSbg9lJVYG1I
43 B
735 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=tAfc8mllVrldEoksSbg9lJVYG1I
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBtDGzd926VsGAzT3COyA83E%2FSWZgqaxe2tZr5clDZhzWbdRmFeWeoUUhVREiUk8mLVbzzBSiuJT%2F6GpT6QdpxXZlUp%2FoqugIt9K%2Bbkfw2oREtXmuTuDqgu1S%2FvlFLDIlds5Hg09akafHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d013a9ef64d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=tAfc8mllVrldEoksSbg9lJVYG1I
Date
Tue, 23 Jan 2024 03:38:36 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
bridge
cm.adgrx.com/ Frame 4FB8
43 B
282 B
Image
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.181 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-8
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
Za80ux4LORIGoWQwyWak5QAACFIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4FB8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB
43 B
601 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Server
2a05:d018:d29:3605:a6fa:b563:be0e:7526 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB
date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 4FB8
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
740 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STMIaOrRtv%2F25EZkrzhy9Gx9L%2FOywIBIo7NywRuuH3%2BiudfEWQE2N8px%2FIabSQK0%2BEeihEZSoz4O9%2BtWBY8WOWSRCW6uyxF09FWofC0DBNVc0MqO6YXkD8D7Zwpguqa1hkJWb7DX0TjD%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d013a8ef44d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Tue, 23 Jan 2024 03:38:36 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame 4FB8
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=f2ee90439dfd5be156428cd0f6d5d&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buse...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv1236_7327145198368286646&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:36 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1705981116197093-519
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 4FB8
43 B
103 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Za80ux4LORIGoWQwyWak5QAA%262130
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
21
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
849d0139e8fe18ef-FRA
content-length
43
expires
Tue, 23 Jan 2024 07:38:36 GMT
r62eglto.js
ad4m.at/ Frame C20C
24 KB
10 KB
Other
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Jan 2024 06:20:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
595059
etag
W/"ea6b8b5621410c697cbfca30307bc4ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K3c1LBPNjfB6mgjqBNEUTkGP7atSs905pdtyLkyHBqJbGPsHNRt442xhyGDDh1dV9zXacH0brnl8d7PnY0IP5Y0%2BgGcPUIIJ8x3TnCoK2Itmg6yE7mQi5titapec4Eo1z93ij2A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
849d0139cb386ae1-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Jan 2024 06:20:57 GMT
cookie-frame.html
ad4m.at/ Frame CFA8
2 KB
1 KB
Document
General
Full URL
https://ad4m.at/cookie-frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
2117721
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status
HIT
cf-ray
849d0139cb3a6ae1-FRA
content-encoding
br
content-language
en
content-type
text/html
date
Tue, 23 Jan 2024 03:38:36 GMT
expires
Wed, 29 Nov 2023 11:19:10 GMT
last-modified
Tue, 28 Nov 2023 11:49:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C92etP4y31Cpd2ZOpKjol6KtUmTIZsSHCuSbhdWH6fsSO8cQCyU75%2BJaeU6jHSOLp0Hv9QR9FpXRTbdHyOnRqdsMuLpmnMKlUPGt5JD6tSf1GvEp0FHLiNe93PwtOuKlVq34cN4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 4A06
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0BXLl4OYygEf4J50VDdtuvJ7slHBEyKvu0THp7Sfv-jP1ggW14Ie6QkK35ZmFlT-GlYmYV7eSO4_0f9kKWWW4GUXuO7RdP9fJs7_4J30sdfRXICtAiN4Wiygijh7ziLXDkJ5hi9IL8qO6SeTpV0Gx3vpMJ-vbb_GFZK-ss1GtWmUe6xqdV2z6LRHh7CbLqXVhRYlWH69DuA38HpKauZ6uLxJL5p4WxhvXqgvsH3cS5BWIVhtUmP86UCucHGLlo-MdiyRfyKSirSrWZy1sdYv-H_5N8-4lXMk7EYDvaQflMhviABFmtiPvvWRYzM023fq-09tWB_YMul96lBW_Jvu9OKy-Rb6gj10F5TXh_xz8IUsagUalIQg&sai=AMfl-YS-DFXzRakF7T8wMkj6Dn4CRTxHIGkqMbTB3YWs3p7GPn3H355lRTCyepFc6EFMLFsmfRUsKKTkVQ0oekbTNDWWErTzimPt9Jg6Rb59gWV0Wk3PHt6rlNAUwMB4Kqg&sig=Cg0ArKJSzIsGEmB5xhKYEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 3C73
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d079ef0936a792b48200c9d8f3244cbc32286decde98183d7f559ba1553cab13

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
track.adform.net/adfscript/ Frame 1CF0
1 KB
1 KB
Script
General
Full URL
https://track.adform.net/adfscript/?bn=67903448;rtbwp=Za80uwAAAADDzcoFjiwRAWidLelxF8g6LGShiQ;rtbdata=mxYYoVJbhlU2reK7I6KyaDQ5xYabtQjVzpnU23oXvUaLMu3CYc99lqMg2JAXXuWqzdigAwChWcnjKe-guS5X7JB_CSiecMu3VF31rLo_PT_rUBCvIMmTM_I9jq6yvuQ0yFg1YNsgsVG76FslKcgL6xMwbL2NIc_uOAIN7GnnLT9HAJ5z-CxpsjZLcBQglqsM1z0UFkcNjzGyXC15ITRgAeslGEgS6KLK8YxBSGWzhUIOdTWiwKb_g9rGlAmoAVco2IfsOfphMFTGtluoRAQdE6JjdfnOlL1K0
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8182c2ba46dce768a5570e5f9f6c6b233640749387177912e275c8419f0069f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
902
expires
-1
444e04b4-2862-4870-9d10-2eb2648e7cb2
a1144.casalemedia.com/impression/v2/201336/111/cmnj9etbcvvbablh0r60/ Frame 1CF0
43 B
303 B
Image
General
Full URL
https://a1144.casalemedia.com/impression/v2/201336/111/cmnj9etbcvvbablh0r60/444e04b4-2862-4870-9d10-2eb2648e7cb2?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1705981715&profileIDs=&creativeID=232a58b&pubID=182762&format=banner&channel=site
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.60.75 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:36 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame DC66
31 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXKR48btxKl8ZxFQNRt8f9YB1d778DQyE4gOxctAbNX8BUdMvTsWUy21q-a6noa5_OAOARrGUVb-FDyEHRBLf-Sp8A8UKuvdhdVozzlx-vfJ7k8MgeIf4QZY2QgfrD7BmCFM8GIDALWcvG5-gMamNsY1HQfrzz7-OD52-SajibxkezBbs&cry=1&dbm_d=AKAmf-B8H0PPX-gVi3D7HgSxEQADPhbo_EM_GeWGpvvTvmPynUPP95PEF6qxZMtRhgljbD91bbYIMN_VsxhANENeL1c0sphQRkdyMSyWvktOf7-er1u7Xfw83uZ2K_3IWnu84xTTW2eUvVbDze3AjKKUaumb_IfeN-PpkdmhLHN1YF-cxo2-ilviYDanWhXGkI1dpUTUNOhs0PJPz6ynVfNcFndwOnvfnAnzRbq0SBsGHj2zG_RyS5pCsBJ9DEmmPPiiokQfF9Zgjt9OqopyuxbDVOVe2ZhMgU86-t46oMm4Y8rT1KkDgqqdmqW_7ygqbJI8vhyF37OqxW4UMGhHLmILJx0I_yDKzYzD-9kEOxNU_9EwdDgBtVknDKUUwflxgorbpGtfgJ8hCNpvU6-G_lj-qkK1Q8w4vQv5dRDvyBANpgTApnENrtQGgNIVRBuzYGXVbzAk328PxvhdzS1GA8BJINyDuommScO3sbe1Bj6pFjHG20h-UijcgKLIhs4QCM0KhV4xF1frz35zVA6JKTc7zai0yq1BLQ_YDq6FSs4bFXhPvUuhIwMp1ZTWiOhDy1fMresMsYtUnqqRu97rZu1b3oeCtP_k7l2qNzYtfhikzoYL1sEcemzlVPR3zUS0uVoZwtJ1Y_yG8PblG72nTmgnbahh11db6Ga6kbcbf1PyIMN9UJ-GhhzMLUus1ODl-9OcSwTW-encNZ-2ibfO--6TxZXNybv_BNPXLUoYnl3uXMEXoQClNCUP8saoHdKeDoP2qd3IIjwbM04F0FRZxrVwlWs-jkFR-o1sbSn3Auk13z87RNkWXvt8clFZ-dUGWEstNxXnNYTkwVlnNhtr5EsYvRpNUMdbyDH8neT2_RuqvhzCpTH57gl4NCpojrGXIxPPXpPKO5ahvggo3XQtFh9h4kBEOVqACYiuG5IJ3EUUKLs8bgNcy1oCR-itbMs0DYASsDtbCDR5nOepY34bz_h1PSS6HrXDGNj3DM1lnyQfAWMZUcd_W-7pQBcGItycJcLExlA-iklfpiLNuIUa8Ql603MWz5s717SEZbBca1Mbi01-Trp-6NZVnscfGnwcOyunW-6d0Xffa5GceJxgcLP9s04zLztCQa07wgzrqFz9JukaGKFbd71ba-XJ7HFhVJUtJdwhcAHwiPernIMmbY3-I7rCDrdxyOdJ804PR5oFIFAaUXNB12lqPmbLNvwjrsK0FVQZUcC5ZGd2CjUpoc_7jvtHtHaMJFfU8if7BUa7TKLfPCC0pGk_gBgxSFlyuB3O5773vjOkHFmZ4isYMw1EfUFuLVaBAdh0VPSGVm4_9cyVhOQ5RSAU7eUe88ND97WX2aVmftGKQlBIMlEydNhJ1anwvcj4EY-sVH1nax4woid-a9YjuvwWZ-lBtst6E_L3LIhgBoPQFpXJmze5bIicWbz1Q-RcOZjZw6rtcgKBCZ0SCUfWE3KubnMolTabC-MXHNViic6ItTQ6h5FiwtGelzhMQBlj3fC8nNQpaAeXtmTTe8YQx9-NQ8Rz5RaiiOxR8PLq5ggqBHrEaB2b9pnJWID3mBn_7FuJrdqpzjRhHP6q1iepwVm8IdOPZRO7eCdd7NiGa0vhh_00FgCpse_9Z6eznWhSk1LDgKW0bAPwafAm6ragKWh29ewikYMLrO-BWCpzbaJvUjV9d5GnszETcTRhKXHbdX2p-VEFEijrOjDKj27gbav-7HkWO09_6H6rrP3R7f_znythGs0PSw70tHf1LFrDgsixFbR28mZg8e6Xjwu0Jngt3i8Q96k1sbc68acogjEnwuqnqjFngk3OM6G1-F8wnOfPVhb4vPhjnkLiz9SUgherbXZzwY7vgkrBX85dW9Ey86qvIO-Qiz86DSFnlUGOtkUZbsZ5nJxcyqRej4txJzhA8r8VkJKlTZ2HJ5BDDwTfOQoqPUnX4WqplnofObllCXh_WpB3hlyZq2ucI1xmgN80snm-czLbyEKxbD0gTp5vpta9UcwP_cfwrUjFcuMxusFWPXv4dFBLUJXsICGmJxPoMrgMN_dNDtg2oNn2g9shMyUlf-Xba0TwtOpeQ15OPSqoIa4U0JdrPf9ADSrTrtL8lgIJzEuZiTRoQsMzaJ-Qz_ZvnRGxbF-qOMoapOz0U-6XoVttzVizCMObKrc0DZcdZLq55d2sj02fEmToDDVO6bnN4Auok1kzNTr62UkbNeOvhjvWrKkyH5h0I5ZH73rfO5AD7-k_iudLj1JN3OBXCzsZKc58tU9h1AmEC9K-zXffqvXdXtDzNcMnW288jatNP3Ra30Kch17yHeL34_5xrxkpVfTnJeq65pSRtHC9epSLNW-Hc4vak9o0XlW2JctZgnVch6lFMz5oSShTb51v62WH_HLchrubqqo5EDZYzqiUUopb7X8lSuy1DZrybP7f0gKpUoMbzWs-aW-TrDiYR1o6B0WdLx3ce_vbD_Dr7S_MrFpyCiwgWKUR_aTirfd5-l2hLu0aADfSChYwbuneb98XKtRgWr13MQ_6ZO86a4IqYTDVcwlw7bqH68zw05_Mqqt5hhR56x_PU-BuOTu6ra8asoZoLuVhcqrZJBKqoej7142IN63iM5AdjkTgxYbxMAhdYlPXHGMaViXcLCZbs3jvZfuTyh1w0yud0lfvRvNdG2PjyqzjB0zu3m7rhZhybCU8gsBLpgoPcvpIkJjZW2iGBzokv18TZVc0Q7U2cVYVb2XHPOfx7efu2xergXUZqvv1TKEMXztmYCxxRnrWgtYqvAo9Tc-dzI8ZxhiKxXti9aK7kq2dJ147A_nXZWCsgcOFxnOGRi6Sh_JPGbBT0c8ezksp88ZodcPYhG6ab1PHpzZ0jUnKd_VJKB2vdHaDOXOHH-DrJuT_AJ74XRkQlqzFPrsQW4wtuOc_E2rjvYD-xAOArC5qO0jdOTpsMst_ERRbI2z_6GiuSdlby01A6IGEZTCIwWZhFHMqFjSy5L66ULgqMQbvVUFOb27jnw3fC77WVp8YsFfB6Cyp2pxlqndjdKTIKfP42C8MOjSQN9uxfs8fLU5MmTsSgZ7zHjVkpEXfGCz_O3lqTZINUV3bc_5ymJ4eQ6X8tp8MwxiSxL0OCbRN9Fun76yk_MHvcyl69y1DpfaeQcnaOVGMwSQItev0VOoVn8EkG3Y2ph6UCu8FI5Gc0039hnbaazg6B1iUWR835WtMqkMikDzadUf0V-RjVrojCELS65Livvf83TzZv9m5NhWnzm8RO-6PqeQ_mgxT6AwY5sl7oY3eAhBxgQNWFjWGPJ2NJPSmntcEUv9o6CPBRgzfwOaUNia-X_Sn0el86FPGv3Fg8Nq6p9Bvu9e5sei_uPrJ_zP_BcHT_z8pw4YEA6PaATvLxdw-PWbiK5ZP8rtUErgI4SUmIR4oeF1_4ItS4byF6eWFTWFBpM0Bjv_bMMLLXgbqFNKnnsCX6omQA4vft6v9jeKrBErglNmnfJKxJx30J8hkO6bhwLi01F6rY6ZqN8ySCIQ0N6VCyQTta1Dltq5hVDRZusLm3dYDYWmNyAC_b2lHOJy-PPoy3ycRIRkvG7mZPWRMIs9ZcwgLVNejUUbsNGZt3V8kPsDDXygebGAHMSEY09paIQre_ne4tIDcmFgf6Djmhf1ZB8vxN70UFVadSZ5iIs4nIjiP_1UH0SwgwFBl6gRkQg&pr=13%3AZa80uwAAAAC8GKUJK2CgXKc4OZIQXrvgiaz14g&cid=CAQSMgAvHhf_xIDoJIpJbZCUnw4nhwP-ojpHw6AdZaBjU1DCrGWnoK8tBaX_l-bu0iXaZafLGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=14407094710569122000&adk=2707728948&idt=177&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
32907
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 18:30:09 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DC66
206 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXKR48btxKl8ZxFQNRt8f9YB1d778DQyE4gOxctAbNX8BUdMvTsWUy21q-a6noa5_OAOARrGUVb-FDyEHRBLf-Sp8A8UKuvdhdVozzlx-vfJ7k8MgeIf4QZY2QgfrD7BmCFM8GIDALWcvG5-gMamNsY1HQfrzz7-OD52-SajibxkezBbs&cry=1&dbm_d=AKAmf-B8H0PPX-gVi3D7HgSxEQADPhbo_EM_GeWGpvvTvmPynUPP95PEF6qxZMtRhgljbD91bbYIMN_VsxhANENeL1c0sphQRkdyMSyWvktOf7-er1u7Xfw83uZ2K_3IWnu84xTTW2eUvVbDze3AjKKUaumb_IfeN-PpkdmhLHN1YF-cxo2-ilviYDanWhXGkI1dpUTUNOhs0PJPz6ynVfNcFndwOnvfnAnzRbq0SBsGHj2zG_RyS5pCsBJ9DEmmPPiiokQfF9Zgjt9OqopyuxbDVOVe2ZhMgU86-t46oMm4Y8rT1KkDgqqdmqW_7ygqbJI8vhyF37OqxW4UMGhHLmILJx0I_yDKzYzD-9kEOxNU_9EwdDgBtVknDKUUwflxgorbpGtfgJ8hCNpvU6-G_lj-qkK1Q8w4vQv5dRDvyBANpgTApnENrtQGgNIVRBuzYGXVbzAk328PxvhdzS1GA8BJINyDuommScO3sbe1Bj6pFjHG20h-UijcgKLIhs4QCM0KhV4xF1frz35zVA6JKTc7zai0yq1BLQ_YDq6FSs4bFXhPvUuhIwMp1ZTWiOhDy1fMresMsYtUnqqRu97rZu1b3oeCtP_k7l2qNzYtfhikzoYL1sEcemzlVPR3zUS0uVoZwtJ1Y_yG8PblG72nTmgnbahh11db6Ga6kbcbf1PyIMN9UJ-GhhzMLUus1ODl-9OcSwTW-encNZ-2ibfO--6TxZXNybv_BNPXLUoYnl3uXMEXoQClNCUP8saoHdKeDoP2qd3IIjwbM04F0FRZxrVwlWs-jkFR-o1sbSn3Auk13z87RNkWXvt8clFZ-dUGWEstNxXnNYTkwVlnNhtr5EsYvRpNUMdbyDH8neT2_RuqvhzCpTH57gl4NCpojrGXIxPPXpPKO5ahvggo3XQtFh9h4kBEOVqACYiuG5IJ3EUUKLs8bgNcy1oCR-itbMs0DYASsDtbCDR5nOepY34bz_h1PSS6HrXDGNj3DM1lnyQfAWMZUcd_W-7pQBcGItycJcLExlA-iklfpiLNuIUa8Ql603MWz5s717SEZbBca1Mbi01-Trp-6NZVnscfGnwcOyunW-6d0Xffa5GceJxgcLP9s04zLztCQa07wgzrqFz9JukaGKFbd71ba-XJ7HFhVJUtJdwhcAHwiPernIMmbY3-I7rCDrdxyOdJ804PR5oFIFAaUXNB12lqPmbLNvwjrsK0FVQZUcC5ZGd2CjUpoc_7jvtHtHaMJFfU8if7BUa7TKLfPCC0pGk_gBgxSFlyuB3O5773vjOkHFmZ4isYMw1EfUFuLVaBAdh0VPSGVm4_9cyVhOQ5RSAU7eUe88ND97WX2aVmftGKQlBIMlEydNhJ1anwvcj4EY-sVH1nax4woid-a9YjuvwWZ-lBtst6E_L3LIhgBoPQFpXJmze5bIicWbz1Q-RcOZjZw6rtcgKBCZ0SCUfWE3KubnMolTabC-MXHNViic6ItTQ6h5FiwtGelzhMQBlj3fC8nNQpaAeXtmTTe8YQx9-NQ8Rz5RaiiOxR8PLq5ggqBHrEaB2b9pnJWID3mBn_7FuJrdqpzjRhHP6q1iepwVm8IdOPZRO7eCdd7NiGa0vhh_00FgCpse_9Z6eznWhSk1LDgKW0bAPwafAm6ragKWh29ewikYMLrO-BWCpzbaJvUjV9d5GnszETcTRhKXHbdX2p-VEFEijrOjDKj27gbav-7HkWO09_6H6rrP3R7f_znythGs0PSw70tHf1LFrDgsixFbR28mZg8e6Xjwu0Jngt3i8Q96k1sbc68acogjEnwuqnqjFngk3OM6G1-F8wnOfPVhb4vPhjnkLiz9SUgherbXZzwY7vgkrBX85dW9Ey86qvIO-Qiz86DSFnlUGOtkUZbsZ5nJxcyqRej4txJzhA8r8VkJKlTZ2HJ5BDDwTfOQoqPUnX4WqplnofObllCXh_WpB3hlyZq2ucI1xmgN80snm-czLbyEKxbD0gTp5vpta9UcwP_cfwrUjFcuMxusFWPXv4dFBLUJXsICGmJxPoMrgMN_dNDtg2oNn2g9shMyUlf-Xba0TwtOpeQ15OPSqoIa4U0JdrPf9ADSrTrtL8lgIJzEuZiTRoQsMzaJ-Qz_ZvnRGxbF-qOMoapOz0U-6XoVttzVizCMObKrc0DZcdZLq55d2sj02fEmToDDVO6bnN4Auok1kzNTr62UkbNeOvhjvWrKkyH5h0I5ZH73rfO5AD7-k_iudLj1JN3OBXCzsZKc58tU9h1AmEC9K-zXffqvXdXtDzNcMnW288jatNP3Ra30Kch17yHeL34_5xrxkpVfTnJeq65pSRtHC9epSLNW-Hc4vak9o0XlW2JctZgnVch6lFMz5oSShTb51v62WH_HLchrubqqo5EDZYzqiUUopb7X8lSuy1DZrybP7f0gKpUoMbzWs-aW-TrDiYR1o6B0WdLx3ce_vbD_Dr7S_MrFpyCiwgWKUR_aTirfd5-l2hLu0aADfSChYwbuneb98XKtRgWr13MQ_6ZO86a4IqYTDVcwlw7bqH68zw05_Mqqt5hhR56x_PU-BuOTu6ra8asoZoLuVhcqrZJBKqoej7142IN63iM5AdjkTgxYbxMAhdYlPXHGMaViXcLCZbs3jvZfuTyh1w0yud0lfvRvNdG2PjyqzjB0zu3m7rhZhybCU8gsBLpgoPcvpIkJjZW2iGBzokv18TZVc0Q7U2cVYVb2XHPOfx7efu2xergXUZqvv1TKEMXztmYCxxRnrWgtYqvAo9Tc-dzI8ZxhiKxXti9aK7kq2dJ147A_nXZWCsgcOFxnOGRi6Sh_JPGbBT0c8ezksp88ZodcPYhG6ab1PHpzZ0jUnKd_VJKB2vdHaDOXOHH-DrJuT_AJ74XRkQlqzFPrsQW4wtuOc_E2rjvYD-xAOArC5qO0jdOTpsMst_ERRbI2z_6GiuSdlby01A6IGEZTCIwWZhFHMqFjSy5L66ULgqMQbvVUFOb27jnw3fC77WVp8YsFfB6Cyp2pxlqndjdKTIKfP42C8MOjSQN9uxfs8fLU5MmTsSgZ7zHjVkpEXfGCz_O3lqTZINUV3bc_5ymJ4eQ6X8tp8MwxiSxL0OCbRN9Fun76yk_MHvcyl69y1DpfaeQcnaOVGMwSQItev0VOoVn8EkG3Y2ph6UCu8FI5Gc0039hnbaazg6B1iUWR835WtMqkMikDzadUf0V-RjVrojCELS65Livvf83TzZv9m5NhWnzm8RO-6PqeQ_mgxT6AwY5sl7oY3eAhBxgQNWFjWGPJ2NJPSmntcEUv9o6CPBRgzfwOaUNia-X_Sn0el86FPGv3Fg8Nq6p9Bvu9e5sei_uPrJ_zP_BcHT_z8pw4YEA6PaATvLxdw-PWbiK5ZP8rtUErgI4SUmIR4oeF1_4ItS4byF6eWFTWFBpM0Bjv_bMMLLXgbqFNKnnsCX6omQA4vft6v9jeKrBErglNmnfJKxJx30J8hkO6bhwLi01F6rY6ZqN8ySCIQ0N6VCyQTta1Dltq5hVDRZusLm3dYDYWmNyAC_b2lHOJy-PPoy3ycRIRkvG7mZPWRMIs9ZcwgLVNejUUbsNGZt3V8kPsDDXygebGAHMSEY09paIQre_ne4tIDcmFgf6Djmhf1ZB8vxN70UFVadSZ5iIs4nIjiP_1UH0SwgwFBl6gRkQg&pr=13%3AZa80uwAAAAC8GKUJK2CgXKc4OZIQXrvgiaz14g&cid=CAQSMgAvHhf_xIDoJIpJbZCUnw4nhwP-ojpHw6AdZaBjU1DCrGWnoK8tBaX_l-bu0iXaZafLGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=14407094710569122000&adk=2707728948&idt=177&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 03:38:36 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame DC66
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXKR48btxKl8ZxFQNRt8f9YB1d778DQyE4gOxctAbNX8BUdMvTsWUy21q-a6noa5_OAOARrGUVb-FDyEHRBLf-Sp8A8UKuvdhdVozzlx-vfJ7k8MgeIf4QZY2QgfrD7BmCFM8GIDALWcvG5-gMamNsY1HQfrzz7-OD52-SajibxkezBbs&cry=1&dbm_d=AKAmf-B8H0PPX-gVi3D7HgSxEQADPhbo_EM_GeWGpvvTvmPynUPP95PEF6qxZMtRhgljbD91bbYIMN_VsxhANENeL1c0sphQRkdyMSyWvktOf7-er1u7Xfw83uZ2K_3IWnu84xTTW2eUvVbDze3AjKKUaumb_IfeN-PpkdmhLHN1YF-cxo2-ilviYDanWhXGkI1dpUTUNOhs0PJPz6ynVfNcFndwOnvfnAnzRbq0SBsGHj2zG_RyS5pCsBJ9DEmmPPiiokQfF9Zgjt9OqopyuxbDVOVe2ZhMgU86-t46oMm4Y8rT1KkDgqqdmqW_7ygqbJI8vhyF37OqxW4UMGhHLmILJx0I_yDKzYzD-9kEOxNU_9EwdDgBtVknDKUUwflxgorbpGtfgJ8hCNpvU6-G_lj-qkK1Q8w4vQv5dRDvyBANpgTApnENrtQGgNIVRBuzYGXVbzAk328PxvhdzS1GA8BJINyDuommScO3sbe1Bj6pFjHG20h-UijcgKLIhs4QCM0KhV4xF1frz35zVA6JKTc7zai0yq1BLQ_YDq6FSs4bFXhPvUuhIwMp1ZTWiOhDy1fMresMsYtUnqqRu97rZu1b3oeCtP_k7l2qNzYtfhikzoYL1sEcemzlVPR3zUS0uVoZwtJ1Y_yG8PblG72nTmgnbahh11db6Ga6kbcbf1PyIMN9UJ-GhhzMLUus1ODl-9OcSwTW-encNZ-2ibfO--6TxZXNybv_BNPXLUoYnl3uXMEXoQClNCUP8saoHdKeDoP2qd3IIjwbM04F0FRZxrVwlWs-jkFR-o1sbSn3Auk13z87RNkWXvt8clFZ-dUGWEstNxXnNYTkwVlnNhtr5EsYvRpNUMdbyDH8neT2_RuqvhzCpTH57gl4NCpojrGXIxPPXpPKO5ahvggo3XQtFh9h4kBEOVqACYiuG5IJ3EUUKLs8bgNcy1oCR-itbMs0DYASsDtbCDR5nOepY34bz_h1PSS6HrXDGNj3DM1lnyQfAWMZUcd_W-7pQBcGItycJcLExlA-iklfpiLNuIUa8Ql603MWz5s717SEZbBca1Mbi01-Trp-6NZVnscfGnwcOyunW-6d0Xffa5GceJxgcLP9s04zLztCQa07wgzrqFz9JukaGKFbd71ba-XJ7HFhVJUtJdwhcAHwiPernIMmbY3-I7rCDrdxyOdJ804PR5oFIFAaUXNB12lqPmbLNvwjrsK0FVQZUcC5ZGd2CjUpoc_7jvtHtHaMJFfU8if7BUa7TKLfPCC0pGk_gBgxSFlyuB3O5773vjOkHFmZ4isYMw1EfUFuLVaBAdh0VPSGVm4_9cyVhOQ5RSAU7eUe88ND97WX2aVmftGKQlBIMlEydNhJ1anwvcj4EY-sVH1nax4woid-a9YjuvwWZ-lBtst6E_L3LIhgBoPQFpXJmze5bIicWbz1Q-RcOZjZw6rtcgKBCZ0SCUfWE3KubnMolTabC-MXHNViic6ItTQ6h5FiwtGelzhMQBlj3fC8nNQpaAeXtmTTe8YQx9-NQ8Rz5RaiiOxR8PLq5ggqBHrEaB2b9pnJWID3mBn_7FuJrdqpzjRhHP6q1iepwVm8IdOPZRO7eCdd7NiGa0vhh_00FgCpse_9Z6eznWhSk1LDgKW0bAPwafAm6ragKWh29ewikYMLrO-BWCpzbaJvUjV9d5GnszETcTRhKXHbdX2p-VEFEijrOjDKj27gbav-7HkWO09_6H6rrP3R7f_znythGs0PSw70tHf1LFrDgsixFbR28mZg8e6Xjwu0Jngt3i8Q96k1sbc68acogjEnwuqnqjFngk3OM6G1-F8wnOfPVhb4vPhjnkLiz9SUgherbXZzwY7vgkrBX85dW9Ey86qvIO-Qiz86DSFnlUGOtkUZbsZ5nJxcyqRej4txJzhA8r8VkJKlTZ2HJ5BDDwTfOQoqPUnX4WqplnofObllCXh_WpB3hlyZq2ucI1xmgN80snm-czLbyEKxbD0gTp5vpta9UcwP_cfwrUjFcuMxusFWPXv4dFBLUJXsICGmJxPoMrgMN_dNDtg2oNn2g9shMyUlf-Xba0TwtOpeQ15OPSqoIa4U0JdrPf9ADSrTrtL8lgIJzEuZiTRoQsMzaJ-Qz_ZvnRGxbF-qOMoapOz0U-6XoVttzVizCMObKrc0DZcdZLq55d2sj02fEmToDDVO6bnN4Auok1kzNTr62UkbNeOvhjvWrKkyH5h0I5ZH73rfO5AD7-k_iudLj1JN3OBXCzsZKc58tU9h1AmEC9K-zXffqvXdXtDzNcMnW288jatNP3Ra30Kch17yHeL34_5xrxkpVfTnJeq65pSRtHC9epSLNW-Hc4vak9o0XlW2JctZgnVch6lFMz5oSShTb51v62WH_HLchrubqqo5EDZYzqiUUopb7X8lSuy1DZrybP7f0gKpUoMbzWs-aW-TrDiYR1o6B0WdLx3ce_vbD_Dr7S_MrFpyCiwgWKUR_aTirfd5-l2hLu0aADfSChYwbuneb98XKtRgWr13MQ_6ZO86a4IqYTDVcwlw7bqH68zw05_Mqqt5hhR56x_PU-BuOTu6ra8asoZoLuVhcqrZJBKqoej7142IN63iM5AdjkTgxYbxMAhdYlPXHGMaViXcLCZbs3jvZfuTyh1w0yud0lfvRvNdG2PjyqzjB0zu3m7rhZhybCU8gsBLpgoPcvpIkJjZW2iGBzokv18TZVc0Q7U2cVYVb2XHPOfx7efu2xergXUZqvv1TKEMXztmYCxxRnrWgtYqvAo9Tc-dzI8ZxhiKxXti9aK7kq2dJ147A_nXZWCsgcOFxnOGRi6Sh_JPGbBT0c8ezksp88ZodcPYhG6ab1PHpzZ0jUnKd_VJKB2vdHaDOXOHH-DrJuT_AJ74XRkQlqzFPrsQW4wtuOc_E2rjvYD-xAOArC5qO0jdOTpsMst_ERRbI2z_6GiuSdlby01A6IGEZTCIwWZhFHMqFjSy5L66ULgqMQbvVUFOb27jnw3fC77WVp8YsFfB6Cyp2pxlqndjdKTIKfP42C8MOjSQN9uxfs8fLU5MmTsSgZ7zHjVkpEXfGCz_O3lqTZINUV3bc_5ymJ4eQ6X8tp8MwxiSxL0OCbRN9Fun76yk_MHvcyl69y1DpfaeQcnaOVGMwSQItev0VOoVn8EkG3Y2ph6UCu8FI5Gc0039hnbaazg6B1iUWR835WtMqkMikDzadUf0V-RjVrojCELS65Livvf83TzZv9m5NhWnzm8RO-6PqeQ_mgxT6AwY5sl7oY3eAhBxgQNWFjWGPJ2NJPSmntcEUv9o6CPBRgzfwOaUNia-X_Sn0el86FPGv3Fg8Nq6p9Bvu9e5sei_uPrJ_zP_BcHT_z8pw4YEA6PaATvLxdw-PWbiK5ZP8rtUErgI4SUmIR4oeF1_4ItS4byF6eWFTWFBpM0Bjv_bMMLLXgbqFNKnnsCX6omQA4vft6v9jeKrBErglNmnfJKxJx30J8hkO6bhwLi01F6rY6ZqN8ySCIQ0N6VCyQTta1Dltq5hVDRZusLm3dYDYWmNyAC_b2lHOJy-PPoy3ycRIRkvG7mZPWRMIs9ZcwgLVNejUUbsNGZt3V8kPsDDXygebGAHMSEY09paIQre_ne4tIDcmFgf6Djmhf1ZB8vxN70UFVadSZ5iIs4nIjiP_1UH0SwgwFBl6gRkQg&pr=13%3AZa80uwAAAAC8GKUJK2CgXKc4OZIQXrvgiaz14g&cid=CAQSMgAvHhf_xIDoJIpJbZCUnw4nhwP-ojpHw6AdZaBjU1DCrGWnoK8tBaX_l-bu0iXaZafLGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=14407094710569122000&adk=2707728948&idt=177&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:28:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
522623
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:28:13 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTk4MTExNjMxNTY4NwogIHNlcnZlcl9pcDogMTQ2NTI4MTMyCiAgcHJvY2Vzc19pZDogMzc1ODk0NDk3NQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA0MzYyOTYy...
ad.doubleclick.net/ddm/activity/ Frame DC66
0
22 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTk4MTExNjMxNTY4NwogIHNlcnZlcl9pcDogMTQ2NTI4MTMyCiAgcHJvY2Vzc19pZDogMzc1ODk0NDk3NQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA0MzYyOTYyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9hZGZvcm0ubmV0Igp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDExNjEzMzkxNjkxMDU5MzgyNDAyCmRlYnVnX2tleTogMTc0NjcyODg4MTIxNzY3NTMwMTgKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAxLTIzIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDM2Mjk2MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDI2NzQwMDY1MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzIyNDc2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIwNzA5MTkKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMjE3Nzg3NzQKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWRmb3JtLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2NvbnJhZC5jaCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2R5c29uLmNoIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzU0OTc0NzIwCg
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xbc3881d16fa45c210000000000000000","13":"0x358a6dbb1d547b7c0000000000000000","14":"0xc83bc5d0f57841320000000000000000","15":"0x6b47af8fccf29dce0000000000000000"},"debug_key":"17467288812176753018","debug_reporting":true,"destination":"https://adform.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["4362962"]},"priority":"0","source_event_id":"11613391691059382402"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 2664
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ea379b580a09637721c28ea1e40c91d7d30657b1d2d91cd0365d030d1908126

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
849d0139eea74d22-FRA
content-encoding
br
content-type
text/html
date
Tue, 23 Jan 2024 03:38:36 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnMHI0zQBHylc4692hwiULTNtIxPfv6Y7uTxj7nfRPfDlYJ74POf7WnRs7ybcrOE5SDInAW2beppx4nR%2Fj91DM9pqaNK8A1ZCaDBfp7QvNUBmga3sVpJwqa2oKe7YVHhMvzzb3ZTlEoLDA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 0066
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 10:08:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
63004
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 10:08:32 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/ Frame 1C74
31 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxlauYDwOEEem4bMMToQb_McyrA06gYn4IokGfvEkRESPADvMWlkHOXdqPd5i5vBOd7yK-zkwB3juK6XeA0IzVQV57x3xRvHBSacZGdD8OoIbVbRAh0N1rmtWugcbFUnPhohwMFW-ZyhwLHg95K9JD6wsBnwWZVck5hG83XZfFScxMZXI&cry=1&dbm_d=AKAmf-CUDsiz1xwDaQ0karHbMoQ_CRjgdG2X2JQ-HJRs-alQGz6TC3o45Wsts0AWvVjoY0f7nLPu7x15HyS7eJI6dRc4aMIXvbRJGAcmDKCp2a43U5qVSDnDoQullFeht5CPSaFO8F9dF_koeF6fTsZTG4hS6nBa8k4aPz6t5DEBx6qxPKvCKZecoqtipPhFrVD3jJPzIuuTPp8GXgo4bHTaTqGHEQTkSJKZ6UAlZ1L8kF2GFu0vb4cFl4Z8kbdSd0VtBYzwlkmsxnEF7g5dqDoQ2tvIXlybTnU8cb-HztyEB4lg_RuQlluxac6KYxvNXVEI-JISw-Mz07Nj6vt34ckuFvP95JD-vXgS1A64yoU_8rLUQQIyjcT4XueYo2iMD5r-KS7YgNhBDPnArQqZZZ1ZWURkzWjEni4JhojCte_gCmpsmEs9nTUQoNEtfUYzK6ZeyFCJbr8TVAxoYFV-08BSRt2rHsZtd9XfDWextApi2OxnX809xXLsBlWc9UpSTiUdd5fLw7u_SVtKXLInbtBS-LoMjSFOlGdVNutQw4ZIYVUq2Gp_fsyTdQzNnD3N5yaD5pew7kiaEcWewJ2f9LtH-X-VQa_amwlXrYuH7buOnLleRCd5k9KM6W4QSTxM8KInVsrhTZtbxUwGCgElIrwMJdtthNy3IlBuy1Bmqs_ZHidfvWlgiWFCBiLtfj-1I2TcUjZ3_obXJEl-7XR0sDLM9U97LAA1wdNOxWPtxsq9-dHwNJdC4JdgxhosgoEvBkU8M79ewqFpoQjziHqh7ef51fkz1O1TzyYyAcoWgbq3SGtFnWCQak-NRdlzQndCshE8htZDD3Pp3i8J0YvkJ6uM04jirUdqlpIIwLLk6TPNQnzY4O6pEkSkw6XAaDkATIT-TO3va8csCISbh7V7wcrJ1vMSbm2FXLE6l-mfd0DDVEtTnA_3p6ujLAgE5koCBoKftQyXujOK7wBAy6atmBM_c--Om40QH6XfzGToC2BVesVcLjnc6wtF2_SyM-9hDCdiUq4qCdXUKdhKaCd6LhZmanAmwdQEyC1v-FW7aMK7uTXf4Bq0MfFruKmjAfsSsT8FYp8FMg_b8ssUVwB8rHRaggAqF2ECHnQ23RSUPxn5NI5Hm7P_c-3OiMvO2k3w1KpgPVtgNwmYne3cvP54RouU0t4_C8wg0EFmnKpfY-sKyPs8LUOOjlSYbEaE1s0GoVFXKErot8xIWQADou-gfjNlVo7FiEwow5grX8hS080LDCg5tfLxyhOHcJGy8J_xjIgQE9O_TJXIhze_XZvla5TbZnzy7v_JjDGFIfVwXdMh6gOwih5f6nANqRqNmcD4PKtTXxjv_DwKo-qGUnHhN_yGV8CLjQSBL44ZO0kGwi5bDeY5boalpwwydOB-YhzrpfZdu0yCQsjbW5SR2LEKo9990ptNBAcljUJ8uTGFOjZdlJ1lvRpfgiggi4KmchIXMAXL5L1VowYGW_sHMmEfC6dgFzwedGJoQSolrNMZn9AeotrigLvzb61rWL-EDvhefiDNJY8F6UMxtzULW5AI_cfj7iQPqDazT75nNL93JDgXVepWdYXeijv8HGYXwC11zvQpoYtmcSSaDJuA2CWeAY0I2zzZ4YYfibEKVnOItHFzOY4D42tiYCxdh2dkZJSPxy3z3XcUqAAKf2-hEU6bZ-0Ir-QK5so_2SH35qlMQMMZxzYNmNmH8gF5gCjONiRTdc60hq_e02xHdzwj-sXd6jmHLAyjEVXiCYSIWef5PnRZgn3Giv5niaeBcADHxMbPh1YN6MMpXee77Pf06kzOW6eGhYRF2K7lnVQy48C7pn37aTcXgDJJMAiJNCxik5sgq4BikDLA59I5IPovCLErCL2KhXfe8ENrqAiw-vj9dqz4N5DA3SiKI0p_VBcoPj2FiVERSnbpPhuJb88ox8TwNMq2Av-HBZQ2qil0kM8iLgRwlUGlKeimppD4QWdVKnmxfnMvx7SNDmdXXh6ds1fHAOJCqxKJCx_emKkujYgIHkmM3idHUm-Ls2LUGm0lMGLJLPmKDUC2ABBV7-7XcNr5ZK3N6gQh-lqsJ3iwuaz-l_JvR5DShUoCqjFGe4Ltg6eSrwU0feSzuh8YQuxdx9fc018NBu5I4F5nhpz1AlB1vhu3enYP9Kv9MrBlWRlx_JXpFYLlbwp8AhZtmF3e9PiaYj6TdFn7llq5P4rW31wGXQuYUhMnDuheR_rxsA31Db_L37CtRDrgKuEwYlZijUOQWLJKdgYePQFFsbr41aiAk-A3u_aZtwJKs4lUy_2brvdoqLWExnDK699C1957mz-zegtNGh-2PMGerJwfUcXoDU-082-3GE5wj3l6s9BgqesTQt5stKo90mH0jTD2oIDfmLPmpfeoyV5kvGGFCkKkGviEMB0nDoGrVhmkNJmSOoLysrUyWJI4JEA0Bi2uv5w0WKPz2FN3QmisaC5W-XEbe7M0waZOAIEFZ-mWlj7iWTDI4gLMF52JhJCwbDnS7-JdZLq9IeytXe2FP1SOJluHdaqp8x2TSmwrluT4NBDMfMC_WvCp1YG4zLi0lep7dW88UHvFNAYToaktlHHjfV4wKY4E6sDlws_ocfqy6_PTikPXTGGZl-Bs9MtEisDhevB_owwX-bYb4iDIGFT0xkvgyAAdI7E2D55_6L6WCEJXoRV3omOfPSa6SPepKAKnGNTnXMUlEmPnMG1wFU7gk51eYBR9FMbTymWx5K0EiJRoz-z68Evu7TnX6U8zICanGY51hXH3Gj2qlpKfZ-4KgXOxI4iZ-JicjeZBlB3JjD-vCTt-Ssv1lb0M2rLnNl3i1uhTOEzNfAFyiRQABQ1MiA9NYKYB-qW6jiRqUMbqeY70YBC6CVZpVElIk3t93BrJ-5qfj7RpggEAYSpXhkmt1q8ywD51UVLOjPvR14gz1_RC1o6hdL5EVM2EyEu0-0wfYnwLVRidp51u3WboXFY1CpYxM3QFIA7Qo2SAiEisnmwe-XDNhXv1wLTW1RG6YGBZ5eVBNNPT96oTooIDc3oSBJxPtmYhNrahPuBwUejdG8h1qdtHN_n5B_HBSUZ_6XnHAcZUFvo2dOSh6vK3qHd3Tq0lVBphEd2v45iqbRRTZNqoyJuV-zc6AqOvtcErIRITBXEL92hwCbKTYBGszlBocvEg1ghS0SlzTSmwcaSicccarLDM303vOoseOTwvBXRipu2s3JAiNeRttFS_ZiWQbpgEIUSQ-hfbW3ngRdjvdF4bks4n2hZ8vQpSjq8IgTbzIf0OjAxz5D2xmJSH71nmYSFkZDUtJd2Wf2PIZzgLkbRLQ7rzQ8bEmLTQyx2DMQRLB2KUGPnI8zrk-t0PAiWMzkfZTQjMxbJHIYju_K5AgXbjjq-wSYyj9aokoV9rcaoLb0o-pesOVrhZAdhHcH0mUUwfuZl7ZfbRY6-ZiGk_ElYJOd12zBRF7ZRwWACSGlzj9et4LYFv-BTKiUzhxqmeVHjD1Dnb-fi6vKPSwFQ00Qy4CxFldkSjKqqMJqDMlx5HmY9J3O0WEoYZ_weijL0KXuQineeJgYc-uw4baaLsyZomrXBoHIASwSU66RyUWVdpPCVHYIh0N4HPeFEUNjhVxn2JhqlgiPy7fU7ULSI&pr=13%3AZa80uwAAAAAowmk94gvyWjyyL6VYGIp5SOQJPA&cid=CAQSMgAvHhf_TGGW2Or_djVvr6u4ETjZNWPAtbvJLXZF3VQJEI5uSI-_ygRbpa-qHOeodXfGGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=16293252838205310000&adk=1346165036&idt=115&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 18:30:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
32907
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 05 Feb 2024 18:30:09 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1C74
206 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxlauYDwOEEem4bMMToQb_McyrA06gYn4IokGfvEkRESPADvMWlkHOXdqPd5i5vBOd7yK-zkwB3juK6XeA0IzVQV57x3xRvHBSacZGdD8OoIbVbRAh0N1rmtWugcbFUnPhohwMFW-ZyhwLHg95K9JD6wsBnwWZVck5hG83XZfFScxMZXI&cry=1&dbm_d=AKAmf-CUDsiz1xwDaQ0karHbMoQ_CRjgdG2X2JQ-HJRs-alQGz6TC3o45Wsts0AWvVjoY0f7nLPu7x15HyS7eJI6dRc4aMIXvbRJGAcmDKCp2a43U5qVSDnDoQullFeht5CPSaFO8F9dF_koeF6fTsZTG4hS6nBa8k4aPz6t5DEBx6qxPKvCKZecoqtipPhFrVD3jJPzIuuTPp8GXgo4bHTaTqGHEQTkSJKZ6UAlZ1L8kF2GFu0vb4cFl4Z8kbdSd0VtBYzwlkmsxnEF7g5dqDoQ2tvIXlybTnU8cb-HztyEB4lg_RuQlluxac6KYxvNXVEI-JISw-Mz07Nj6vt34ckuFvP95JD-vXgS1A64yoU_8rLUQQIyjcT4XueYo2iMD5r-KS7YgNhBDPnArQqZZZ1ZWURkzWjEni4JhojCte_gCmpsmEs9nTUQoNEtfUYzK6ZeyFCJbr8TVAxoYFV-08BSRt2rHsZtd9XfDWextApi2OxnX809xXLsBlWc9UpSTiUdd5fLw7u_SVtKXLInbtBS-LoMjSFOlGdVNutQw4ZIYVUq2Gp_fsyTdQzNnD3N5yaD5pew7kiaEcWewJ2f9LtH-X-VQa_amwlXrYuH7buOnLleRCd5k9KM6W4QSTxM8KInVsrhTZtbxUwGCgElIrwMJdtthNy3IlBuy1Bmqs_ZHidfvWlgiWFCBiLtfj-1I2TcUjZ3_obXJEl-7XR0sDLM9U97LAA1wdNOxWPtxsq9-dHwNJdC4JdgxhosgoEvBkU8M79ewqFpoQjziHqh7ef51fkz1O1TzyYyAcoWgbq3SGtFnWCQak-NRdlzQndCshE8htZDD3Pp3i8J0YvkJ6uM04jirUdqlpIIwLLk6TPNQnzY4O6pEkSkw6XAaDkATIT-TO3va8csCISbh7V7wcrJ1vMSbm2FXLE6l-mfd0DDVEtTnA_3p6ujLAgE5koCBoKftQyXujOK7wBAy6atmBM_c--Om40QH6XfzGToC2BVesVcLjnc6wtF2_SyM-9hDCdiUq4qCdXUKdhKaCd6LhZmanAmwdQEyC1v-FW7aMK7uTXf4Bq0MfFruKmjAfsSsT8FYp8FMg_b8ssUVwB8rHRaggAqF2ECHnQ23RSUPxn5NI5Hm7P_c-3OiMvO2k3w1KpgPVtgNwmYne3cvP54RouU0t4_C8wg0EFmnKpfY-sKyPs8LUOOjlSYbEaE1s0GoVFXKErot8xIWQADou-gfjNlVo7FiEwow5grX8hS080LDCg5tfLxyhOHcJGy8J_xjIgQE9O_TJXIhze_XZvla5TbZnzy7v_JjDGFIfVwXdMh6gOwih5f6nANqRqNmcD4PKtTXxjv_DwKo-qGUnHhN_yGV8CLjQSBL44ZO0kGwi5bDeY5boalpwwydOB-YhzrpfZdu0yCQsjbW5SR2LEKo9990ptNBAcljUJ8uTGFOjZdlJ1lvRpfgiggi4KmchIXMAXL5L1VowYGW_sHMmEfC6dgFzwedGJoQSolrNMZn9AeotrigLvzb61rWL-EDvhefiDNJY8F6UMxtzULW5AI_cfj7iQPqDazT75nNL93JDgXVepWdYXeijv8HGYXwC11zvQpoYtmcSSaDJuA2CWeAY0I2zzZ4YYfibEKVnOItHFzOY4D42tiYCxdh2dkZJSPxy3z3XcUqAAKf2-hEU6bZ-0Ir-QK5so_2SH35qlMQMMZxzYNmNmH8gF5gCjONiRTdc60hq_e02xHdzwj-sXd6jmHLAyjEVXiCYSIWef5PnRZgn3Giv5niaeBcADHxMbPh1YN6MMpXee77Pf06kzOW6eGhYRF2K7lnVQy48C7pn37aTcXgDJJMAiJNCxik5sgq4BikDLA59I5IPovCLErCL2KhXfe8ENrqAiw-vj9dqz4N5DA3SiKI0p_VBcoPj2FiVERSnbpPhuJb88ox8TwNMq2Av-HBZQ2qil0kM8iLgRwlUGlKeimppD4QWdVKnmxfnMvx7SNDmdXXh6ds1fHAOJCqxKJCx_emKkujYgIHkmM3idHUm-Ls2LUGm0lMGLJLPmKDUC2ABBV7-7XcNr5ZK3N6gQh-lqsJ3iwuaz-l_JvR5DShUoCqjFGe4Ltg6eSrwU0feSzuh8YQuxdx9fc018NBu5I4F5nhpz1AlB1vhu3enYP9Kv9MrBlWRlx_JXpFYLlbwp8AhZtmF3e9PiaYj6TdFn7llq5P4rW31wGXQuYUhMnDuheR_rxsA31Db_L37CtRDrgKuEwYlZijUOQWLJKdgYePQFFsbr41aiAk-A3u_aZtwJKs4lUy_2brvdoqLWExnDK699C1957mz-zegtNGh-2PMGerJwfUcXoDU-082-3GE5wj3l6s9BgqesTQt5stKo90mH0jTD2oIDfmLPmpfeoyV5kvGGFCkKkGviEMB0nDoGrVhmkNJmSOoLysrUyWJI4JEA0Bi2uv5w0WKPz2FN3QmisaC5W-XEbe7M0waZOAIEFZ-mWlj7iWTDI4gLMF52JhJCwbDnS7-JdZLq9IeytXe2FP1SOJluHdaqp8x2TSmwrluT4NBDMfMC_WvCp1YG4zLi0lep7dW88UHvFNAYToaktlHHjfV4wKY4E6sDlws_ocfqy6_PTikPXTGGZl-Bs9MtEisDhevB_owwX-bYb4iDIGFT0xkvgyAAdI7E2D55_6L6WCEJXoRV3omOfPSa6SPepKAKnGNTnXMUlEmPnMG1wFU7gk51eYBR9FMbTymWx5K0EiJRoz-z68Evu7TnX6U8zICanGY51hXH3Gj2qlpKfZ-4KgXOxI4iZ-JicjeZBlB3JjD-vCTt-Ssv1lb0M2rLnNl3i1uhTOEzNfAFyiRQABQ1MiA9NYKYB-qW6jiRqUMbqeY70YBC6CVZpVElIk3t93BrJ-5qfj7RpggEAYSpXhkmt1q8ywD51UVLOjPvR14gz1_RC1o6hdL5EVM2EyEu0-0wfYnwLVRidp51u3WboXFY1CpYxM3QFIA7Qo2SAiEisnmwe-XDNhXv1wLTW1RG6YGBZ5eVBNNPT96oTooIDc3oSBJxPtmYhNrahPuBwUejdG8h1qdtHN_n5B_HBSUZ_6XnHAcZUFvo2dOSh6vK3qHd3Tq0lVBphEd2v45iqbRRTZNqoyJuV-zc6AqOvtcErIRITBXEL92hwCbKTYBGszlBocvEg1ghS0SlzTSmwcaSicccarLDM303vOoseOTwvBXRipu2s3JAiNeRttFS_ZiWQbpgEIUSQ-hfbW3ngRdjvdF4bks4n2hZ8vQpSjq8IgTbzIf0OjAxz5D2xmJSH71nmYSFkZDUtJd2Wf2PIZzgLkbRLQ7rzQ8bEmLTQyx2DMQRLB2KUGPnI8zrk-t0PAiWMzkfZTQjMxbJHIYju_K5AgXbjjq-wSYyj9aokoV9rcaoLb0o-pesOVrhZAdhHcH0mUUwfuZl7ZfbRY6-ZiGk_ElYJOd12zBRF7ZRwWACSGlzj9et4LYFv-BTKiUzhxqmeVHjD1Dnb-fi6vKPSwFQ00Qy4CxFldkSjKqqMJqDMlx5HmY9J3O0WEoYZ_weijL0KXuQineeJgYc-uw4baaLsyZomrXBoHIASwSU66RyUWVdpPCVHYIh0N4HPeFEUNjhVxn2JhqlgiPy7fU7ULSI&pr=13%3AZa80uwAAAAAowmk94gvyWjyyL6VYGIp5SOQJPA&cid=CAQSMgAvHhf_TGGW2Or_djVvr6u4ETjZNWPAtbvJLXZF3VQJEI5uSI-_ygRbpa-qHOeodXfGGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=16293252838205310000&adk=1346165036&idt=115&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66453
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1705495733332172"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 03:38:36 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 1C74
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxlauYDwOEEem4bMMToQb_McyrA06gYn4IokGfvEkRESPADvMWlkHOXdqPd5i5vBOd7yK-zkwB3juK6XeA0IzVQV57x3xRvHBSacZGdD8OoIbVbRAh0N1rmtWugcbFUnPhohwMFW-ZyhwLHg95K9JD6wsBnwWZVck5hG83XZfFScxMZXI&cry=1&dbm_d=AKAmf-CUDsiz1xwDaQ0karHbMoQ_CRjgdG2X2JQ-HJRs-alQGz6TC3o45Wsts0AWvVjoY0f7nLPu7x15HyS7eJI6dRc4aMIXvbRJGAcmDKCp2a43U5qVSDnDoQullFeht5CPSaFO8F9dF_koeF6fTsZTG4hS6nBa8k4aPz6t5DEBx6qxPKvCKZecoqtipPhFrVD3jJPzIuuTPp8GXgo4bHTaTqGHEQTkSJKZ6UAlZ1L8kF2GFu0vb4cFl4Z8kbdSd0VtBYzwlkmsxnEF7g5dqDoQ2tvIXlybTnU8cb-HztyEB4lg_RuQlluxac6KYxvNXVEI-JISw-Mz07Nj6vt34ckuFvP95JD-vXgS1A64yoU_8rLUQQIyjcT4XueYo2iMD5r-KS7YgNhBDPnArQqZZZ1ZWURkzWjEni4JhojCte_gCmpsmEs9nTUQoNEtfUYzK6ZeyFCJbr8TVAxoYFV-08BSRt2rHsZtd9XfDWextApi2OxnX809xXLsBlWc9UpSTiUdd5fLw7u_SVtKXLInbtBS-LoMjSFOlGdVNutQw4ZIYVUq2Gp_fsyTdQzNnD3N5yaD5pew7kiaEcWewJ2f9LtH-X-VQa_amwlXrYuH7buOnLleRCd5k9KM6W4QSTxM8KInVsrhTZtbxUwGCgElIrwMJdtthNy3IlBuy1Bmqs_ZHidfvWlgiWFCBiLtfj-1I2TcUjZ3_obXJEl-7XR0sDLM9U97LAA1wdNOxWPtxsq9-dHwNJdC4JdgxhosgoEvBkU8M79ewqFpoQjziHqh7ef51fkz1O1TzyYyAcoWgbq3SGtFnWCQak-NRdlzQndCshE8htZDD3Pp3i8J0YvkJ6uM04jirUdqlpIIwLLk6TPNQnzY4O6pEkSkw6XAaDkATIT-TO3va8csCISbh7V7wcrJ1vMSbm2FXLE6l-mfd0DDVEtTnA_3p6ujLAgE5koCBoKftQyXujOK7wBAy6atmBM_c--Om40QH6XfzGToC2BVesVcLjnc6wtF2_SyM-9hDCdiUq4qCdXUKdhKaCd6LhZmanAmwdQEyC1v-FW7aMK7uTXf4Bq0MfFruKmjAfsSsT8FYp8FMg_b8ssUVwB8rHRaggAqF2ECHnQ23RSUPxn5NI5Hm7P_c-3OiMvO2k3w1KpgPVtgNwmYne3cvP54RouU0t4_C8wg0EFmnKpfY-sKyPs8LUOOjlSYbEaE1s0GoVFXKErot8xIWQADou-gfjNlVo7FiEwow5grX8hS080LDCg5tfLxyhOHcJGy8J_xjIgQE9O_TJXIhze_XZvla5TbZnzy7v_JjDGFIfVwXdMh6gOwih5f6nANqRqNmcD4PKtTXxjv_DwKo-qGUnHhN_yGV8CLjQSBL44ZO0kGwi5bDeY5boalpwwydOB-YhzrpfZdu0yCQsjbW5SR2LEKo9990ptNBAcljUJ8uTGFOjZdlJ1lvRpfgiggi4KmchIXMAXL5L1VowYGW_sHMmEfC6dgFzwedGJoQSolrNMZn9AeotrigLvzb61rWL-EDvhefiDNJY8F6UMxtzULW5AI_cfj7iQPqDazT75nNL93JDgXVepWdYXeijv8HGYXwC11zvQpoYtmcSSaDJuA2CWeAY0I2zzZ4YYfibEKVnOItHFzOY4D42tiYCxdh2dkZJSPxy3z3XcUqAAKf2-hEU6bZ-0Ir-QK5so_2SH35qlMQMMZxzYNmNmH8gF5gCjONiRTdc60hq_e02xHdzwj-sXd6jmHLAyjEVXiCYSIWef5PnRZgn3Giv5niaeBcADHxMbPh1YN6MMpXee77Pf06kzOW6eGhYRF2K7lnVQy48C7pn37aTcXgDJJMAiJNCxik5sgq4BikDLA59I5IPovCLErCL2KhXfe8ENrqAiw-vj9dqz4N5DA3SiKI0p_VBcoPj2FiVERSnbpPhuJb88ox8TwNMq2Av-HBZQ2qil0kM8iLgRwlUGlKeimppD4QWdVKnmxfnMvx7SNDmdXXh6ds1fHAOJCqxKJCx_emKkujYgIHkmM3idHUm-Ls2LUGm0lMGLJLPmKDUC2ABBV7-7XcNr5ZK3N6gQh-lqsJ3iwuaz-l_JvR5DShUoCqjFGe4Ltg6eSrwU0feSzuh8YQuxdx9fc018NBu5I4F5nhpz1AlB1vhu3enYP9Kv9MrBlWRlx_JXpFYLlbwp8AhZtmF3e9PiaYj6TdFn7llq5P4rW31wGXQuYUhMnDuheR_rxsA31Db_L37CtRDrgKuEwYlZijUOQWLJKdgYePQFFsbr41aiAk-A3u_aZtwJKs4lUy_2brvdoqLWExnDK699C1957mz-zegtNGh-2PMGerJwfUcXoDU-082-3GE5wj3l6s9BgqesTQt5stKo90mH0jTD2oIDfmLPmpfeoyV5kvGGFCkKkGviEMB0nDoGrVhmkNJmSOoLysrUyWJI4JEA0Bi2uv5w0WKPz2FN3QmisaC5W-XEbe7M0waZOAIEFZ-mWlj7iWTDI4gLMF52JhJCwbDnS7-JdZLq9IeytXe2FP1SOJluHdaqp8x2TSmwrluT4NBDMfMC_WvCp1YG4zLi0lep7dW88UHvFNAYToaktlHHjfV4wKY4E6sDlws_ocfqy6_PTikPXTGGZl-Bs9MtEisDhevB_owwX-bYb4iDIGFT0xkvgyAAdI7E2D55_6L6WCEJXoRV3omOfPSa6SPepKAKnGNTnXMUlEmPnMG1wFU7gk51eYBR9FMbTymWx5K0EiJRoz-z68Evu7TnX6U8zICanGY51hXH3Gj2qlpKfZ-4KgXOxI4iZ-JicjeZBlB3JjD-vCTt-Ssv1lb0M2rLnNl3i1uhTOEzNfAFyiRQABQ1MiA9NYKYB-qW6jiRqUMbqeY70YBC6CVZpVElIk3t93BrJ-5qfj7RpggEAYSpXhkmt1q8ywD51UVLOjPvR14gz1_RC1o6hdL5EVM2EyEu0-0wfYnwLVRidp51u3WboXFY1CpYxM3QFIA7Qo2SAiEisnmwe-XDNhXv1wLTW1RG6YGBZ5eVBNNPT96oTooIDc3oSBJxPtmYhNrahPuBwUejdG8h1qdtHN_n5B_HBSUZ_6XnHAcZUFvo2dOSh6vK3qHd3Tq0lVBphEd2v45iqbRRTZNqoyJuV-zc6AqOvtcErIRITBXEL92hwCbKTYBGszlBocvEg1ghS0SlzTSmwcaSicccarLDM303vOoseOTwvBXRipu2s3JAiNeRttFS_ZiWQbpgEIUSQ-hfbW3ngRdjvdF4bks4n2hZ8vQpSjq8IgTbzIf0OjAxz5D2xmJSH71nmYSFkZDUtJd2Wf2PIZzgLkbRLQ7rzQ8bEmLTQyx2DMQRLB2KUGPnI8zrk-t0PAiWMzkfZTQjMxbJHIYju_K5AgXbjjq-wSYyj9aokoV9rcaoLb0o-pesOVrhZAdhHcH0mUUwfuZl7ZfbRY6-ZiGk_ElYJOd12zBRF7ZRwWACSGlzj9et4LYFv-BTKiUzhxqmeVHjD1Dnb-fi6vKPSwFQ00Qy4CxFldkSjKqqMJqDMlx5HmY9J3O0WEoYZ_weijL0KXuQineeJgYc-uw4baaLsyZomrXBoHIASwSU66RyUWVdpPCVHYIh0N4HPeFEUNjhVxn2JhqlgiPy7fU7ULSI&pr=13%3AZa80uwAAAAAowmk94gvyWjyyL6VYGIp5SOQJPA&cid=CAQSMgAvHhf_TGGW2Or_djVvr6u4ETjZNWPAtbvJLXZF3VQJEI5uSI-_ygRbpa-qHOeodXfGGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Ffolkd.com%2F&ds=l&xdt=1&iif=1&cor=16293252838205310000&adk=1346165036&idt=115&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:28:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
522623
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:28:13 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTk4MTExNjM2OTQ5NgogIHNlcnZlcl9pcDogMTQ2NTIzNzQ1CiAgcHJvY2Vzc19pZDogOTkwNzc0Nzk5Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDQzNjI5NjIK...
ad.doubleclick.net/ddm/activity/ Frame 1C74
0
22 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTk4MTExNjM2OTQ5NgogIHNlcnZlcl9pcDogMTQ2NTIzNzQ1CiAgcHJvY2Vzc19pZDogOTkwNzc0Nzk5Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDQzNjI5NjIKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2FkZm9ybS5uZXQiCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogMjkzNTQxNzU3ODYzNjE3MTk2NQpkZWJ1Z19rZXk6IDYzNzU2MTU3MTQyMjg4MzcxNjAKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAxLTIzIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDM2Mjk2MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDI2NzQwMDY1MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzIyNDc2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIwNzA5MTkKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMjE3Nzg3NzQKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWRmb3JtLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2NvbnJhZC5jaCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2R5c29uLmNoIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzU0OTc0NzIwCg
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xbc3881d16fa45c210000000000000000","13":"0x358a6dbb1d547b7c0000000000000000","14":"0xc83bc5d0f57841320000000000000000","15":"0x6b47af8fccf29dce0000000000000000"},"debug_key":"6375615714228837160","debug_reporting":true,"destination":"https://adform.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["4362962"]},"priority":"0","source_event_id":"2935417578636171965"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame FD7A
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65ec22d8d07fa090f45201a8d0b52eb3cfbfc1f5d283f216d33c1b3a59c7ae64

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
849d0139feac4d22-FRA
content-encoding
br
content-type
text/html
date
Tue, 23 Jan 2024 03:38:36 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DMzzgdB6RRx0elWQ5yboYDcdasjWsrJfEvjw%2F8OlguWsRmtWknolYT11AT%2BzY1tNiNWvuh6enZ00SAjdyoi1NqpYNMA88T%2FqCzO%2FjsZhS%2Bf2i2wNEpsvZ%2FOPftWDBvdo9D9z7tEBAGcc6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
preload.jpg
c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/published/5041993/7395980/ Frame E0BD
36 KB
36 KB
Image
General
Full URL
https://c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/published/5041993/7395980/preload.jpg
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
809901696c445170eaaf43cb6be803728a74f342cf2765ae18ca02d50bb6362c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
content-md5
bG2QM61i3jzrIzJ8ljFy5Q==
age
4736248
content-length
36495
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Thu, 14 Sep 2023 10:13:14 GMT
server
cloudflare
etag
"0x8DBB50B3572909B"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
a6b80f92-301e-0056-499a-22243c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
accept-ranges
bytes
cf-ray
849d0139fac09b95-FRA
truncated
/ Frame 4A06
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea84042ca3c1917aaea41eeaa291aaa87c97658dedc8bc62bd0d6f090136da4d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 4A06
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxMv7tcB4jedefu9Mjy5YIyzAP7sjn5tki1Ooqhc4ufwQp9RaVKaRNRYwutU-njbLSGkOeazBYrN4e3a911ziZU2ZeboJ6d39xom_zTlfuJLLk0JGjS9Z6T6VCvYoTrRUvn8DQeCiDntzntbXOObGbMkVg7IBjk0B_ZA3GGgjSyVQJBpmLlFd4xqjSIb5oHdvTYRQcisLy4vVlP1I3qWDoS9cEdcPGDcL0k8bpwYbiSv8g1iYWDtBzMX0Yqxmu5mstdHsBvFsWY6-rfRQlvFxO2o3_gCI9aYloBqBd4NMABF9sabjarz_kepUC4H1xf5ziZiLgz4cZ0kpEuY-l5ahyjjtFYAV_REwIIv8givhPhuRYLn_7fPCx1g&sai=AMfl-YTVcLw0ikWLqYLjb2_4auhno_uL-0Dp0peqKfJJHQjG-T66vqvsOIjb6_ywr3kaclYvzeKHScIRrEfeP-wE0pLuuai9Ri-xZj4HjUSCq83YQDhgeU2cPViTZJZi2bw&sig=Cg0ArKJSzPMPPIFV5xA_EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 23 Jan 2024 03:38:36 GMT
362358.gif
idsync.rlcdn.com/ Frame FE9B
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=c7bb4041-e7e5-4ef9-a286-c7845e42f86c
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=97ac3f38-0990-4f21-8d06-64bd4db1b9e7%3A1705981116.6799757&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D97ac3f38-0990-4f21-8d06-64bd4db...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433832264167376&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D97ac3f38-0990-4f21-8d...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=97ac3f38-0990-4f21-8d06-64bd4db1b9e7%3A1705981116.6799757&_=1705981116.6822796
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjc5N2FjM2YzOC0wOTkwLTRmMjEtOGQwNi02NGJkNGRiMWI5ZTc6MTcwNTk4MTExNi42Nzk5NzU3EAAaDQi96bytBhIFCOgHEABCAEoA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEItnTGkuHtN0xuIXx0cOFbQ&google_cver=1
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEItnTGkuHtN0xuIXx0cOFbQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEItnTGkuHtN0xuIXx0cOFbQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame FE9B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7283273328877549246&expiration=1707190716
43 B
735 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7283273328877549246&expiration=1707190716
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4gMmtt1EJARR3nt46J3vHAgq2JS2RvLJ20DLblQ%2BKo5gmPdfOSrH4R3N%2BzKnfTd%2BrXxRvsUxNkJjeoRvhKnD2OkPfPRVJADaoY8BuZG8ZCxJRxI3z2wNACt8hZdnzsQ1%2FNM4qUIEH73VxA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d013a4ed04d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7283273328877549246&expiration=1707190716
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
r.casalemedia.com/ Frame FE9B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&gdpr=0&gdpr_consent=
43 B
310 B
Image
General
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ofQ91U9hbLzVVJ2wBoouRLxHdaJHGXmWIdYYN8D7bAurjMrPx%2B9sa5yYC8AgH6qERe8uPw34iVDokeNsnlck8YbdC8DuJmQqDjEKXrgQobEdWPmejaIEWT5Inl7K74L7Ule"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d013c6c0ebb71-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rum
dsum-sec.casalemedia.com/ Frame FE9B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3205897004932985690
43 B
730 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3205897004932985690
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8A23i0DhuA1Jb41I8HzVkeG2StcAh0sLdgpUn4tuIUl9h4EIq%2BcZuRXHYY3a0I2hHnvtOL6FbrZO5mmVuAQgN%2FY3kUYGLxyj88%2BsI8gkLIlqajmDAvi6yg58lJYG9antNcWBosQcwjiUnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d013adf2f4d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3205897004932985690
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Za80ux4LORIGoWQwyWak5QAACFIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FE9B
43 B
601 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:a6fa:b563:be0e:7526 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame FE9B
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f34e96997f25fae42w6knu00lrpt3ydq
43 B
735 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f34e96997f25fae42w6knu00lrpt3ydq
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCAnOK0EiJb1foz53HGqRgWOh3vn%2BVfcS0hlgDnO9XWtlUMMN6s8AmOyTLNPh4HHdWnMvhcg56Ip7e%2FXzbhjnfgWW2DKO91ZmWU%2B8nlwL3L9Ew0J%2F2gQ7oGAQVrTVBGAgFDgc%2F1S8uFPiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d01406a2c4d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 23 Jan 2024 03:38:36 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=f34e96997f25fae42w6knu00lrpt3ydq
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
crum
dsum-sec.casalemedia.com/ Frame FE9B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=P924qFnr1Rs7Cs5
43 B
732 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=P924qFnr1Rs7Cs5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOm2uaIWGup4Iej7vqSfUxx4uQh27eQUAp900cQSnr2kGGKs1GukMY%2FjMiMrQ19EnItzp2gfsIITVW7p4MRQsUjAQ5fGyE2ZL7RUQGWsAXK5fPAGH5qS70c057YKfdsBBxSYaSpz%2BGJ%2B3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d013b1f724d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:36 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-799-g9c6cd74#rel-ec2-master i-05a941aeab12055fa@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=P924qFnr1Rs7Cs5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame FE9B
Redirect Chain
  • https://rtb.adentifi.com/CookieIndex
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=188&external_user_id=cuid_e3df6b41-b9a0-11ee-b2f5-1297b61989fd
43 B
736 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=188&external_user_id=cuid_e3df6b41-b9a0-11ee-b2f5-1297b61989fd
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VPK1DTi%2BYTSI0Fi5s11qZ30si4N8V%2BF1tjkM7Dovd3KqrievOIhJSLw7Xl9rpZxRI2kq8wUylC4abnlfS6fIHyaItagplvW4M%2BGyk9Gz12%2BVR0PkNc5H9rkbxosXhQgxn460l%2FHKkD%2BCw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d013aef514d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=188&external_user_id=cuid_e3df6b41-b9a0-11ee-b2f5-1297b61989fd
date
Tue, 23 Jan 2024 03:38:36 GMT
content-type
text/plain
htw-pixel.gif
js-sec.indexww.com/ht/ Frame FE9B
43 B
103 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Za80ux4LORIGoWQwyWak5QAA%262130
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
21
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
849d013a393618ef-FRA
content-length
43
expires
Tue, 23 Jan 2024 07:38:36 GMT
Standard
s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame DEEE
85 KB
36 KB
Script
General
Full URL
https://s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
78825f2c0d076c5ece3f855790f01561ee9f71e52babe220c3931299bd51e6ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
last-modified
Tue, 19 Dec 2023 10:28:27 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 19 Jan 2024 16:52:32 GMT
r62eglto.js
ad4m.at/ Frame DC66
24 KB
10 KB
Other
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Jan 2024 06:20:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
595059
etag
W/"ea6b8b5621410c697cbfca30307bc4ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2O2LQz8NwevLkvS%2FAO1a2PAsoZGKAE1IwKO6POYbHMQGUw86m8WcS2HzOTRxpalXH4WHtHdRDUMlfimOAhOIZG1ac1zLVniBau2yI4XMcrbcDY%2FGYSVO8fSAAxmuhPmT69bNZE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
849d013a0b5b6ae1-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Jan 2024 06:20:57 GMT
cookie-frame.html
ad4m.at/ Frame 8E74
2 KB
1 KB
Document
General
Full URL
https://ad4m.at/cookie-frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
2117721
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status
HIT
cf-ray
849d013a0b5c6ae1-FRA
content-encoding
br
content-language
en
content-type
text/html
date
Tue, 23 Jan 2024 03:38:36 GMT
expires
Wed, 29 Nov 2023 11:19:10 GMT
last-modified
Tue, 28 Nov 2023 11:49:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F21bXqevRgjJbd4p6SPlMD0GNReaErRLtCmlPMf70vN0TmPbP4IywcP%2FWaEBFuatcYRaBfBIAyUd3mQHax7ohWcl04a3oty5%2F7Vdg4EUGf59rUSl1gS%2BBM38TsjDetbJbppFTuY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 6BD4
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHjTn95TgeDd0nauLJmcDsl2RGOByMua5VUeSwLEtuYpgxXSTA2vvxIdtMV6-aqwhxU0_B5Vp3bJ-6Xooh2EHR3CouQMSseQ_D1zWGqTPLKbWSds9X8b1wcbf777vpZdumHpR8_ThngywKMR5NKvFy7e1p2Y0IJ6RfV2CKfKVUOjEuih8cN-HJ9tdzaKBMAWxydXR6kMBAHI9wzXCe_H-hlP3drRQNHkV5HeuCX6x-a44ySxIVF6gqVLt_iEHeu3nKS1dJdvmEGGtblsmGX8L2czatQRxMTnC4UlyZ2YT5PVV6tiRSBvEzJ4azu8vA7ln-_UWSdFKdbLfTJxWoS4Jqn5m16HEz3r6WPBSkXkGIF76UV46v_ds&sai=AMfl-YSxeJ-nVaigbbv_ayZpoR41Sg3pvs2gy1R-di_mUQxTcHA8EV-72ZNz-G8brOInsw4mc5HWBC1XyqvR1w510cVWIpQyh0OcQ3kSbpf6rjUILjfioshGbNaFtlKc9f0&sig=Cg0ArKJSzJu4DjyXXpF2EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
r62eglto.js
ad4m.at/ Frame 1C74
24 KB
10 KB
Other
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 09 Jan 2024 06:20:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
595059
etag
W/"ea6b8b5621410c697cbfca30307bc4ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqlcqBTOUoBn39OjkO3zXcLu4xUm6qWXY8b4d5L5BpHI%2BIg4sbfVRqHmbhAhslBryQ%2FugFOcf%2BSszpWR4X5clR5aT3vL%2FyyiCOZONEugRnif42lGyheC5Mx5hqKgY%2FrZ6YcbEbY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
849d013a1b5f6ae1-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 16 Jan 2024 06:20:57 GMT
cookie-frame.html
ad4m.at/ Frame 4597
2 KB
1 KB
Document
General
Full URL
https://ad4m.at/cookie-frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
2117721
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status
HIT
cf-ray
849d013a1b626ae1-FRA
content-encoding
br
content-language
en
content-type
text/html
date
Tue, 23 Jan 2024 03:38:36 GMT
expires
Wed, 29 Nov 2023 11:19:10 GMT
last-modified
Tue, 28 Nov 2023 11:49:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qLzrAg7kXoNhtmJEGMPgihwxdtwK6GoZO8v46kPXgRmDFPq5%2FXwJ8ohKThsMBfs2MSYC6U6HtKZOQ7UX1MDohh4yAnM16a7gapPd2UEw5LeAL1Z3xwF0M8xUEfhI2qAYZFARcRU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
track.adform.net/adfscript/ Frame 5646
1 KB
1 KB
Script
General
Full URL
https://track.adform.net/adfscript/?bn=67903448;rtbwp=Za80uwAAAACR__XWHMwaqZfgm7iMbV9rgSG1rQ;rtbdata=r_3McO8SekYTxyBNaUqfHIwCND6MZXWa2mR6cWbmUAck2YycTjff3rRSnIS1ONd5zdigAwChWcnjKe-guS5X7JB_CSiecMu3VF31rLo_PT_rUBCvIMmTM_I9jq6yvuQ0yFg1YNsgsVG76FslKcgL6xMwbL2NIc_u3l0ly9sBa3u82WG5C4V_OzZLcBQglqsM1z0UFkcNjzGyXC15ITRgAeslGEgS6KLK8YxBSGWzhUIOdTWiwKb_g9rGlAmoAVco2IfsOfphMFTQ_uTX0raTPqJjdfnOlL1K0
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
513e799b7183f90d8ea7bccbad038fc59c610f82ab7aced911fc538f6b295f60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
905
expires
-1
f00a2bee-e823-41a8-b900-6d4e66fe687f
a1212.casalemedia.com/impression/v2/201336/111/cmnj9esc4oiuh4bjih90/ Frame 5646
43 B
303 B
Image
General
Full URL
https://a1212.casalemedia.com/impression/v2/201336/111/cmnj9esc4oiuh4bjih90/f00a2bee-e823-41a8-b900-6d4e66fe687f?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1705981715&profileIDs=&creativeID=232a58b&pubID=182762&format=banner&channel=site
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.60.143 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:36 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
bootstrap.js
s1.adform.net/stoat/631/s1.adform.net/ Frame 66E3
37 KB
17 KB
Script
General
Full URL
https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=67903448;rtbwp=Za80uwAAAACDgchiK_EiuH7WqgY0wHxhbwk_pg;rtbdata=uQ15ENla1PAuTWs6fRGjRpWb7B1_9tYGM9z7z23GmwFUCvMUhi1CBP2mLURCRhgDzdigAwChWcnjKe-guS5X7JB_CSiecMu3VF31rLo_PT_rUBCvIMmTM_I9jq6yvuQ0yFg1YNsgsVG76FslKcgL6xMwbL2NIc_urPoBPhYJLBJyo15kc15lUTZLcBQglqsM1z0UFkcNjzGyXC15ITRgAeslGEgS6KLK8YxBSGWzhUIOdTWiwKb_g9rGlAmoAVco2IfsOfphMFSPkOudTSbEq6JjdfnOlL1K0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3e172351681175a64b1e409719b4e5275cce06c8620547ce26fe08f6a669198e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
last-modified
Tue, 19 Dec 2023 10:28:27 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 19 Jan 2024 16:52:30 GMT
truncated
/ Frame 6BD4
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
008401efc82c7bdef5df69e06d410e448438c395b9a3d3cc11d53451e4c55383

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 6BD4
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsveuocj8rJSc2-OofzT1AAyWOVcWEPXUCqKlNi6sQgB1ANKSdLJgDNDJ_mb1n31twEFV0R-hef_3Q-r68xb5_xeB4jzHLt7QJx1vvkOQMz3C7ky0d12EYClOMLiyKYaVzg9ee7DtpkK-J929MpzoR2jiTqyKbrRGDOqidQ3j57-P9fbA5fG8UpqNIOCL02QR2AKujbFEXn8_3fQJAl30QOhRDgF2Bh4fEde2oktB79mcg5-h8L1nWx-o9mmEuDYBqkD_ARwAN-w2JRV3fZckMYtvflYj9leaFY8sYCOmvP3L0weLULrJA8O86mtpgX_EtmPQXMatiX6k2Jm16SkxjSaRaBVMN7NwrOnyYiqwPv_WKW8oPabQpAFQQ&sai=AMfl-YRGYyKBheJuTq0Xc_qAmKE5uCoPwLydKmonqnFMve1aUjrGz7KGCysgn5G-p6Bq0bPu5S0_BI7bjuywuGqgjFtnijEcRx0ENYbCTBm9rR4_IEf0PbA83kIQawYcPko&sig=Cg0ArKJSzNR08h-WlwhgEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 23 Jan 2024 03:38:36 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 3F00
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
542668
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 20:54:08 GMT
expires
Wed, 15 Jan 2025 20:54:08 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
52154.gif
idsync.rlcdn.com/ Frame FD7A
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=2ba2ab41-70c6-45d7-8951-9ef87add91a7
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=adae4bee-b6ac-4f71-aa46-78873262dd40%3A1705981116.8671312&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dadae4bee-b6ac-4f71-aa46-7887326...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433832264167376&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dadae4bee-b6ac-4f71-aa...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=adae4bee-b6ac-4f71-aa46-78873262dd40%3A1705981116.8671312&_=1705981116.8688593
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=2380373011570053850
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=2380373011570053850
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
an-x-request-uuid
791408ce-868c-4fb0-9b23-df05e168a03e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=2380373011570053850
x-proxy-origin
149.88.27.82; 149.88.27.82; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame FD7A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7283273328877549246&expiration=1707190716
43 B
733 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7283273328877549246&expiration=1707190716
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oiL23l41IRY9gXi%2FrqNzcriKunWXb87OHjDQULQTS%2FelzyFkQjfP1zXpTkfwDEBRZlNpMGfxug7771mER%2BjAnpRF4gp9zEGYM0zN2onAhCw42cIrVkPbciCHIpYz8UOSauztuoFowyAcEg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d013a8ef14d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7283273328877549246&expiration=1707190716
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame FD7A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3205897004932985690
43 B
735 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3205897004932985690
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufdZYV%2BLlfchIXiC9JV09s34uow7oaWQ6R7SPhiWCmmE8Je%2B3WvZd87hpcy1gb65D7S7JUHT1aQ1pow8IcbTnhwStSNn7G8SM2c3BCiwhqYvC%2BHOAyK%2FHI0BXqV9DOzZhHSDV%2BXM6DoCeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d013adf2d4d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3205897004932985690
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:35 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
r.casalemedia.com/ Frame FD7A
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&gdpr=0&gdpr_consent=
43 B
536 B
Image
General
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Qnok9bU8gXPtnFRUMbzQtT9muVql6QEBtsUTysImLkllbd1HpBYNpqWRjRDMnwPAPHhjJL4Rg%2FllJPxBiaaaY8wg30LJtrxO%2FvF%2FyJjmtoqc3siMUMWHxC8up3e58MIX%2FtX"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d013c6c0fbb71-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
crum
dsum-sec.casalemedia.com/ Frame FD7A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=xHi4vbQT1Rs7Cs5
43 B
733 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=xHi4vbQT1Rs7Cs5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7dlCG8jDDY0sevYVnNedE4JBT%2BlRxeVdjSAWEmU79dKWq3Cu%2Ft1%2FGMNz2YpX3JzJZvBuIji67sF8YCEUybiys0cIR2vl4krVEkgenC70LorswHEmSo7QZzdpn3HkRIuOCj861bCvIME0OA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d013b1f734d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:36 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-799-g9c6cd74#rel-ec2-master i-0d9d3eefff4fcda69@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=xHi4vbQT1Rs7Cs5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame FD7A
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
732 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlBJZgD6QjDWbFXXIq7oIovuMR7vQXmOQ6zu87AZ6AGICbD6lX9pt6vzOIhiD6wfFSwRpcnR%2BQzsaLCulKN7UfqZE6ESvYo5YP24eXimG9ei9rX7QQyJLZRH6hbxqmLEuohjmEWVb8HAJA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d013acf174d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Tue, 23 Jan 2024 03:38:36 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
Za80ux4LORIGoWQwyWak5QAACFIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FD7A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB
43 B
601 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Server
2a05:d018:d29:3605:a6fa:b563:be0e:7526 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB
date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Za80ux4LORIGoWQwyWak5QAACFIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FD7A
43 B
601 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:a6fa:b563:be0e:7526 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
htw-pixel.gif
js-sec.indexww.com/ht/ Frame FD7A
43 B
103 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Za80ux4LORIGoWQwyWak5QAA%262130
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
21
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
849d013a897e18ef-FRA
content-length
43
expires
Tue, 23 Jan 2024 07:38:36 GMT
/
c.bannerflow.net/tr/v2/pixel/ Frame E0BD
0
81 B
Ping
General
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6480988eb614435d92f82800?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2f428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
849d013a5ade9b95-FRA
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
pagead2.googlesyndication.com/bg/ Frame 35A3
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:23:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
522878
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19642
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 02:23:58 GMT
generic
match.adsrvr.org/track/cmf/ Frame 2664
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=2ba2ab41-70c6-45d7-8951-9ef87add91a7
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=8b39ea31-bc9e-4f9a-a0b9-b4858624046f%3A1705981116.9176426&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D8b39ea31-bc9e-4f9a-a0b9-b485862...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5107433832264167376&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D8b39ea31-bc9e-4f9a-a0...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=8b39ea31-bc9e-4f9a-a0b9-b4858624046f%3A1705981116.9176426&_=1705981116.920526
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

date
Tue, 23 Jan 2024 03:38:37 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 2664
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2380373011570053850
43 B
733 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2380373011570053850
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CJ%2FqEGUU3L6TDANDgMNRt5GicFZwqLgXST9DC5zMLv9DS6QVyNSl5PO1eCFKDz4OIrJiA9UIjBN4uUBA83Fr0bnHB4BooxGLbNbE2oAYrmKYqXG4BSO8rDWlAdL8kxEqHXx8OBmEVuViw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d013a8ef24d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
an-x-request-uuid
ebbf7679-9bcb-4a1c-b787-efa8f793fd6f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2380373011570053850
x-proxy-origin
149.88.27.82; 149.88.27.82; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Za80ux4LORIGoWQwyWak5QAACFIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2664
43 B
601 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:a6fa:b563:be0e:7526 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Za80ux4LORIGoWQwyWak5QAACFIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2664
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB
43 B
601 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Server
2a05:d018:d29:3605:a6fa:b563:be0e:7526 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB
date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 2664
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
736 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8As%2FRQcgK5qufrZ%2BHK32DjfZz2I2wRz2It9B7GbSPcpi%2FH8KnmbVPd32oDaacieOBvTdHuvoASbps%2BKHwIO5qVDYBKhv5AbLW1qfwKIAH78JWKintxxciubEZjO92%2FfE9vS%2F4nyOR6xOhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d013aff574d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Tue, 23 Jan 2024 03:38:36 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 2664
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=16455E92FD404CD9B119B145B419BAA5
43 B
736 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=16455E92FD404CD9B119B145B419BAA5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BrbESJJqQTQyyvHguTkvWU4x%2F8R9gR00%2FRsnXmihYISlVdSFFAxS9jLndHpsWevZoXFsefBS1PzrV87c4cC4QxQHpoW0vnPDdjK0ZQhyViB%2F2%2FIXeQ6IdyfK1lYUUz2pp388gJDMze2YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d013acf164d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=16455E92FD404CD9B119B145B419BAA5
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 22 Jan 2024 03:38:36 GMT
crum
dsum-sec.casalemedia.com/ Frame 2664
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4714513488865049119&gdpr=0&gdpr_consent=
43 B
733 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4714513488865049119&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0DjuHIzlJsJCKBf7pWdDTE7%2BVpQaXzq2Z0eZ9mBc03oRNKauIjIhzb1CfASQbT%2F2UtUDGBy0ma8ndAdTDLfwSOsP1ma0XrBkfjF1dD6brnXkho2C7N%2Bhp9nVIx4hz9KH%2BGpb3eECfeh6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d013abf0a4d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=4714513488865049119&gdpr=0&gdpr_consent=
date
Tue, 23 Jan 2024 03:38:36 GMT
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 2664
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAACx07LXmkAABMh1hX3Cw&expiration=1707190716
43 B
739 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAACx07LXmkAABMh1hX3Cw&expiration=1707190716
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0M6CyD6ytjoysF7WVpnUWpwzQYLB6gYDZ9fh6guKNVYovZBaxYfdr%2Br8diB9sgGRMD%2BomSOJM4grQL0gOHUxLc8s9QM8OBmD%2BQ2i%2Fz7%2FgZd9LAwSw17OJ%2F9CxGU4T5I4u%2FUkah8Ldhd4zg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d013adf314d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAACx07LXmkAABMh1hX3Cw&expiration=1707190716
Date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 2664
43 B
103 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Za80ux4LORIGoWQwyWak5QAA%262130
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
21
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
849d013a897f18ef-FRA
content-length
43
expires
Tue, 23 Jan 2024 07:38:36 GMT
/
track.adform.net/adfscript/ Frame 8CA3
1 KB
1 KB
Script
General
Full URL
https://track.adform.net/adfscript/?bn=67903448;rtbwp=Za80uwAAAAB_NCNWeg0yFd50fkoG-zlgTOoyBw;rtbdata=aoEYOKqeTUWKl8W-FYiXKjzq1xabj9JWWMkDonvolOC0woaxAoppjcsH-9DsGuo1zdigAwChWcnjKe-guS5X7JB_CSiecMu3VF31rLo_PT_rUBCvIMmTM_I9jq6yvuQ0yFg1YNsgsVG76FslKcgL6xMwbL2NIc_uS_WqCiCAGBdHAJ5z-CxpsjZLcBQglqsM1z0UFkcNjzGyXC15ITRgAeslGEgS6KLK8YxBSGWzhUIOdTWiwKb_g9rGlAmoAVco2IfsOfphMFTGtluoRAQdE6JjdfnOlL1K0
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6925583b4197682a2f2cdce3e6c2e3c3adc5df5708439bb2970bc016c1660c0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
900
expires
-1
77278691-dc91-434d-be38-0f2b694dd40f
a1186.casalemedia.com/impression/v2/201336/111/cmnj9esnhmeqr9ee8hi0/ Frame 8CA3
43 B
303 B
Image
General
Full URL
https://a1186.casalemedia.com/impression/v2/201336/111/cmnj9esnhmeqr9ee8hi0/77278691-dc91-434d-be38-0f2b694dd40f?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1705981715&profileIDs=&creativeID=232a58b&pubID=182762&format=banner&channel=site
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.170.60.117 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:36 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
bootstrap.js
s1.adform.net/stoat/631/s1.adform.net/ Frame 1CF0
37 KB
17 KB
Script
General
Full URL
https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=67903448;rtbwp=Za80uwAAAADDzcoFjiwRAWidLelxF8g6LGShiQ;rtbdata=mxYYoVJbhlU2reK7I6KyaDQ5xYabtQjVzpnU23oXvUaLMu3CYc99lqMg2JAXXuWqzdigAwChWcnjKe-guS5X7JB_CSiecMu3VF31rLo_PT_rUBCvIMmTM_I9jq6yvuQ0yFg1YNsgsVG76FslKcgL6xMwbL2NIc_uOAIN7GnnLT9HAJ5z-CxpsjZLcBQglqsM1z0UFkcNjzGyXC15ITRgAeslGEgS6KLK8YxBSGWzhUIOdTWiwKb_g9rGlAmoAVco2IfsOfphMFTGtluoRAQdE6JjdfnOlL1K0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3e172351681175a64b1e409719b4e5275cce06c8620547ce26fe08f6a669198e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
last-modified
Tue, 19 Dec 2023 10:28:27 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 19 Jan 2024 16:52:30 GMT
rs
ad4m.at/ Frame 0776
2 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d335d06a5820341727f640aec2d7049d34ef5d38d4d0cf5afac31b4cfb3f3bc

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m51YFNDP2SKgFpkm0m5T2lnrDJCg1kKwgUtQm43EU98pzpP8qy5oGeKuenNWAexQK2kutQdAuyU3hK%2Boj6qvOC7Ukf%2Be5i7342DbCRZKg1cueaBOjYF3jQoRiRzg%2FdqxoJaeR9E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
access-control-allow-credentials
true
cf-ray
849d013aea6e90d6-FRA
x-backend-server
aa-reachservice-group-europe-west1-735z
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
849d013aaa6090d6-FRA
content-length
24
content-type
text/plain
date
Tue, 23 Jan 2024 03:38:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DF8CSHMap%2BG6JUfCaiwFYFmOUOhA4hn44O6E97uQrPlAPX57MWL376JH2SdbFSpl20OiKHd7A4a4N87wzWTF7vYZPoecvs5QCVPnWerNDHTcmQ92Yf91DUin%2FwcicwbWi%2F18gp4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-735z
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame FCC8
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
542668
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 20:54:08 GMT
expires
Wed, 15 Jan 2025 20:54:08 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 9A4D
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
542668
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 20:54:08 GMT
expires
Wed, 15 Jan 2025 20:54:08 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bootstrap.js
s1.adform.net/stoat/631/s1.adform.net/ Frame 5646
37 KB
17 KB
Script
General
Full URL
https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=67903448;rtbwp=Za80uwAAAACR__XWHMwaqZfgm7iMbV9rgSG1rQ;rtbdata=r_3McO8SekYTxyBNaUqfHIwCND6MZXWa2mR6cWbmUAck2YycTjff3rRSnIS1ONd5zdigAwChWcnjKe-guS5X7JB_CSiecMu3VF31rLo_PT_rUBCvIMmTM_I9jq6yvuQ0yFg1YNsgsVG76FslKcgL6xMwbL2NIc_u3l0ly9sBa3u82WG5C4V_OzZLcBQglqsM1z0UFkcNjzGyXC15ITRgAeslGEgS6KLK8YxBSGWzhUIOdTWiwKb_g9rGlAmoAVco2IfsOfphMFTQ_uTX0raTPqJjdfnOlL1K0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3e172351681175a64b1e409719b4e5275cce06c8620547ce26fe08f6a669198e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
last-modified
Tue, 19 Dec 2023 10:28:27 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 19 Jan 2024 16:52:30 GMT
/
track.adform.net/adfserve/ Frame 66E3
5 KB
3 KB
Script
General
Full URL
https://track.adform.net/adfserve/?bn=67903448;rtbwp=Za80uwAAAACDgchiK_EiuH7WqgY0wHxhbwk_pg;rtbdata=uQ15ENla1PAuTWs6fRGjRpWb7B1_9tYGM9z7z23GmwFUCvMUhi1CBP2mLURCRhgDzdigAwChWcnjKe-guS5X7JB_CSiecMu3VF31rLo_PT_rUBCvIMmTM_I9jq6yvuQ0yFg1YNsgsVG76FslKcgL6xMwbL2NIc_urPoBPhYJLBJyo15kc15lUTZLcBQglqsM1z0UFkcNjzGyXC15ITRgAeslGEgS6KLK8YxBSGWzhUIOdTWiwKb_g9rGlAmoAVco2IfsOfphMFSPkOudTSbEq6JjdfnOlL1K0;js=1;adfxid=3x;10953;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ffolkd.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3f9971f161504a3d0a6547d91e1a52e2b48226733f7c31bb4332960b4709fe4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2379
expires
-1
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
849d013b2a8290d6-FRA
content-length
24
content-type
text/plain
date
Tue, 23 Jan 2024 03:38:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtMDZcyEpCx9MkwsJ1JNtkMjEt12IIfTQPaXBMwhZ%2B6e%2BGPZVHNOfb6%2F1FNpipcY0aZhp2ETG%2FBO5v%2BxZ%2B9btnHXp9SAyI0UzZGXV3Hou3dxN439Kk3tDXHJtEsDgTksIV10LAQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-735z
rs
ad4m.at/ Frame AC9E
2 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d811a4bee69c838dc22237884d72d567d31259ee5f61e1846b31b3fdac3f3307

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cY0yIIi0hZygND%2B1evOZvZ%2FG73AdNt%2FUJ0KwZWMHd4qMN8T4Wxo0JSDmt16bKDPIxByrhgbQg40%2B%2BVYWl8g%2ForYOYcznlyS9Y3cqSrEABKodSI1r8saHXPbypvGvUMNwwSQ4LTI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
access-control-allow-credentials
true
cf-ray
849d013b6a9190d6-FRA
x-backend-server
aa-reachservice-group-europe-west1-735z
alt-svc
h3=":443"; ma=86400
/
track.adform.net/csimpr/ Frame DEEE
35 B
626 B
Ping
General
Full URL
https://track.adform.net/csimpr/?bn=67903448&csi=OWpzNrys_78gIzTKwFHhyt_jGzfOT2utyDPhSo9uDc4JDwKV3Zer3AZU1ud_ztNqXOChXPekC1b_ANBw9Wmz-yQf6BfgfukZEBQ5juPi97UDvP-67D9Y4w2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
61781337.png
s1.adform.net/Banners/61781337/ Frame DEEE
72 KB
72 KB
Image
General
Full URL
https://s1.adform.net/Banners/61781337/61781337.png?bv=2
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
fa1e7d9dce7700cb108f1075a3454dd6f99a72e59a5a4c659ed9c245624f4fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
last-modified
Tue, 26 Dec 2023 09:27:27 GMT
server
nginx
x-amz-request-id
tx000003ca1919b34376af0-00658a9e49-3295cc06-default
etag
"8d78d679725bcffd7c593e5c7f99da8c"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
73834
bootstrap.js
s1.adform.net/stoat/631/s1.adform.net/ Frame 8CA3
37 KB
17 KB
Script
General
Full URL
https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=67903448;rtbwp=Za80uwAAAAB_NCNWeg0yFd50fkoG-zlgTOoyBw;rtbdata=aoEYOKqeTUWKl8W-FYiXKjzq1xabj9JWWMkDonvolOC0woaxAoppjcsH-9DsGuo1zdigAwChWcnjKe-guS5X7JB_CSiecMu3VF31rLo_PT_rUBCvIMmTM_I9jq6yvuQ0yFg1YNsgsVG76FslKcgL6xMwbL2NIc_uS_WqCiCAGBdHAJ5z-CxpsjZLcBQglqsM1z0UFkcNjzGyXC15ITRgAeslGEgS6KLK8YxBSGWzhUIOdTWiwKb_g9rGlAmoAVco2IfsOfphMFTGtluoRAQdE6JjdfnOlL1K0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3e172351681175a64b1e409719b4e5275cce06c8620547ce26fe08f6a669198e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
last-modified
Tue, 19 Dec 2023 10:28:27 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 19 Jan 2024 16:52:30 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B1D1
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDbtkwe9NE-KC1o44E99EejUCy6C9k3w7S1gnJIA_cgOSfFExTypkz152AZ1yvrjKB3DhWHQ3Ouk5EIRFpA7WBqGNBjF1FmR3aQnhwhPm1h-ebJE5-dJ6bgiK9ZzH01rOOdrQ67c1IUi4kzVscZglnkvmi&sig=Cg0ArKJSzOHpYmTln4VfEAE&id=lidar2&mcvt=1025&p=979,386,1069,1114&mtos=1025,1025,1025,1025,1025&tos=1025,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3732199864&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705981115329&rpt=266&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfserve/ Frame 1CF0
5 KB
3 KB
Script
General
Full URL
https://track.adform.net/adfserve/?bn=67903448;rtbwp=Za80uwAAAADDzcoFjiwRAWidLelxF8g6LGShiQ;rtbdata=mxYYoVJbhlU2reK7I6KyaDQ5xYabtQjVzpnU23oXvUaLMu3CYc99lqMg2JAXXuWqzdigAwChWcnjKe-guS5X7JB_CSiecMu3VF31rLo_PT_rUBCvIMmTM_I9jq6yvuQ0yFg1YNsgsVG76FslKcgL6xMwbL2NIc_uOAIN7GnnLT9HAJ5z-CxpsjZLcBQglqsM1z0UFkcNjzGyXC15ITRgAeslGEgS6KLK8YxBSGWzhUIOdTWiwKb_g9rGlAmoAVco2IfsOfphMFTGtluoRAQdE6JjdfnOlL1K0;js=1;adfxid=4x;6656;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ffolkd.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7eeb51ffec008a9304a44d6a468bc5a6201e568eee6fc24c0df13556d699c163
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2337
expires
-1
rar
as.ad4m.at/ad/ Frame 2244
11 KB
5 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=335355%2C14235%2C14222&b=K13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=k53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=d5a488d10c4e6a39421ee898ea28c7f0%2F15145983664895032561&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116641&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCWcP4ujSvZY7KLu7EmLAPpbqs4AzE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0GNwD7-JLUWaf2uaDzFdZs64K6bgmKI-VkyfC2IFTX9sxfpL2PDhVbrBPXbsKW6DFpC1tb5fa9bhlEaIlvLI8gP4wE3jt8kiFgddz1P_xm6fVOPGhLGB3ldwGezjPhAuwSoTjG0JjaCfOnStGT3EECkPs8WVh8W_SJ92ScGSKCosRhBu6Y0qPRkmCWEN08CEDzZHpbu-1FwV2o3zE2ImwtFMX8q_vRC6AEtKHTG65YhvCqVeAo9ycKQnSSr3j2TJJMwgyTW5HRQwQdEgz1AyK7R8Gx2udvS6lc80ej7H9c1yMjN8pNzlBICiRErMOPrETS9dlwy7w4Gh3ifN4JuZvb__vQC4gnyamU29chRyisAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliT9tryyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_6L8TZ9aLiR_2VgnSH_FeGxSVGM_csWy0zp8toKysWP-JuLVXi2H2fIqfhXVwGAE%2526sig%253DAOD64_0ZIfhw5Q7BCmyYOLnlniG2E0-fyw%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AmiWUa22pe0pX8-jf_2QI3Ue7QgL3UKLlb9sf4jLr9CZNTuYjWp31z6GLFRRx54-WTJezB6bERqa4ZkVfQVCqrdGaQn4rJDTXyplf4D9v9PorhZEF8EOUQanpQ_q_jZlOBmdMhRPZ52llqxlz_FJoXJyt4bxeT042TQzyGbYcsPZqXZtA%2526cry%253D1%2526dbm_d%253DAKAmf-CAYfc7h0zZowfD3RQlkszqIy1z6lkgQWT0ErlXAcrCG_CzaifbtLDK_GgTotni_04ZrGFEZMBN4dxFN4lwf9PGLBkXUE-d1l5Kdwh-FTGzjMJQpNjGw-CbnWzeuzZ2G9UrjexsXuLEEyrfo9yd116-4HIKRXYhAQyeqi_KvJ19JOPNWf4ELrHLXaOGWTNmlB5vl71h6Br5aASgr1VrhMzDqzTDT5ad5BdyzION218dwByBf9JE0LFB4Tbxb1mblqJl-MoCS92uT1XGNveYdGJN0WfPc6PgIpyTUYyv7hVaH9L81K5a1LVWsMAioNt2eHrNhMcIRspP9jAOzMItJa6MRbmSsTJ5psooN9B5lvZ9TqeyqMQQ3DhdlR5sRWqvkYn_7FiLv661vw-GfNtAa27BX64e61l8FxTjtERHv7dCvMsbR0bGiSkwTAi2chFe-49lA3uxIcYeXAJQl5R90yxyM4c2227He78w3-ZxUaM_-ig9WJSJKTA-yRRmkoy69sllAo8lgW0tmu4YXpGde4aDR1_lBw%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5dcac6d3c08f40d01e85fdd30081a0e9f40c7e83700075d6d36d0be4721cbd
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
849d013b6c0a1d8c-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:36 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 3F00
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 10:08:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
63004
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 10:08:32 GMT
/
track.adform.net/adfserve/ Frame 5646
5 KB
3 KB
Script
General
Full URL
https://track.adform.net/adfserve/?bn=67903448;rtbwp=Za80uwAAAACR__XWHMwaqZfgm7iMbV9rgSG1rQ;rtbdata=r_3McO8SekYTxyBNaUqfHIwCND6MZXWa2mR6cWbmUAck2YycTjff3rRSnIS1ONd5zdigAwChWcnjKe-guS5X7JB_CSiecMu3VF31rLo_PT_rUBCvIMmTM_I9jq6yvuQ0yFg1YNsgsVG76FslKcgL6xMwbL2NIc_u3l0ly9sBa3u82WG5C4V_OzZLcBQglqsM1z0UFkcNjzGyXC15ITRgAeslGEgS6KLK8YxBSGWzhUIOdTWiwKb_g9rGlAmoAVco2IfsOfphMFTQ_uTX0raTPqJjdfnOlL1K0;js=1;adfxid=5x;10199;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ffolkd.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
01d68db95b6eb39e176a461c6af054e453a59935fc718662474d35dd4f7b4c3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2380
expires
-1
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame FCC8
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 10:08:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
63004
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 10:08:32 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 0E81
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a1e338ff2896e7604147f12cbe9a9e2d647b37d0da255dd605da5d29a255096

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
849d013b8fc74d22-FRA
content-encoding
br
content-type
text/html
date
Tue, 23 Jan 2024 03:38:36 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpiHCwllYuId4Jg32p9lj47B3BC8GFZkSpJOdmJZCNtIUiVGTj6aYZkJdLDWJ9NWNSJ3LIStJRw%2B0lDR9KtcGW5Uh7wGRCvNmpYY%2FyCahM6KWPr8LMYkNT9bvS%2FPg4pvCyyKi512NPe4dQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 9A4D
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 10:08:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
63004
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 10:08:32 GMT
/
track.adform.net/jsmetrics/ Frame 1CF0
43 B
208 B
Image
General
Full URL
https://track.adform.net/jsmetrics/?sid=756&rid=10188&cid=1737&adfserve=53&asset=48&deviceType=Desktop
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 28 Jul 2023 11:03:52 GMT
server
nginx
etag
"64c3a098-2b"
content-type
image/gif
accept-ranges
bytes
content-length
43
usermatch
ssum-sec.casalemedia.com/ Frame CA5C
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cee2e898c68b9c4bf7d3cc782ec02e0ca93a9c0ea0183cbd3132c9378799d106

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
849d013b9fd24d22-FRA
content-encoding
br
content-type
text/html
date
Tue, 23 Jan 2024 03:38:36 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRWmEY%2FFVXazigk3po2FK5S%2BjdYm0R3G5khF8TZsQTwIU1hKGog92MVHHkRXqD2jP4DMSRwZ4fUQ83hpwJpCFhnNZRP9xR0g%2FQEk0bMxjR91qV6nRwR5wK4FD4CNU9gCeKIVF3u7n3oRLg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
849d013baaa190d6-FRA
content-length
24
content-type
text/plain
date
Tue, 23 Jan 2024 03:38:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxK8jW0qmJDYXXzHpRbJtXHrKqyyZ%2BLO9JJq8FA5SxeISo8DRxa4PEDikUZKjFkAq3X3Y2J2%2BAYTCV3Q8km45uxgL%2BayH%2F%2BNtAqYH5b%2FZB4AuWrDmVDQOJHy3ld%2BbZY%2BpUcaavM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-735z
rs
ad4m.at/ Frame C20C
2 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00d61b3bfe958bd15f3182f3037adff7f6febb34644b037a706e78dcbb4c5b55

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XuPe1wOEBjPsnPJjMfzVFJ1F8KaZS5UYEsye969vkNGkvAZBEXArDnamXSD59sEUNQPLZjuNMG%2FyJObuqDmjnhk0XQRj6GSEWU3k1bGawegq5eyRRRVhUJzlEgOhGAwIgOj0TLQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
access-control-allow-credentials
true
cf-ray
849d013bdaae90d6-FRA
x-backend-server
aa-reachservice-group-europe-west1-735z
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame DC66
2 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e18b9a52e6778a39cd6e0ed7563964abf5a8bc1b948c9f1ee00589ec94ed7d7

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9WGNjRIosLhZc%2Bb7YkZv85bUT4K%2BofE4gxucjpbQFMz4upnbY9pjELNJsbiChp38m0arhqlrFkh4oYMVdolml3Do9MBVSRy6mCDspXSdMvlGLCBiHJwG%2BPpFV%2B4XibrAcaVTbc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
access-control-allow-credentials
true
cf-ray
849d013bfab990d6-FRA
x-backend-server
aa-reachservice-group-europe-west1-735z
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
849d013bbaa490d6-FRA
content-length
24
content-type
text/plain
date
Tue, 23 Jan 2024 03:38:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvXgwY3hRhA%2B1VE6ExKOT4Hl%2BuedQQY2Grnxt05lfj%2Bb3hFVHmD82MmnxPS9B77csK1Bi%2Fdiyo9ecnP4qZQUVx3AskFRRSKUjDbw7z1L0Twq4b2OKf%2FI3LUS5S%2Bw7V5zCXujX4E%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-735z
rs
ad4m.at/ Frame 1C74
2 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b58459ade0868e6cc1e4c0990207833886e3fe2da8b48d4c8733b6f4263bdd0

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zafYkKJquGJyH9QQjLt5uaf55YtapRpBW35TaIyH7swP9mZSjBT6hfChg8E2Geta60St5efG2H5m9wU8cC7mKIpkKENVJhticLkCmc30D7r5yt5FLzu7qE3G0agticQ8ILGn%2BEc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
access-control-allow-credentials
true
cf-ray
849d013c0abc90d6-FRA
x-backend-server
aa-reachservice-group-europe-west1-735z
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
849d013bcaa790d6-FRA
content-length
24
content-type
text/plain
date
Tue, 23 Jan 2024 03:38:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCjOMN5yEFEIMFBRGQgIuyBNNyoHJ%2FWLD5IBpuPDWZa1UPhKx3TcsSDA1rEGZ2g8PZbBybfoQbRUYhKl1fPVMMpv1ZRAoqYn%2BVIbNQyis9aDxO01v9WzVK4tCTmRmX%2BpG%2BmsLD0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-735z
rar
as.ad4m.at/ad/ Frame AD22
11 KB
5 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=329291%2C14235%2C14222&b=Rx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=Qx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=aeb4625d8e949c8bf939b1f10179afd9%2F6652841475753835086&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116721&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC4e2mujSvZcerL56CmLAPitmIyAXE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0H--Mi-Gt7y4TL2OSo8j9-KkOjKySShJTOvhxFKvoGXDT7p0MeSGFbhl-P851SVR6vbIjSv6o4bv9cQwaarkB4rY_3we6CXPJIutGRA50s3aFsBJLxMz2QvcWNgTtfmDvmuEYfqdCkdzBN0xJaAanaFbDyICc97nFAKFLqbeqLynhwZUgcQsecbJDl_5Yhp1vxLP77XXWAoKKHtFUHHPfLMf1DqSY5K46SdAXumTxHIsVyOY9kBzVCRdqykpVEuhuXIEXMcqkVNf9M3K-sJPT8ZyRGMsMWCB2ZoR2EgwjjziKlYiJ4QSTDZQ_fUAzHIsdrS9khdVJS3r_szpos__N6pEtxgZl7PkpLcc32xZ_MAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljb2NvyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_67iS8AYdOINZx2XjgZW3fx7i21BL10VqHUBQbeWYuav5q_ZNoTZuvct2FQa6GAE%2526sig%253DAOD64_1byzuNCY8U2XTHyTHjB4VrV0z05A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-C2x_jqEcCzVEGCY2YfsIZc0yGEH77Owtsg_9ld_XmsznhFhrlGw6meB9OLpB2vc-1meTYHDydHxWgBcyyLc1_zLW05Vddf34LIyiua1Ka4BI2En_SG_n7ZP7cMyOb2IBpVciiypwQfuQpZzJ4LYzex5sEDw1H7fnhfsYOUoxAGoxD-Jq0%2526cry%253D1%2526dbm_d%253DAKAmf-AHoQoC9QXH9qqMbpmrNWeLxT1ZMQ2jC9ugDsQ-sjpL-KrC8-uSKJmlM2gHc_hZQcaYmlVbXWMyzXpw1T0Ia0RtzN5XQJXca-ixJzInGOQqMpW7we6r6ZMjwJmObjDaPz_agQrNct8t-5T4iGJTUiFJE22ASeOlFBuyswA7ftvz7E6fK_NwgqzovroVUzSxvghXx76Wc36L2iI7g2swnnxPWMTR73_emYnUGWXIxHCnwaENOXU_4ACdjIX21BTxRrxHgs6rSM-Q_F-fzgQvY6E1zlcQwWt8Ro9Tm6yOPtp4OdYy4mOF3-8-OsiOG8fKWhpt3ak00UcBG3SO8qruWH0_3WJQaNxUxNi-3UOsZjdHkufKGspSHtnyLc-SIdJ_FABykNdLBAC5za4tRErPhYPWCdabs6jEmIZ1I7iaKOnmlYvF9mTLSjbgZ6AFJ6fXvncyXRieHQf1ydk260RvyH2_ehXKGfxYa67PZVudCn46oPrr20wJQmY9rfHKZjU5eko9Dnx29u4K34BJnidunzexW5zwVQ%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b81d898e5d53f02ebdc999358ce2272b4ec0c4bb45039f2cf1ce73dee139a47
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
849d013bcc3c6ae1-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:36 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 2244
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=335355%2C14235%2C14222&b=K13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=k53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=d5a488d10c4e6a39421ee898ea28c7f0%2F15145983664895032561&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116641&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCWcP4ujSvZY7KLu7EmLAPpbqs4AzE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0GNwD7-JLUWaf2uaDzFdZs64K6bgmKI-VkyfC2IFTX9sxfpL2PDhVbrBPXbsKW6DFpC1tb5fa9bhlEaIlvLI8gP4wE3jt8kiFgddz1P_xm6fVOPGhLGB3ldwGezjPhAuwSoTjG0JjaCfOnStGT3EECkPs8WVh8W_SJ92ScGSKCosRhBu6Y0qPRkmCWEN08CEDzZHpbu-1FwV2o3zE2ImwtFMX8q_vRC6AEtKHTG65YhvCqVeAo9ycKQnSSr3j2TJJMwgyTW5HRQwQdEgz1AyK7R8Gx2udvS6lc80ej7H9c1yMjN8pNzlBICiRErMOPrETS9dlwy7w4Gh3ifN4JuZvb__vQC4gnyamU29chRyisAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliT9tryyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_6L8TZ9aLiR_2VgnSH_FeGxSVGM_csWy0zp8toKysWP-JuLVXi2H2fIqfhXVwGAE%2526sig%253DAOD64_0ZIfhw5Q7BCmyYOLnlniG2E0-fyw%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AmiWUa22pe0pX8-jf_2QI3Ue7QgL3UKLlb9sf4jLr9CZNTuYjWp31z6GLFRRx54-WTJezB6bERqa4ZkVfQVCqrdGaQn4rJDTXyplf4D9v9PorhZEF8EOUQanpQ_q_jZlOBmdMhRPZ52llqxlz_FJoXJyt4bxeT042TQzyGbYcsPZqXZtA%2526cry%253D1%2526dbm_d%253DAKAmf-CAYfc7h0zZowfD3RQlkszqIy1z6lkgQWT0ErlXAcrCG_CzaifbtLDK_GgTotni_04ZrGFEZMBN4dxFN4lwf9PGLBkXUE-d1l5Kdwh-FTGzjMJQpNjGw-CbnWzeuzZ2G9UrjexsXuLEEyrfo9yd116-4HIKRXYhAQyeqi_KvJ19JOPNWf4ELrHLXaOGWTNmlB5vl71h6Br5aASgr1VrhMzDqzTDT5ad5BdyzION218dwByBf9JE0LFB4Tbxb1mblqJl-MoCS92uT1XGNveYdGJN0WfPc6PgIpyTUYyv7hVaH9L81K5a1LVWsMAioNt2eHrNhMcIRspP9jAOzMItJa6MRbmSsTJ5psooN9B5lvZ9TqeyqMQQ3DhdlR5sRWqvkYn_7FiLv661vw-GfNtAa27BX64e61l8FxTjtERHv7dCvMsbR0bGiSkwTAi2chFe-49lA3uxIcYeXAJQl5R90yxyM4c2227He78w3-ZxUaM_-ig9WJSJKTA-yRRmkoy69sllAo8lgW0tmu4YXpGde4aDR1_lBw%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=335355%2C14235%2C14222&b=K13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=k53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=d5a488d10c4e6a39421ee898ea28c7f0%2F15145983664895032561&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116641&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCWcP4ujSvZY7KLu7EmLAPpbqs4AzE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0GNwD7-JLUWaf2uaDzFdZs64K6bgmKI-VkyfC2IFTX9sxfpL2PDhVbrBPXbsKW6DFpC1tb5fa9bhlEaIlvLI8gP4wE3jt8kiFgddz1P_xm6fVOPGhLGB3ldwGezjPhAuwSoTjG0JjaCfOnStGT3EECkPs8WVh8W_SJ92ScGSKCosRhBu6Y0qPRkmCWEN08CEDzZHpbu-1FwV2o3zE2ImwtFMX8q_vRC6AEtKHTG65YhvCqVeAo9ycKQnSSr3j2TJJMwgyTW5HRQwQdEgz1AyK7R8Gx2udvS6lc80ej7H9c1yMjN8pNzlBICiRErMOPrETS9dlwy7w4Gh3ifN4JuZvb__vQC4gnyamU29chRyisAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliT9tryyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_6L8TZ9aLiR_2VgnSH_FeGxSVGM_csWy0zp8toKysWP-JuLVXi2H2fIqfhXVwGAE%2526sig%253DAOD64_0ZIfhw5Q7BCmyYOLnlniG2E0-fyw%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AmiWUa22pe0pX8-jf_2QI3Ue7QgL3UKLlb9sf4jLr9CZNTuYjWp31z6GLFRRx54-WTJezB6bERqa4ZkVfQVCqrdGaQn4rJDTXyplf4D9v9PorhZEF8EOUQanpQ_q_jZlOBmdMhRPZ52llqxlz_FJoXJyt4bxeT042TQzyGbYcsPZqXZtA%2526cry%253D1%2526dbm_d%253DAKAmf-CAYfc7h0zZowfD3RQlkszqIy1z6lkgQWT0ErlXAcrCG_CzaifbtLDK_GgTotni_04ZrGFEZMBN4dxFN4lwf9PGLBkXUE-d1l5Kdwh-FTGzjMJQpNjGw-CbnWzeuzZ2G9UrjexsXuLEEyrfo9yd116-4HIKRXYhAQyeqi_KvJ19JOPNWf4ELrHLXaOGWTNmlB5vl71h6Br5aASgr1VrhMzDqzTDT5ad5BdyzION218dwByBf9JE0LFB4Tbxb1mblqJl-MoCS92uT1XGNveYdGJN0WfPc6PgIpyTUYyv7hVaH9L81K5a1LVWsMAioNt2eHrNhMcIRspP9jAOzMItJa6MRbmSsTJ5psooN9B5lvZ9TqeyqMQQ3DhdlR5sRWqvkYn_7FiLv661vw-GfNtAa27BX64e61l8FxTjtERHv7dCvMsbR0bGiSkwTAi2chFe-49lA3uxIcYeXAJQl5R90yxyM4c2227He78w3-ZxUaM_-ig9WJSJKTA-yRRmkoy69sllAo8lgW0tmu4YXpGde4aDR1_lBw%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
600876
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xk82ybI%2FxwYkfJLgqAZom6zVYgc8OD9DZG0MgeKSezoUBpFiScRLJg5lhI5WMKpgOM0KMHo1HVkwsslX8x%2F6ii%2FNkKAdxF7qs39fi9%2F1Qgiz1sQCL%2B7rIQamXXHAg%2FB3h60PHAs8sNk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
849d013bcc456ae1-FRA
expires
Wed, 24 Jan 2024 03:38:36 GMT
EB6BF7C773C54C26856A0D8D7150B655B849D79C22453DC6A7B8FCE10BEDF4DA40FCA40DC7B01242E990F461A5818963443B7F0C188F7F80310E7C2E8D80CF8F
assets.ad4m.at/logo/ Frame 2244
30 KB
31 KB
Image
General
Full URL
https://assets.ad4m.at/logo/EB6BF7C773C54C26856A0D8D7150B655B849D79C22453DC6A7B8FCE10BEDF4DA40FCA40DC7B01242E990F461A5818963443B7F0C188F7F80310E7C2E8D80CF8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=335355%2C14235%2C14222&b=K13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=k53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=d5a488d10c4e6a39421ee898ea28c7f0%2F15145983664895032561&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116641&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCWcP4ujSvZY7KLu7EmLAPpbqs4AzE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0GNwD7-JLUWaf2uaDzFdZs64K6bgmKI-VkyfC2IFTX9sxfpL2PDhVbrBPXbsKW6DFpC1tb5fa9bhlEaIlvLI8gP4wE3jt8kiFgddz1P_xm6fVOPGhLGB3ldwGezjPhAuwSoTjG0JjaCfOnStGT3EECkPs8WVh8W_SJ92ScGSKCosRhBu6Y0qPRkmCWEN08CEDzZHpbu-1FwV2o3zE2ImwtFMX8q_vRC6AEtKHTG65YhvCqVeAo9ycKQnSSr3j2TJJMwgyTW5HRQwQdEgz1AyK7R8Gx2udvS6lc80ej7H9c1yMjN8pNzlBICiRErMOPrETS9dlwy7w4Gh3ifN4JuZvb__vQC4gnyamU29chRyisAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliT9tryyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_6L8TZ9aLiR_2VgnSH_FeGxSVGM_csWy0zp8toKysWP-JuLVXi2H2fIqfhXVwGAE%2526sig%253DAOD64_0ZIfhw5Q7BCmyYOLnlniG2E0-fyw%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AmiWUa22pe0pX8-jf_2QI3Ue7QgL3UKLlb9sf4jLr9CZNTuYjWp31z6GLFRRx54-WTJezB6bERqa4ZkVfQVCqrdGaQn4rJDTXyplf4D9v9PorhZEF8EOUQanpQ_q_jZlOBmdMhRPZ52llqxlz_FJoXJyt4bxeT042TQzyGbYcsPZqXZtA%2526cry%253D1%2526dbm_d%253DAKAmf-CAYfc7h0zZowfD3RQlkszqIy1z6lkgQWT0ErlXAcrCG_CzaifbtLDK_GgTotni_04ZrGFEZMBN4dxFN4lwf9PGLBkXUE-d1l5Kdwh-FTGzjMJQpNjGw-CbnWzeuzZ2G9UrjexsXuLEEyrfo9yd116-4HIKRXYhAQyeqi_KvJ19JOPNWf4ELrHLXaOGWTNmlB5vl71h6Br5aASgr1VrhMzDqzTDT5ad5BdyzION218dwByBf9JE0LFB4Tbxb1mblqJl-MoCS92uT1XGNveYdGJN0WfPc6PgIpyTUYyv7hVaH9L81K5a1LVWsMAioNt2eHrNhMcIRspP9jAOzMItJa6MRbmSsTJ5psooN9B5lvZ9TqeyqMQQ3DhdlR5sRWqvkYn_7FiLv661vw-GfNtAa27BX64e61l8FxTjtERHv7dCvMsbR0bGiSkwTAi2chFe-49lA3uxIcYeXAJQl5R90yxyM4c2227He78w3-ZxUaM_-ig9WJSJKTA-yRRmkoy69sllAo8lgW0tmu4YXpGde4aDR1_lBw%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe555be78efec6fde29edd9b0169e3a7c0c4e61187fd2584f5d9a4719ab738f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
290815
cf-polished
origFmt=png, origSize=57632
alt-svc
h3=":443"; ma=86400
content-length
30756
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 15:39:06 GMT
server
cloudflare
etag
"de40c3e9eed9e7f2fbbae8f194b696fe"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SB%2FrW6J8BJIRLX6xT8lEmPxg5fy7BbNR1pSJLNOP9p5kNL09yDZQF2PlNREebUMZTp8E%2B%2BdXVEVFIFNeyry2dGtunfLf6%2FInIqzIDvLXpQ8jv%2BjjTOXCUZhgpcFw0rZ%2BdQv4R7nSMCxSsRrf"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d013bdc3f1d8c-FRA
E0C746761B7DC7E3BA487D106C1D2FC645D98475D51517C42CA698519B7A57D83E2F57311E25543FF01E9C80692C01809FCF89ECC9A1A73473700F70CBFD91B6
assets.ad4m.at/ Frame 2244
31 KB
31 KB
Image
General
Full URL
https://assets.ad4m.at/E0C746761B7DC7E3BA487D106C1D2FC645D98475D51517C42CA698519B7A57D83E2F57311E25543FF01E9C80692C01809FCF89ECC9A1A73473700F70CBFD91B6
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=335355%2C14235%2C14222&b=K13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=k53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=d5a488d10c4e6a39421ee898ea28c7f0%2F15145983664895032561&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116641&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCWcP4ujSvZY7KLu7EmLAPpbqs4AzE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0GNwD7-JLUWaf2uaDzFdZs64K6bgmKI-VkyfC2IFTX9sxfpL2PDhVbrBPXbsKW6DFpC1tb5fa9bhlEaIlvLI8gP4wE3jt8kiFgddz1P_xm6fVOPGhLGB3ldwGezjPhAuwSoTjG0JjaCfOnStGT3EECkPs8WVh8W_SJ92ScGSKCosRhBu6Y0qPRkmCWEN08CEDzZHpbu-1FwV2o3zE2ImwtFMX8q_vRC6AEtKHTG65YhvCqVeAo9ycKQnSSr3j2TJJMwgyTW5HRQwQdEgz1AyK7R8Gx2udvS6lc80ej7H9c1yMjN8pNzlBICiRErMOPrETS9dlwy7w4Gh3ifN4JuZvb__vQC4gnyamU29chRyisAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliT9tryyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_6L8TZ9aLiR_2VgnSH_FeGxSVGM_csWy0zp8toKysWP-JuLVXi2H2fIqfhXVwGAE%2526sig%253DAOD64_0ZIfhw5Q7BCmyYOLnlniG2E0-fyw%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AmiWUa22pe0pX8-jf_2QI3Ue7QgL3UKLlb9sf4jLr9CZNTuYjWp31z6GLFRRx54-WTJezB6bERqa4ZkVfQVCqrdGaQn4rJDTXyplf4D9v9PorhZEF8EOUQanpQ_q_jZlOBmdMhRPZ52llqxlz_FJoXJyt4bxeT042TQzyGbYcsPZqXZtA%2526cry%253D1%2526dbm_d%253DAKAmf-CAYfc7h0zZowfD3RQlkszqIy1z6lkgQWT0ErlXAcrCG_CzaifbtLDK_GgTotni_04ZrGFEZMBN4dxFN4lwf9PGLBkXUE-d1l5Kdwh-FTGzjMJQpNjGw-CbnWzeuzZ2G9UrjexsXuLEEyrfo9yd116-4HIKRXYhAQyeqi_KvJ19JOPNWf4ELrHLXaOGWTNmlB5vl71h6Br5aASgr1VrhMzDqzTDT5ad5BdyzION218dwByBf9JE0LFB4Tbxb1mblqJl-MoCS92uT1XGNveYdGJN0WfPc6PgIpyTUYyv7hVaH9L81K5a1LVWsMAioNt2eHrNhMcIRspP9jAOzMItJa6MRbmSsTJ5psooN9B5lvZ9TqeyqMQQ3DhdlR5sRWqvkYn_7FiLv661vw-GfNtAa27BX64e61l8FxTjtERHv7dCvMsbR0bGiSkwTAi2chFe-49lA3uxIcYeXAJQl5R90yxyM4c2227He78w3-ZxUaM_-ig9WJSJKTA-yRRmkoy69sllAo8lgW0tmu4YXpGde4aDR1_lBw%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
234edb3bf857c597c4edcdca7704e732960747b3acf2e84303113b596f459568

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
286372
cf-polished
qual=85, origFmt=jpeg, origSize=82844
alt-svc
h3=":443"; ma=86400
content-length
31242
cf-bgj
imgq:85,h2pri
last-modified
Tue, 28 Nov 2023 08:00:09 GMT
server
cloudflare
etag
"3a311f3435cafd308bd9cfa8ea57e9a5"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKgapZd6OZryYvndWBCfRdTGJeAHTh4rOL%2Fe0XqeXiVx5qczFPqY3UTZEDAi5PKWbuAKdSWOBZRjJ7WLmTUxWeDcGLMcrWzCBECw%2FBtoNMPZOVwKXKnLZy%2Fs9nJk7dxjc8GMvXmxT6NZWYcK"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d013bdc3e1d8c-FRA
449f5b35d42da36109fb9c0488f8191a
min.tryiqos.ch/trck/ehtml/ Frame 2244
452 B
1 KB
Script
General
Full URL
https://min.tryiqos.ch/trck/ehtml/449f5b35d42da36109fb9c0488f8191a?tp=onetag&subid=oneidK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaqoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=335355%2C14235%2C14222&b=K13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=k53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=d5a488d10c4e6a39421ee898ea28c7f0%2F15145983664895032561&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116641&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCWcP4ujSvZY7KLu7EmLAPpbqs4AzE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0GNwD7-JLUWaf2uaDzFdZs64K6bgmKI-VkyfC2IFTX9sxfpL2PDhVbrBPXbsKW6DFpC1tb5fa9bhlEaIlvLI8gP4wE3jt8kiFgddz1P_xm6fVOPGhLGB3ldwGezjPhAuwSoTjG0JjaCfOnStGT3EECkPs8WVh8W_SJ92ScGSKCosRhBu6Y0qPRkmCWEN08CEDzZHpbu-1FwV2o3zE2ImwtFMX8q_vRC6AEtKHTG65YhvCqVeAo9ycKQnSSr3j2TJJMwgyTW5HRQwQdEgz1AyK7R8Gx2udvS6lc80ej7H9c1yMjN8pNzlBICiRErMOPrETS9dlwy7w4Gh3ifN4JuZvb__vQC4gnyamU29chRyisAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliT9tryyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_6L8TZ9aLiR_2VgnSH_FeGxSVGM_csWy0zp8toKysWP-JuLVXi2H2fIqfhXVwGAE%2526sig%253DAOD64_0ZIfhw5Q7BCmyYOLnlniG2E0-fyw%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AmiWUa22pe0pX8-jf_2QI3Ue7QgL3UKLlb9sf4jLr9CZNTuYjWp31z6GLFRRx54-WTJezB6bERqa4ZkVfQVCqrdGaQn4rJDTXyplf4D9v9PorhZEF8EOUQanpQ_q_jZlOBmdMhRPZ52llqxlz_FJoXJyt4bxeT042TQzyGbYcsPZqXZtA%2526cry%253D1%2526dbm_d%253DAKAmf-CAYfc7h0zZowfD3RQlkszqIy1z6lkgQWT0ErlXAcrCG_CzaifbtLDK_GgTotni_04ZrGFEZMBN4dxFN4lwf9PGLBkXUE-d1l5Kdwh-FTGzjMJQpNjGw-CbnWzeuzZ2G9UrjexsXuLEEyrfo9yd116-4HIKRXYhAQyeqi_KvJ19JOPNWf4ELrHLXaOGWTNmlB5vl71h6Br5aASgr1VrhMzDqzTDT5ad5BdyzION218dwByBf9JE0LFB4Tbxb1mblqJl-MoCS92uT1XGNveYdGJN0WfPc6PgIpyTUYyv7hVaH9L81K5a1LVWsMAioNt2eHrNhMcIRspP9jAOzMItJa6MRbmSsTJ5psooN9B5lvZ9TqeyqMQQ3DhdlR5sRWqvkYn_7FiLv661vw-GfNtAa27BX64e61l8FxTjtERHv7dCvMsbR0bGiSkwTAi2chFe-49lA3uxIcYeXAJQl5R90yxyM4c2227He78w3-ZxUaM_-ig9WJSJKTA-yRRmkoy69sllAo8lgW0tmu4YXpGde4aDR1_lBw%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.143.112 Montpellier, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
3aff96e293a065aed096fb648d773a6c0563629b3bd6c2692b89cf92e6aede71

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
attribution-reporting-register-source
{"source_event_id":"2500500030418192","destination":"https://mediaintelligence.de/","expiry":5184000,"filter_data":{}}
server
nginx
x-iplb-request-id
95581B52:8650_93878F70:01BB_65AF34BC_7D31A9:7C81
x-iplb-instance
53554
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
x-min-lb
n1, n2
keep-alive
timeout=20
content-length
452
E66F448D03A5F72C711DC8E2E8952B65912637DCC211F26B8C1A1BB8D8C4A802AA5B75A58E27D636DE17E5F9E2A0D14235C96AC08AF3091E1CEC9D103DA80D74
assets.ad4m.at/logo/ Frame 2244
16 KB
17 KB
Image
General
Full URL
https://assets.ad4m.at/logo/E66F448D03A5F72C711DC8E2E8952B65912637DCC211F26B8C1A1BB8D8C4A802AA5B75A58E27D636DE17E5F9E2A0D14235C96AC08AF3091E1CEC9D103DA80D74
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=335355%2C14235%2C14222&b=K13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=k53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=d5a488d10c4e6a39421ee898ea28c7f0%2F15145983664895032561&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116641&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCWcP4ujSvZY7KLu7EmLAPpbqs4AzE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0GNwD7-JLUWaf2uaDzFdZs64K6bgmKI-VkyfC2IFTX9sxfpL2PDhVbrBPXbsKW6DFpC1tb5fa9bhlEaIlvLI8gP4wE3jt8kiFgddz1P_xm6fVOPGhLGB3ldwGezjPhAuwSoTjG0JjaCfOnStGT3EECkPs8WVh8W_SJ92ScGSKCosRhBu6Y0qPRkmCWEN08CEDzZHpbu-1FwV2o3zE2ImwtFMX8q_vRC6AEtKHTG65YhvCqVeAo9ycKQnSSr3j2TJJMwgyTW5HRQwQdEgz1AyK7R8Gx2udvS6lc80ej7H9c1yMjN8pNzlBICiRErMOPrETS9dlwy7w4Gh3ifN4JuZvb__vQC4gnyamU29chRyisAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliT9tryyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_6L8TZ9aLiR_2VgnSH_FeGxSVGM_csWy0zp8toKysWP-JuLVXi2H2fIqfhXVwGAE%2526sig%253DAOD64_0ZIfhw5Q7BCmyYOLnlniG2E0-fyw%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AmiWUa22pe0pX8-jf_2QI3Ue7QgL3UKLlb9sf4jLr9CZNTuYjWp31z6GLFRRx54-WTJezB6bERqa4ZkVfQVCqrdGaQn4rJDTXyplf4D9v9PorhZEF8EOUQanpQ_q_jZlOBmdMhRPZ52llqxlz_FJoXJyt4bxeT042TQzyGbYcsPZqXZtA%2526cry%253D1%2526dbm_d%253DAKAmf-CAYfc7h0zZowfD3RQlkszqIy1z6lkgQWT0ErlXAcrCG_CzaifbtLDK_GgTotni_04ZrGFEZMBN4dxFN4lwf9PGLBkXUE-d1l5Kdwh-FTGzjMJQpNjGw-CbnWzeuzZ2G9UrjexsXuLEEyrfo9yd116-4HIKRXYhAQyeqi_KvJ19JOPNWf4ELrHLXaOGWTNmlB5vl71h6Br5aASgr1VrhMzDqzTDT5ad5BdyzION218dwByBf9JE0LFB4Tbxb1mblqJl-MoCS92uT1XGNveYdGJN0WfPc6PgIpyTUYyv7hVaH9L81K5a1LVWsMAioNt2eHrNhMcIRspP9jAOzMItJa6MRbmSsTJ5psooN9B5lvZ9TqeyqMQQ3DhdlR5sRWqvkYn_7FiLv661vw-GfNtAa27BX64e61l8FxTjtERHv7dCvMsbR0bGiSkwTAi2chFe-49lA3uxIcYeXAJQl5R90yxyM4c2227He78w3-ZxUaM_-ig9WJSJKTA-yRRmkoy69sllAo8lgW0tmu4YXpGde4aDR1_lBw%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01170050458513699e926b282be71d0ea577e944cecaa8867c7188141235cfd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
285584
cf-polished
origFmt=png, origSize=45372
alt-svc
h3=":443"; ma=86400
content-length
16832
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 15:38:35 GMT
server
cloudflare
etag
"a4a1e58c74f9a1a30782902ef5c6a89f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwT9KkPgBRzqi1n8lKw9bIdz41RRgtczPbmaWbpwvmTuZC9lYCUOXrNIfPsrMruDkT%2BtxnmNGgJ52aLZq1W8ioDsymmCsKphD5m%2FpSJtFZTa79OHLXUG7sYDiygfDzeHWnFR2EKj7an5ixAG"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d013bec5b1d8c-FRA
39CE004B40BDF0ECD4AFFA25649A4E33112ABBB644F35C52D83968F273ECAC19EA76CCEC7D0DE7E21EE99E867C140A2EADA1B6DF05B3B64B7C201789B7B9FF1C
assets.ad4m.at/ Frame 2244
44 KB
44 KB
Image
General
Full URL
https://assets.ad4m.at/39CE004B40BDF0ECD4AFFA25649A4E33112ABBB644F35C52D83968F273ECAC19EA76CCEC7D0DE7E21EE99E867C140A2EADA1B6DF05B3B64B7C201789B7B9FF1C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=335355%2C14235%2C14222&b=K13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=k53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=d5a488d10c4e6a39421ee898ea28c7f0%2F15145983664895032561&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116641&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCWcP4ujSvZY7KLu7EmLAPpbqs4AzE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0GNwD7-JLUWaf2uaDzFdZs64K6bgmKI-VkyfC2IFTX9sxfpL2PDhVbrBPXbsKW6DFpC1tb5fa9bhlEaIlvLI8gP4wE3jt8kiFgddz1P_xm6fVOPGhLGB3ldwGezjPhAuwSoTjG0JjaCfOnStGT3EECkPs8WVh8W_SJ92ScGSKCosRhBu6Y0qPRkmCWEN08CEDzZHpbu-1FwV2o3zE2ImwtFMX8q_vRC6AEtKHTG65YhvCqVeAo9ycKQnSSr3j2TJJMwgyTW5HRQwQdEgz1AyK7R8Gx2udvS6lc80ej7H9c1yMjN8pNzlBICiRErMOPrETS9dlwy7w4Gh3ifN4JuZvb__vQC4gnyamU29chRyisAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliT9tryyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_6L8TZ9aLiR_2VgnSH_FeGxSVGM_csWy0zp8toKysWP-JuLVXi2H2fIqfhXVwGAE%2526sig%253DAOD64_0ZIfhw5Q7BCmyYOLnlniG2E0-fyw%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AmiWUa22pe0pX8-jf_2QI3Ue7QgL3UKLlb9sf4jLr9CZNTuYjWp31z6GLFRRx54-WTJezB6bERqa4ZkVfQVCqrdGaQn4rJDTXyplf4D9v9PorhZEF8EOUQanpQ_q_jZlOBmdMhRPZ52llqxlz_FJoXJyt4bxeT042TQzyGbYcsPZqXZtA%2526cry%253D1%2526dbm_d%253DAKAmf-CAYfc7h0zZowfD3RQlkszqIy1z6lkgQWT0ErlXAcrCG_CzaifbtLDK_GgTotni_04ZrGFEZMBN4dxFN4lwf9PGLBkXUE-d1l5Kdwh-FTGzjMJQpNjGw-CbnWzeuzZ2G9UrjexsXuLEEyrfo9yd116-4HIKRXYhAQyeqi_KvJ19JOPNWf4ELrHLXaOGWTNmlB5vl71h6Br5aASgr1VrhMzDqzTDT5ad5BdyzION218dwByBf9JE0LFB4Tbxb1mblqJl-MoCS92uT1XGNveYdGJN0WfPc6PgIpyTUYyv7hVaH9L81K5a1LVWsMAioNt2eHrNhMcIRspP9jAOzMItJa6MRbmSsTJ5psooN9B5lvZ9TqeyqMQQ3DhdlR5sRWqvkYn_7FiLv661vw-GfNtAa27BX64e61l8FxTjtERHv7dCvMsbR0bGiSkwTAi2chFe-49lA3uxIcYeXAJQl5R90yxyM4c2227He78w3-ZxUaM_-ig9WJSJKTA-yRRmkoy69sllAo8lgW0tmu4YXpGde4aDR1_lBw%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
738e8e4babe4f26dc496be3b1eed919ade66e46a7c4d2bf25029c3dd01f4b8c1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
285283
cf-polished
qual=85, origFmt=jpeg, origSize=114828
alt-svc
h3=":443"; ma=86400
content-length
44698
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 13:30:03 GMT
server
cloudflare
etag
"c70fe60a5e89d6cf5912a08191db5823"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qkrtBtNLgpuQ%2FTBZVpKSVjzjveK22wgat6naTHmmmgucAq7rgDeeMJPuQDY0U5of7RTANt%2BPUtf5oAbqqIFuvawhyVRkuLiHlEO9fGX1ALgnSngP13vr4GcF%2BAecbOo3dI9ARZPhAdczFXC"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d013bec5d1d8c-FRA
cshow.php
www.awin1.com/ Frame 2244
43 B
704 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2087405&v=12112&q=326715&r=412871&pv=1&pref3=oneiddEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCjoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=335355%2C14235%2C14222&b=K13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=k53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=d5a488d10c4e6a39421ee898ea28c7f0%2F15145983664895032561&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116641&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCWcP4ujSvZY7KLu7EmLAPpbqs4AzE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0GNwD7-JLUWaf2uaDzFdZs64K6bgmKI-VkyfC2IFTX9sxfpL2PDhVbrBPXbsKW6DFpC1tb5fa9bhlEaIlvLI8gP4wE3jt8kiFgddz1P_xm6fVOPGhLGB3ldwGezjPhAuwSoTjG0JjaCfOnStGT3EECkPs8WVh8W_SJ92ScGSKCosRhBu6Y0qPRkmCWEN08CEDzZHpbu-1FwV2o3zE2ImwtFMX8q_vRC6AEtKHTG65YhvCqVeAo9ycKQnSSr3j2TJJMwgyTW5HRQwQdEgz1AyK7R8Gx2udvS6lc80ej7H9c1yMjN8pNzlBICiRErMOPrETS9dlwy7w4Gh3ifN4JuZvb__vQC4gnyamU29chRyisAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliT9tryyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_6L8TZ9aLiR_2VgnSH_FeGxSVGM_csWy0zp8toKysWP-JuLVXi2H2fIqfhXVwGAE%2526sig%253DAOD64_0ZIfhw5Q7BCmyYOLnlniG2E0-fyw%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AmiWUa22pe0pX8-jf_2QI3Ue7QgL3UKLlb9sf4jLr9CZNTuYjWp31z6GLFRRx54-WTJezB6bERqa4ZkVfQVCqrdGaQn4rJDTXyplf4D9v9PorhZEF8EOUQanpQ_q_jZlOBmdMhRPZ52llqxlz_FJoXJyt4bxeT042TQzyGbYcsPZqXZtA%2526cry%253D1%2526dbm_d%253DAKAmf-CAYfc7h0zZowfD3RQlkszqIy1z6lkgQWT0ErlXAcrCG_CzaifbtLDK_GgTotni_04ZrGFEZMBN4dxFN4lwf9PGLBkXUE-d1l5Kdwh-FTGzjMJQpNjGw-CbnWzeuzZ2G9UrjexsXuLEEyrfo9yd116-4HIKRXYhAQyeqi_KvJ19JOPNWf4ELrHLXaOGWTNmlB5vl71h6Br5aASgr1VrhMzDqzTDT5ad5BdyzION218dwByBf9JE0LFB4Tbxb1mblqJl-MoCS92uT1XGNveYdGJN0WfPc6PgIpyTUYyv7hVaH9L81K5a1LVWsMAioNt2eHrNhMcIRspP9jAOzMItJa6MRbmSsTJ5psooN9B5lvZ9TqeyqMQQ3DhdlR5sRWqvkYn_7FiLv661vw-GfNtAa27BX64e61l8FxTjtERHv7dCvMsbR0bGiSkwTAi2chFe-49lA3uxIcYeXAJQl5R90yxyM4c2227He78w3-ZxUaM_-ig9WJSJKTA-yRRmkoy69sllAo8lgW0tmu4YXpGde4aDR1_lBw%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:36 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
F99F7B1440ABEB022C430998FF44CDAB82F3CD00A36700CC79228A3DE9A87038D435D34B685200F2B70F978A7EE9C99F0C4437241E8F180117C8DF3E4EC05EC4
assets.ad4m.at/logo/ Frame 2244
11 KB
11 KB
Image
General
Full URL
https://assets.ad4m.at/logo/F99F7B1440ABEB022C430998FF44CDAB82F3CD00A36700CC79228A3DE9A87038D435D34B685200F2B70F978A7EE9C99F0C4437241E8F180117C8DF3E4EC05EC4
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=335355%2C14235%2C14222&b=K13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=k53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=d5a488d10c4e6a39421ee898ea28c7f0%2F15145983664895032561&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116641&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCWcP4ujSvZY7KLu7EmLAPpbqs4AzE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0GNwD7-JLUWaf2uaDzFdZs64K6bgmKI-VkyfC2IFTX9sxfpL2PDhVbrBPXbsKW6DFpC1tb5fa9bhlEaIlvLI8gP4wE3jt8kiFgddz1P_xm6fVOPGhLGB3ldwGezjPhAuwSoTjG0JjaCfOnStGT3EECkPs8WVh8W_SJ92ScGSKCosRhBu6Y0qPRkmCWEN08CEDzZHpbu-1FwV2o3zE2ImwtFMX8q_vRC6AEtKHTG65YhvCqVeAo9ycKQnSSr3j2TJJMwgyTW5HRQwQdEgz1AyK7R8Gx2udvS6lc80ej7H9c1yMjN8pNzlBICiRErMOPrETS9dlwy7w4Gh3ifN4JuZvb__vQC4gnyamU29chRyisAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliT9tryyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_6L8TZ9aLiR_2VgnSH_FeGxSVGM_csWy0zp8toKysWP-JuLVXi2H2fIqfhXVwGAE%2526sig%253DAOD64_0ZIfhw5Q7BCmyYOLnlniG2E0-fyw%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AmiWUa22pe0pX8-jf_2QI3Ue7QgL3UKLlb9sf4jLr9CZNTuYjWp31z6GLFRRx54-WTJezB6bERqa4ZkVfQVCqrdGaQn4rJDTXyplf4D9v9PorhZEF8EOUQanpQ_q_jZlOBmdMhRPZ52llqxlz_FJoXJyt4bxeT042TQzyGbYcsPZqXZtA%2526cry%253D1%2526dbm_d%253DAKAmf-CAYfc7h0zZowfD3RQlkszqIy1z6lkgQWT0ErlXAcrCG_CzaifbtLDK_GgTotni_04ZrGFEZMBN4dxFN4lwf9PGLBkXUE-d1l5Kdwh-FTGzjMJQpNjGw-CbnWzeuzZ2G9UrjexsXuLEEyrfo9yd116-4HIKRXYhAQyeqi_KvJ19JOPNWf4ELrHLXaOGWTNmlB5vl71h6Br5aASgr1VrhMzDqzTDT5ad5BdyzION218dwByBf9JE0LFB4Tbxb1mblqJl-MoCS92uT1XGNveYdGJN0WfPc6PgIpyTUYyv7hVaH9L81K5a1LVWsMAioNt2eHrNhMcIRspP9jAOzMItJa6MRbmSsTJ5psooN9B5lvZ9TqeyqMQQ3DhdlR5sRWqvkYn_7FiLv661vw-GfNtAa27BX64e61l8FxTjtERHv7dCvMsbR0bGiSkwTAi2chFe-49lA3uxIcYeXAJQl5R90yxyM4c2227He78w3-ZxUaM_-ig9WJSJKTA-yRRmkoy69sllAo8lgW0tmu4YXpGde4aDR1_lBw%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3381eefb1d27cb110697afc4e4d12efc2e245609113ef6e53d4caf1db9d5f5e0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
356539
cf-polished
origFmt=png, origSize=14365
alt-svc
h3=":443"; ma=86400
content-length
10826
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 15:40:41 GMT
server
cloudflare
etag
"9bf9c6b0623b3198e5f2a1630ee7175c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7uzrtW7i39%2BuJCz0A59nkt%2BczS1C5jLjsxUKw5M7yb8bpOulPjZOUhMwmast%2FajR%2B54x36e8EMfH3Kx%2FcBgKvBtB6t71Xu6Iq5K%2FI3CwOebgcY%2BGTQtOUL9lPd9M7INkB7Uas86g4QmB3oHL"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d013bec5f1d8c-FRA
87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
assets.ad4m.at/ Frame 2244
8 KB
8 KB
Image
General
Full URL
https://assets.ad4m.at/87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=335355%2C14235%2C14222&b=K13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=k53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=d5a488d10c4e6a39421ee898ea28c7f0%2F15145983664895032561&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116641&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCWcP4ujSvZY7KLu7EmLAPpbqs4AzE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0GNwD7-JLUWaf2uaDzFdZs64K6bgmKI-VkyfC2IFTX9sxfpL2PDhVbrBPXbsKW6DFpC1tb5fa9bhlEaIlvLI8gP4wE3jt8kiFgddz1P_xm6fVOPGhLGB3ldwGezjPhAuwSoTjG0JjaCfOnStGT3EECkPs8WVh8W_SJ92ScGSKCosRhBu6Y0qPRkmCWEN08CEDzZHpbu-1FwV2o3zE2ImwtFMX8q_vRC6AEtKHTG65YhvCqVeAo9ycKQnSSr3j2TJJMwgyTW5HRQwQdEgz1AyK7R8Gx2udvS6lc80ej7H9c1yMjN8pNzlBICiRErMOPrETS9dlwy7w4Gh3ifN4JuZvb__vQC4gnyamU29chRyisAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliT9tryyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_6L8TZ9aLiR_2VgnSH_FeGxSVGM_csWy0zp8toKysWP-JuLVXi2H2fIqfhXVwGAE%2526sig%253DAOD64_0ZIfhw5Q7BCmyYOLnlniG2E0-fyw%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AmiWUa22pe0pX8-jf_2QI3Ue7QgL3UKLlb9sf4jLr9CZNTuYjWp31z6GLFRRx54-WTJezB6bERqa4ZkVfQVCqrdGaQn4rJDTXyplf4D9v9PorhZEF8EOUQanpQ_q_jZlOBmdMhRPZ52llqxlz_FJoXJyt4bxeT042TQzyGbYcsPZqXZtA%2526cry%253D1%2526dbm_d%253DAKAmf-CAYfc7h0zZowfD3RQlkszqIy1z6lkgQWT0ErlXAcrCG_CzaifbtLDK_GgTotni_04ZrGFEZMBN4dxFN4lwf9PGLBkXUE-d1l5Kdwh-FTGzjMJQpNjGw-CbnWzeuzZ2G9UrjexsXuLEEyrfo9yd116-4HIKRXYhAQyeqi_KvJ19JOPNWf4ELrHLXaOGWTNmlB5vl71h6Br5aASgr1VrhMzDqzTDT5ad5BdyzION218dwByBf9JE0LFB4Tbxb1mblqJl-MoCS92uT1XGNveYdGJN0WfPc6PgIpyTUYyv7hVaH9L81K5a1LVWsMAioNt2eHrNhMcIRspP9jAOzMItJa6MRbmSsTJ5psooN9B5lvZ9TqeyqMQQ3DhdlR5sRWqvkYn_7FiLv661vw-GfNtAa27BX64e61l8FxTjtERHv7dCvMsbR0bGiSkwTAi2chFe-49lA3uxIcYeXAJQl5R90yxyM4c2227He78w3-ZxUaM_-ig9WJSJKTA-yRRmkoy69sllAo8lgW0tmu4YXpGde4aDR1_lBw%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec687923f2e182639e80a81f1eaf224c1b696157eb1f3a4c5caed8f91a57fea

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6091420
cf-polished
origFmt=png, origSize=8019
alt-svc
h3=":443"; ma=86400
content-length
7958
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 Nov 2023 15:33:04 GMT
server
cloudflare
etag
"1e4fa7b99cb7b50b4a1d7346d08f09ce"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jh%2B2pn9Ki%2F7it4VBov7snFsBDsrpUPhXzrVVARvsSClL4u%2B6YSrqMWweVWpcDl%2FLFd0fu2pglyjwghZyarwENirFvhqcgh69Ftu2sfB5%2F2vdb7L0qFN9nWzOfFOrrqkSaf5OnGqOfvbkYNVR"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d013bec611d8c-FRA
ztpv.php
www.conrad.ch/ Frame 2244
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2246263&v=11467&q=346415&r=412871&pv=1&pref3=oneidJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtXoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.ch/ztpv.php?awc=11467_412871_1705981116_e4246380-b9a0-11ee-9c4b-223173d2bc6e&insert=AW&gdpr=0&gdpr_consent=
0
492 B
Image
General
Full URL
https://www.conrad.ch/ztpv.php?awc=11467_412871_1705981116_e4246380-b9a0-11ee-9c4b-223173d2bc6e&insert=AW&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=335355%2C14235%2C14222&b=K13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaq%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=k53U5fQ2ZBtX3m2s4HwHetmCzzwZCkTjTmrHR%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=d5a488d10c4e6a39421ee898ea28c7f0%2F15145983664895032561&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116641&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCWcP4ujSvZY7KLu7EmLAPpbqs4AzE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0GNwD7-JLUWaf2uaDzFdZs64K6bgmKI-VkyfC2IFTX9sxfpL2PDhVbrBPXbsKW6DFpC1tb5fa9bhlEaIlvLI8gP4wE3jt8kiFgddz1P_xm6fVOPGhLGB3ldwGezjPhAuwSoTjG0JjaCfOnStGT3EECkPs8WVh8W_SJ92ScGSKCosRhBu6Y0qPRkmCWEN08CEDzZHpbu-1FwV2o3zE2ImwtFMX8q_vRC6AEtKHTG65YhvCqVeAo9ycKQnSSr3j2TJJMwgyTW5HRQwQdEgz1AyK7R8Gx2udvS6lc80ej7H9c1yMjN8pNzlBICiRErMOPrETS9dlwy7w4Gh3ifN4JuZvb__vQC4gnyamU29chRyisAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliT9tryyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_6L8TZ9aLiR_2VgnSH_FeGxSVGM_csWy0zp8toKysWP-JuLVXi2H2fIqfhXVwGAE%2526sig%253DAOD64_0ZIfhw5Q7BCmyYOLnlniG2E0-fyw%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AmiWUa22pe0pX8-jf_2QI3Ue7QgL3UKLlb9sf4jLr9CZNTuYjWp31z6GLFRRx54-WTJezB6bERqa4ZkVfQVCqrdGaQn4rJDTXyplf4D9v9PorhZEF8EOUQanpQ_q_jZlOBmdMhRPZ52llqxlz_FJoXJyt4bxeT042TQzyGbYcsPZqXZtA%2526cry%253D1%2526dbm_d%253DAKAmf-CAYfc7h0zZowfD3RQlkszqIy1z6lkgQWT0ErlXAcrCG_CzaifbtLDK_GgTotni_04ZrGFEZMBN4dxFN4lwf9PGLBkXUE-d1l5Kdwh-FTGzjMJQpNjGw-CbnWzeuzZ2G9UrjexsXuLEEyrfo9yd116-4HIKRXYhAQyeqi_KvJ19JOPNWf4ELrHLXaOGWTNmlB5vl71h6Br5aASgr1VrhMzDqzTDT5ad5BdyzION218dwByBf9JE0LFB4Tbxb1mblqJl-MoCS92uT1XGNveYdGJN0WfPc6PgIpyTUYyv7hVaH9L81K5a1LVWsMAioNt2eHrNhMcIRspP9jAOzMItJa6MRbmSsTJ5psooN9B5lvZ9TqeyqMQQ3DhdlR5sRWqvkYn_7FiLv661vw-GfNtAa27BX64e61l8FxTjtERHv7dCvMsbR0bGiSkwTAi2chFe-49lA3uxIcYeXAJQl5R90yxyM4c2227He78w3-ZxUaM_-ig9WJSJKTA-yRRmkoy69sllAo8lgW0tmu4YXpGde4aDR1_lBw%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:bae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache
cf-ray
849d013cfdd61c2a-FRA
content-length
0
expires
-1

Redirect headers

Date
Tue, 23 Jan 2024 03:38:36 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.ch/ztpv.php?awc=11467_412871_1705981116_e4246380-b9a0-11ee-9c4b-223173d2bc6e&insert=AW&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
Standard
s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 66E3
91 KB
39 KB
Script
General
Full URL
https://s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ed8343699e054a0900f23319e31cba32ad43bf77136313508ea25d86073366bb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
last-modified
Tue, 19 Dec 2023 10:28:27 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 19 Jan 2024 16:52:30 GMT
52164
i6.liadm.com/s/ Frame 0E81
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-9chB69L3rJXE67ww_jAptQYa47KTPOB1km_8mA
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=2ba2ab41-70c6-45d7-8951-9ef87add91a7
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=liveintent&bsw_param=75dfa792-243c-4814-8e47-a1f76ddeb89e&google_hm=NzVkZmE3OTItMjQzYy00ODE0LThlNDctYTFmNzZkZGViODll
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEGHufNc7gKLd8908-FP2oWc&google_cver=1&ssp=liveintent&bsw_param=75dfa792-243c-4814-8e47-a1f76ddeb89e
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=75dfa792-243c-4814-8e47-a1f76ddeb89e
  • https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=75dfa792-243c-4814-8e47-a1f76ddeb89e
43 B
548 B
Image
General
Full URL
https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=75dfa792-243c-4814-8e47-a1f76ddeb89e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:ac77:9c63:d66e:ebeb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 03:38:38 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=75dfa792-243c-4814-8e47-a1f76ddeb89e
Date
Tue, 23 Jan 2024 03:38:37 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
rum
dsum-sec.casalemedia.com/ Frame 0E81
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Za80vAAQh9eC1gBH
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Za80vAAQh9eC1gBH&_test=Za80vAAQh9eC1gBH
43 B
733 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Za80vAAQh9eC1gBH&_test=Za80vAAQh9eC1gBH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BjXj3%2BqV2fjt2HScMLhoWk62X43LL4IagHPcW%2BjkroExlCeP3FkdNU7nD7RXyLXW6EsC490LeXcICC4IH9srKP5%2BSu8ppxL4jmiT8jaIL4HkK4OdXkCBGhprLYpastOoEv5t80F5HTgpw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d01406a2e4d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-mxp6972-MXP
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
via
1.1 varnish
server
Varnish
x-timer
S1705981117.954988,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Za80vAAQh9eC1gBH&_test=Za80vAAQh9eC1gBH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tp_out
d.adroll.com/cm/index/ Frame 0E81
42 B
181 B
Image
General
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:9109:5249:ec1e:4708 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
getuid
ads.avct.cloud/ Frame 0E81
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex
0
0

generic
match.adsrvr.org/track/cmf/ Frame 0E81
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Za80ux4LORIGoWQwyWak5QAA%262130&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZjJlZTkwNDM5ZGZkNWJlMTU2NDI4Y2QwZjZkNWQ=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEBmagl9gtLBlKWMWxeSsK0c&google_cver=1&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/f2ee90439dfd5be156428cd0f6d5d?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-PkwJlRhE2oPh7uXQdRsnSmjRCrivFmNgchweEaWI~A
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:37 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1705981117218069-587
demconf.jpg
dpm.demdex.net/ Frame 0E81
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Za80ux4LORIGoWQwyWak5QAA%262130?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Za80ux4LORIGoWQwyWak5QAA%262130
42 B
716 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Za80ux4LORIGoWQwyWak5QAA%262130
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Server
52.49.110.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-110-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-0d41b9f76.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
oe9/xJe3R9o=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-2-v054-07d6a4e23.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
tUu1mgoCQy0=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Za80ux4LORIGoWQwyWak5QAA%262130
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
generic
match.adsrvr.org/track/cmf/ Frame 0E81
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:36 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1705981116858000-509
dcm
s.amazon-adsystem.com/ Frame 0E81
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C33B7596Q5DJXPC00C0E
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 0E81
43 B
103 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Za80ux4LORIGoWQwyWak5QAA%262130
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
21
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
849d013c2a5118ef-FRA
content-length
43
expires
Tue, 23 Jan 2024 07:38:36 GMT
/
track.adform.net/adfserve/ Frame 8CA3
5 KB
3 KB
Script
General
Full URL
https://track.adform.net/adfserve/?bn=67903448;rtbwp=Za80uwAAAAB_NCNWeg0yFd50fkoG-zlgTOoyBw;rtbdata=aoEYOKqeTUWKl8W-FYiXKjzq1xabj9JWWMkDonvolOC0woaxAoppjcsH-9DsGuo1zdigAwChWcnjKe-guS5X7JB_CSiecMu3VF31rLo_PT_rUBCvIMmTM_I9jq6yvuQ0yFg1YNsgsVG76FslKcgL6xMwbL2NIc_uS_WqCiCAGBdHAJ5z-CxpsjZLcBQglqsM1z0UFkcNjzGyXC15ITRgAeslGEgS6KLK8YxBSGWzhUIOdTWiwKb_g9rGlAmoAVco2IfsOfphMFTGtluoRAQdE6JjdfnOlL1K0;js=1;adfxid=6x;4503;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Ffolkd.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7d51ea9f746e527a6eef60cec329bf76f02fb15c1275df7c4040199ce538841d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2334
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame CA5C
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-9chB69L3rJXE67ww_jAptQYa47KTPOB1km_8mA
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Date
Tue, 23 Jan 2024 03:38:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
crum
dsum-sec.casalemedia.com/ Frame CA5C
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=880155358026&us_privacy=1---
43 B
735 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=880155358026&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCZ0dJ3Gls9w9VplJXE%2FzXIFR%2F9lT3zRQo4HiYaKnzqVMZB37BNICa1EcZ7LkP5%2BoUhfFPP1CEWITsRbEpiZEINgle%2Bn5sDXOhv59Ljsjq2FtkcOjdebD1yTlC51lV0aWwOjKrErIDsOcw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d013ca8464d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=880155358026&us_privacy=1---
content-length
0
crum
dsum-sec.casalemedia.com/ Frame CA5C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&puid=
43 B
727 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&puid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MEKrpwK7UiffhecTprxtlc1o7LpRYYDm3xP4UIcOgnBR0HhARx7J5cPK9Mcrj9SmpTgQVmIXpo8IdChpyqnBzowF2dBb8UwwaSmekmZaJraLOgtiaLj47HVo3KAkNR0UhGQMzEdIg9KeaA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d013ce8694d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&puid=
Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
105
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame CA5C
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=2813f6eb-5f57-45cb-b1f8-ec77547ace46
43 B
735 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=2813f6eb-5f57-45cb-b1f8-ec77547ace46
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPPck7A7WNpFgiaODu1YmnqbgfK6KPYTkuzVNHhTYl92NP%2BpN8EsiHtfjuxesuw3PwQvDn38AxWoA%2BM%2BrRNxYQvtLo0dnbRjJIA%2FPIZXWR1DCQ636hIEB9GxrKK8uX9RTsJ1jPLftRvf1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d013cb8504d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=2813f6eb-5f57-45cb-b1f8-ec77547ace46
date
Tue, 23 Jan 2024 03:38:36 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
tp_out
d.adroll.com/cm/index/ Frame CA5C
42 B
180 B
Image
General
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:9109:5249:ec1e:4708 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
Za80ux4LORIGoWQwyWak5QAACFIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame CA5C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB
43 B
601 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Server
2a05:d018:d29:3605:a6fa:b563:be0e:7526 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB
date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ix
ad4m.at/ad/sim/ Frame CA5C
0
0
Image
General
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

dcm
s.amazon-adsystem.com/ Frame CA5C
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
F6PYZEZ5ZTBN3C0D9XX2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame CA5C
43 B
103 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Za80ux4LORIGoWQwyWak5QAA%262130
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
21
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
849d013c2a5418ef-FRA
content-length
43
expires
Tue, 23 Jan 2024 07:38:36 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 3B42
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d60ea320318ee1a177d90d12d600c39646c98243b5a009c1158dd31cf79f7b7

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
849d013c18154d22-FRA
content-encoding
br
content-type
text/html
date
Tue, 23 Jan 2024 03:38:36 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPYbZcy70V5XxObpuVAIKHxglyVdKSM8qWKUopNhN4cCAnEhYDlkKKnLFVQ56QLgCm1RjNZ4tEt5ihz26lmvz4yU0Tm3U8cmhjIL5Cdo8Kjny8EkUawhmFJBojz4v0O0j7UAi0Yr3Tw18A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Standard
s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 1CF0
85 KB
36 KB
Script
General
Full URL
https://s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
78825f2c0d076c5ece3f855790f01561ee9f71e52babe220c3931299bd51e6ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
last-modified
Tue, 19 Dec 2023 10:28:27 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 19 Jan 2024 16:52:32 GMT
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame AD22
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=329291%2C14235%2C14222&b=Rx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=Qx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=aeb4625d8e949c8bf939b1f10179afd9%2F6652841475753835086&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116721&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC4e2mujSvZcerL56CmLAPitmIyAXE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0H--Mi-Gt7y4TL2OSo8j9-KkOjKySShJTOvhxFKvoGXDT7p0MeSGFbhl-P851SVR6vbIjSv6o4bv9cQwaarkB4rY_3we6CXPJIutGRA50s3aFsBJLxMz2QvcWNgTtfmDvmuEYfqdCkdzBN0xJaAanaFbDyICc97nFAKFLqbeqLynhwZUgcQsecbJDl_5Yhp1vxLP77XXWAoKKHtFUHHPfLMf1DqSY5K46SdAXumTxHIsVyOY9kBzVCRdqykpVEuhuXIEXMcqkVNf9M3K-sJPT8ZyRGMsMWCB2ZoR2EgwjjziKlYiJ4QSTDZQ_fUAzHIsdrS9khdVJS3r_szpos__N6pEtxgZl7PkpLcc32xZ_MAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljb2NvyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_67iS8AYdOINZx2XjgZW3fx7i21BL10VqHUBQbeWYuav5q_ZNoTZuvct2FQa6GAE%2526sig%253DAOD64_1byzuNCY8U2XTHyTHjB4VrV0z05A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-C2x_jqEcCzVEGCY2YfsIZc0yGEH77Owtsg_9ld_XmsznhFhrlGw6meB9OLpB2vc-1meTYHDydHxWgBcyyLc1_zLW05Vddf34LIyiua1Ka4BI2En_SG_n7ZP7cMyOb2IBpVciiypwQfuQpZzJ4LYzex5sEDw1H7fnhfsYOUoxAGoxD-Jq0%2526cry%253D1%2526dbm_d%253DAKAmf-AHoQoC9QXH9qqMbpmrNWeLxT1ZMQ2jC9ugDsQ-sjpL-KrC8-uSKJmlM2gHc_hZQcaYmlVbXWMyzXpw1T0Ia0RtzN5XQJXca-ixJzInGOQqMpW7we6r6ZMjwJmObjDaPz_agQrNct8t-5T4iGJTUiFJE22ASeOlFBuyswA7ftvz7E6fK_NwgqzovroVUzSxvghXx76Wc36L2iI7g2swnnxPWMTR73_emYnUGWXIxHCnwaENOXU_4ACdjIX21BTxRrxHgs6rSM-Q_F-fzgQvY6E1zlcQwWt8Ro9Tm6yOPtp4OdYy4mOF3-8-OsiOG8fKWhpt3ak00UcBG3SO8qruWH0_3WJQaNxUxNi-3UOsZjdHkufKGspSHtnyLc-SIdJ_FABykNdLBAC5za4tRErPhYPWCdabs6jEmIZ1I7iaKOnmlYvF9mTLSjbgZ6AFJ6fXvncyXRieHQf1ydk260RvyH2_ehXKGfxYa67PZVudCn46oPrr20wJQmY9rfHKZjU5eko9Dnx29u4K34BJnidunzexW5zwVQ%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=329291%2C14235%2C14222&b=Rx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=Qx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=aeb4625d8e949c8bf939b1f10179afd9%2F6652841475753835086&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116721&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC4e2mujSvZcerL56CmLAPitmIyAXE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0H--Mi-Gt7y4TL2OSo8j9-KkOjKySShJTOvhxFKvoGXDT7p0MeSGFbhl-P851SVR6vbIjSv6o4bv9cQwaarkB4rY_3we6CXPJIutGRA50s3aFsBJLxMz2QvcWNgTtfmDvmuEYfqdCkdzBN0xJaAanaFbDyICc97nFAKFLqbeqLynhwZUgcQsecbJDl_5Yhp1vxLP77XXWAoKKHtFUHHPfLMf1DqSY5K46SdAXumTxHIsVyOY9kBzVCRdqykpVEuhuXIEXMcqkVNf9M3K-sJPT8ZyRGMsMWCB2ZoR2EgwjjziKlYiJ4QSTDZQ_fUAzHIsdrS9khdVJS3r_szpos__N6pEtxgZl7PkpLcc32xZ_MAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljb2NvyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_67iS8AYdOINZx2XjgZW3fx7i21BL10VqHUBQbeWYuav5q_ZNoTZuvct2FQa6GAE%2526sig%253DAOD64_1byzuNCY8U2XTHyTHjB4VrV0z05A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-C2x_jqEcCzVEGCY2YfsIZc0yGEH77Owtsg_9ld_XmsznhFhrlGw6meB9OLpB2vc-1meTYHDydHxWgBcyyLc1_zLW05Vddf34LIyiua1Ka4BI2En_SG_n7ZP7cMyOb2IBpVciiypwQfuQpZzJ4LYzex5sEDw1H7fnhfsYOUoxAGoxD-Jq0%2526cry%253D1%2526dbm_d%253DAKAmf-AHoQoC9QXH9qqMbpmrNWeLxT1ZMQ2jC9ugDsQ-sjpL-KrC8-uSKJmlM2gHc_hZQcaYmlVbXWMyzXpw1T0Ia0RtzN5XQJXca-ixJzInGOQqMpW7we6r6ZMjwJmObjDaPz_agQrNct8t-5T4iGJTUiFJE22ASeOlFBuyswA7ftvz7E6fK_NwgqzovroVUzSxvghXx76Wc36L2iI7g2swnnxPWMTR73_emYnUGWXIxHCnwaENOXU_4ACdjIX21BTxRrxHgs6rSM-Q_F-fzgQvY6E1zlcQwWt8Ro9Tm6yOPtp4OdYy4mOF3-8-OsiOG8fKWhpt3ak00UcBG3SO8qruWH0_3WJQaNxUxNi-3UOsZjdHkufKGspSHtnyLc-SIdJ_FABykNdLBAC5za4tRErPhYPWCdabs6jEmIZ1I7iaKOnmlYvF9mTLSjbgZ6AFJ6fXvncyXRieHQf1ydk260RvyH2_ehXKGfxYa67PZVudCn46oPrr20wJQmY9rfHKZjU5eko9Dnx29u4K34BJnidunzexW5zwVQ%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
600876
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=canct2qO1V4n00IKJY76jJd%2FrTHuQ8Gq9ZmXzASvzkEHHUP2xPtMsY8ca4jdlTiBKXlsKctjGPSfq%2B%2BaIFyrnxMw1Cp16QIl7MiJGu7bnQjAsL9S%2B7UNb7wfq%2BtTtekZ8xC5mk2CRcg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
849d013c3c5f6ae1-FRA
expires
Wed, 24 Jan 2024 03:38:36 GMT
EB6BF7C773C54C26856A0D8D7150B655B849D79C22453DC6A7B8FCE10BEDF4DA40FCA40DC7B01242E990F461A5818963443B7F0C188F7F80310E7C2E8D80CF8F
assets.ad4m.at/logo/ Frame AD22
30 KB
31 KB
Image
General
Full URL
https://assets.ad4m.at/logo/EB6BF7C773C54C26856A0D8D7150B655B849D79C22453DC6A7B8FCE10BEDF4DA40FCA40DC7B01242E990F461A5818963443B7F0C188F7F80310E7C2E8D80CF8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=329291%2C14235%2C14222&b=Rx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=Qx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=aeb4625d8e949c8bf939b1f10179afd9%2F6652841475753835086&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116721&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC4e2mujSvZcerL56CmLAPitmIyAXE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0H--Mi-Gt7y4TL2OSo8j9-KkOjKySShJTOvhxFKvoGXDT7p0MeSGFbhl-P851SVR6vbIjSv6o4bv9cQwaarkB4rY_3we6CXPJIutGRA50s3aFsBJLxMz2QvcWNgTtfmDvmuEYfqdCkdzBN0xJaAanaFbDyICc97nFAKFLqbeqLynhwZUgcQsecbJDl_5Yhp1vxLP77XXWAoKKHtFUHHPfLMf1DqSY5K46SdAXumTxHIsVyOY9kBzVCRdqykpVEuhuXIEXMcqkVNf9M3K-sJPT8ZyRGMsMWCB2ZoR2EgwjjziKlYiJ4QSTDZQ_fUAzHIsdrS9khdVJS3r_szpos__N6pEtxgZl7PkpLcc32xZ_MAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljb2NvyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_67iS8AYdOINZx2XjgZW3fx7i21BL10VqHUBQbeWYuav5q_ZNoTZuvct2FQa6GAE%2526sig%253DAOD64_1byzuNCY8U2XTHyTHjB4VrV0z05A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-C2x_jqEcCzVEGCY2YfsIZc0yGEH77Owtsg_9ld_XmsznhFhrlGw6meB9OLpB2vc-1meTYHDydHxWgBcyyLc1_zLW05Vddf34LIyiua1Ka4BI2En_SG_n7ZP7cMyOb2IBpVciiypwQfuQpZzJ4LYzex5sEDw1H7fnhfsYOUoxAGoxD-Jq0%2526cry%253D1%2526dbm_d%253DAKAmf-AHoQoC9QXH9qqMbpmrNWeLxT1ZMQ2jC9ugDsQ-sjpL-KrC8-uSKJmlM2gHc_hZQcaYmlVbXWMyzXpw1T0Ia0RtzN5XQJXca-ixJzInGOQqMpW7we6r6ZMjwJmObjDaPz_agQrNct8t-5T4iGJTUiFJE22ASeOlFBuyswA7ftvz7E6fK_NwgqzovroVUzSxvghXx76Wc36L2iI7g2swnnxPWMTR73_emYnUGWXIxHCnwaENOXU_4ACdjIX21BTxRrxHgs6rSM-Q_F-fzgQvY6E1zlcQwWt8Ro9Tm6yOPtp4OdYy4mOF3-8-OsiOG8fKWhpt3ak00UcBG3SO8qruWH0_3WJQaNxUxNi-3UOsZjdHkufKGspSHtnyLc-SIdJ_FABykNdLBAC5za4tRErPhYPWCdabs6jEmIZ1I7iaKOnmlYvF9mTLSjbgZ6AFJ6fXvncyXRieHQf1ydk260RvyH2_ehXKGfxYa67PZVudCn46oPrr20wJQmY9rfHKZjU5eko9Dnx29u4K34BJnidunzexW5zwVQ%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe555be78efec6fde29edd9b0169e3a7c0c4e61187fd2584f5d9a4719ab738f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
280597
cf-polished
origFmt=png, origSize=57632
alt-svc
h3=":443"; ma=86400
content-length
30756
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 15:39:06 GMT
server
cloudflare
etag
"de40c3e9eed9e7f2fbbae8f194b696fe"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7dSHCA5oOqLIydJrVY9yPhCGruOfckxFVQ4rMterkoceSTXT8bI59ooV5bi9mQJatlD9q7P1LN9pVt61VmYHBalWUw3ck0hxDD%2FHpa%2FJLwnuYVA%2FZ5ENe40KZ9VC4WAwRKqxGK4IM4uwHlO7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d013c3c606ae1-FRA
876A773D47E522A5F4967B1B2C612C87338617896CA62284F2D882DE22C78AC8340C670F7F6396E970F796866CFA759562525B845B4204CAB5449683C079194F
assets.ad4m.at/ Frame AD22
27 KB
28 KB
Image
General
Full URL
https://assets.ad4m.at/876A773D47E522A5F4967B1B2C612C87338617896CA62284F2D882DE22C78AC8340C670F7F6396E970F796866CFA759562525B845B4204CAB5449683C079194F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=329291%2C14235%2C14222&b=Rx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=Qx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=aeb4625d8e949c8bf939b1f10179afd9%2F6652841475753835086&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116721&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC4e2mujSvZcerL56CmLAPitmIyAXE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0H--Mi-Gt7y4TL2OSo8j9-KkOjKySShJTOvhxFKvoGXDT7p0MeSGFbhl-P851SVR6vbIjSv6o4bv9cQwaarkB4rY_3we6CXPJIutGRA50s3aFsBJLxMz2QvcWNgTtfmDvmuEYfqdCkdzBN0xJaAanaFbDyICc97nFAKFLqbeqLynhwZUgcQsecbJDl_5Yhp1vxLP77XXWAoKKHtFUHHPfLMf1DqSY5K46SdAXumTxHIsVyOY9kBzVCRdqykpVEuhuXIEXMcqkVNf9M3K-sJPT8ZyRGMsMWCB2ZoR2EgwjjziKlYiJ4QSTDZQ_fUAzHIsdrS9khdVJS3r_szpos__N6pEtxgZl7PkpLcc32xZ_MAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljb2NvyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_67iS8AYdOINZx2XjgZW3fx7i21BL10VqHUBQbeWYuav5q_ZNoTZuvct2FQa6GAE%2526sig%253DAOD64_1byzuNCY8U2XTHyTHjB4VrV0z05A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-C2x_jqEcCzVEGCY2YfsIZc0yGEH77Owtsg_9ld_XmsznhFhrlGw6meB9OLpB2vc-1meTYHDydHxWgBcyyLc1_zLW05Vddf34LIyiua1Ka4BI2En_SG_n7ZP7cMyOb2IBpVciiypwQfuQpZzJ4LYzex5sEDw1H7fnhfsYOUoxAGoxD-Jq0%2526cry%253D1%2526dbm_d%253DAKAmf-AHoQoC9QXH9qqMbpmrNWeLxT1ZMQ2jC9ugDsQ-sjpL-KrC8-uSKJmlM2gHc_hZQcaYmlVbXWMyzXpw1T0Ia0RtzN5XQJXca-ixJzInGOQqMpW7we6r6ZMjwJmObjDaPz_agQrNct8t-5T4iGJTUiFJE22ASeOlFBuyswA7ftvz7E6fK_NwgqzovroVUzSxvghXx76Wc36L2iI7g2swnnxPWMTR73_emYnUGWXIxHCnwaENOXU_4ACdjIX21BTxRrxHgs6rSM-Q_F-fzgQvY6E1zlcQwWt8Ro9Tm6yOPtp4OdYy4mOF3-8-OsiOG8fKWhpt3ak00UcBG3SO8qruWH0_3WJQaNxUxNi-3UOsZjdHkufKGspSHtnyLc-SIdJ_FABykNdLBAC5za4tRErPhYPWCdabs6jEmIZ1I7iaKOnmlYvF9mTLSjbgZ6AFJ6fXvncyXRieHQf1ydk260RvyH2_ehXKGfxYa67PZVudCn46oPrr20wJQmY9rfHKZjU5eko9Dnx29u4K34BJnidunzexW5zwVQ%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59008aa886b2187bae890aea3248ca71724f2cf4c21769ae17e817860d53fd96

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3566176
cf-polished
qual=85, origFmt=jpeg, origSize=78472
alt-svc
h3=":443"; ma=86400
content-length
27694
cf-bgj
imgq:85,h2pri
last-modified
Tue, 28 Nov 2023 08:07:42 GMT
server
cloudflare
etag
"3f102a69e43dc03c68ce47a22bda56e0"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpDwhsKm2hgeDoWH7n3mqDwWMvqfeiON60QGlzBfj15QMIYkoTshBwvUu2jkD37q2CoFvyz1v9LTSNGovfQRQeGfDYSGH%2Fr8pMbgCAFQmKfnAGFatana3CRechPylYZD7qjYid1W%2FHf8tvr4"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d013c3c616ae1-FRA
449f5b35d42da361c6190c55668dabcb
min.tryiqos.ch/trck/ehtml/ Frame AD22
464 B
1 KB
Script
General
Full URL
https://min.tryiqos.ch/trck/ehtml/449f5b35d42da361c6190c55668dabcb?tp=onetag&subid=oneidRx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7oneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=329291%2C14235%2C14222&b=Rx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=Qx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=aeb4625d8e949c8bf939b1f10179afd9%2F6652841475753835086&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116721&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC4e2mujSvZcerL56CmLAPitmIyAXE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0H--Mi-Gt7y4TL2OSo8j9-KkOjKySShJTOvhxFKvoGXDT7p0MeSGFbhl-P851SVR6vbIjSv6o4bv9cQwaarkB4rY_3we6CXPJIutGRA50s3aFsBJLxMz2QvcWNgTtfmDvmuEYfqdCkdzBN0xJaAanaFbDyICc97nFAKFLqbeqLynhwZUgcQsecbJDl_5Yhp1vxLP77XXWAoKKHtFUHHPfLMf1DqSY5K46SdAXumTxHIsVyOY9kBzVCRdqykpVEuhuXIEXMcqkVNf9M3K-sJPT8ZyRGMsMWCB2ZoR2EgwjjziKlYiJ4QSTDZQ_fUAzHIsdrS9khdVJS3r_szpos__N6pEtxgZl7PkpLcc32xZ_MAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljb2NvyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_67iS8AYdOINZx2XjgZW3fx7i21BL10VqHUBQbeWYuav5q_ZNoTZuvct2FQa6GAE%2526sig%253DAOD64_1byzuNCY8U2XTHyTHjB4VrV0z05A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-C2x_jqEcCzVEGCY2YfsIZc0yGEH77Owtsg_9ld_XmsznhFhrlGw6meB9OLpB2vc-1meTYHDydHxWgBcyyLc1_zLW05Vddf34LIyiua1Ka4BI2En_SG_n7ZP7cMyOb2IBpVciiypwQfuQpZzJ4LYzex5sEDw1H7fnhfsYOUoxAGoxD-Jq0%2526cry%253D1%2526dbm_d%253DAKAmf-AHoQoC9QXH9qqMbpmrNWeLxT1ZMQ2jC9ugDsQ-sjpL-KrC8-uSKJmlM2gHc_hZQcaYmlVbXWMyzXpw1T0Ia0RtzN5XQJXca-ixJzInGOQqMpW7we6r6ZMjwJmObjDaPz_agQrNct8t-5T4iGJTUiFJE22ASeOlFBuyswA7ftvz7E6fK_NwgqzovroVUzSxvghXx76Wc36L2iI7g2swnnxPWMTR73_emYnUGWXIxHCnwaENOXU_4ACdjIX21BTxRrxHgs6rSM-Q_F-fzgQvY6E1zlcQwWt8Ro9Tm6yOPtp4OdYy4mOF3-8-OsiOG8fKWhpt3ak00UcBG3SO8qruWH0_3WJQaNxUxNi-3UOsZjdHkufKGspSHtnyLc-SIdJ_FABykNdLBAC5za4tRErPhYPWCdabs6jEmIZ1I7iaKOnmlYvF9mTLSjbgZ6AFJ6fXvncyXRieHQf1ydk260RvyH2_ehXKGfxYa67PZVudCn46oPrr20wJQmY9rfHKZjU5eko9Dnx29u4K34BJnidunzexW5zwVQ%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.143.112 Montpellier, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
51198c4135a9cbbf06c8928e14381d5682a8a65c083b9344bdb5cea3e1d050c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
attribution-reporting-register-source
{"source_event_id":"2500500030414281","destination":"https://mediaintelligence.de/","expiry":5184000,"filter_data":{}}
server
nginx
x-iplb-request-id
95581B52:8652_93878F70:01BB_65AF34BC_850512:4213
x-iplb-instance
53982
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
x-min-lb
n4
keep-alive
timeout=20
content-length
464
E66F448D03A5F72C711DC8E2E8952B65912637DCC211F26B8C1A1BB8D8C4A802AA5B75A58E27D636DE17E5F9E2A0D14235C96AC08AF3091E1CEC9D103DA80D74
assets.ad4m.at/logo/ Frame AD22
16 KB
17 KB
Image
General
Full URL
https://assets.ad4m.at/logo/E66F448D03A5F72C711DC8E2E8952B65912637DCC211F26B8C1A1BB8D8C4A802AA5B75A58E27D636DE17E5F9E2A0D14235C96AC08AF3091E1CEC9D103DA80D74
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=329291%2C14235%2C14222&b=Rx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=Qx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=aeb4625d8e949c8bf939b1f10179afd9%2F6652841475753835086&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116721&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC4e2mujSvZcerL56CmLAPitmIyAXE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0H--Mi-Gt7y4TL2OSo8j9-KkOjKySShJTOvhxFKvoGXDT7p0MeSGFbhl-P851SVR6vbIjSv6o4bv9cQwaarkB4rY_3we6CXPJIutGRA50s3aFsBJLxMz2QvcWNgTtfmDvmuEYfqdCkdzBN0xJaAanaFbDyICc97nFAKFLqbeqLynhwZUgcQsecbJDl_5Yhp1vxLP77XXWAoKKHtFUHHPfLMf1DqSY5K46SdAXumTxHIsVyOY9kBzVCRdqykpVEuhuXIEXMcqkVNf9M3K-sJPT8ZyRGMsMWCB2ZoR2EgwjjziKlYiJ4QSTDZQ_fUAzHIsdrS9khdVJS3r_szpos__N6pEtxgZl7PkpLcc32xZ_MAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljb2NvyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_67iS8AYdOINZx2XjgZW3fx7i21BL10VqHUBQbeWYuav5q_ZNoTZuvct2FQa6GAE%2526sig%253DAOD64_1byzuNCY8U2XTHyTHjB4VrV0z05A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-C2x_jqEcCzVEGCY2YfsIZc0yGEH77Owtsg_9ld_XmsznhFhrlGw6meB9OLpB2vc-1meTYHDydHxWgBcyyLc1_zLW05Vddf34LIyiua1Ka4BI2En_SG_n7ZP7cMyOb2IBpVciiypwQfuQpZzJ4LYzex5sEDw1H7fnhfsYOUoxAGoxD-Jq0%2526cry%253D1%2526dbm_d%253DAKAmf-AHoQoC9QXH9qqMbpmrNWeLxT1ZMQ2jC9ugDsQ-sjpL-KrC8-uSKJmlM2gHc_hZQcaYmlVbXWMyzXpw1T0Ia0RtzN5XQJXca-ixJzInGOQqMpW7we6r6ZMjwJmObjDaPz_agQrNct8t-5T4iGJTUiFJE22ASeOlFBuyswA7ftvz7E6fK_NwgqzovroVUzSxvghXx76Wc36L2iI7g2swnnxPWMTR73_emYnUGWXIxHCnwaENOXU_4ACdjIX21BTxRrxHgs6rSM-Q_F-fzgQvY6E1zlcQwWt8Ro9Tm6yOPtp4OdYy4mOF3-8-OsiOG8fKWhpt3ak00UcBG3SO8qruWH0_3WJQaNxUxNi-3UOsZjdHkufKGspSHtnyLc-SIdJ_FABykNdLBAC5za4tRErPhYPWCdabs6jEmIZ1I7iaKOnmlYvF9mTLSjbgZ6AFJ6fXvncyXRieHQf1ydk260RvyH2_ehXKGfxYa67PZVudCn46oPrr20wJQmY9rfHKZjU5eko9Dnx29u4K34BJnidunzexW5zwVQ%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01170050458513699e926b282be71d0ea577e944cecaa8867c7188141235cfd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
908304
cf-polished
origFmt=png, origSize=45372
alt-svc
h3=":443"; ma=86400
content-length
16832
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 15:38:35 GMT
server
cloudflare
etag
"a4a1e58c74f9a1a30782902ef5c6a89f"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUG0STXEERr0VyJ%2FnYVm7akdZaPPqJijQQGdQ0fmGPDCc%2F4e2VJctZ4nUCuFbOmtqTxbDTivZXQTQ34vxQ3tnJLHQZg%2FPhBuSe4dV4clXNFZSrVfPqqBJ5b%2FdgGTcR7VkdCuiDF0Y1CO7oii"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d013c5c736ae1-FRA
39CE004B40BDF0ECD4AFFA25649A4E33112ABBB644F35C52D83968F273ECAC19EA76CCEC7D0DE7E21EE99E867C140A2EADA1B6DF05B3B64B7C201789B7B9FF1C
assets.ad4m.at/ Frame AD22
44 KB
44 KB
Image
General
Full URL
https://assets.ad4m.at/39CE004B40BDF0ECD4AFFA25649A4E33112ABBB644F35C52D83968F273ECAC19EA76CCEC7D0DE7E21EE99E867C140A2EADA1B6DF05B3B64B7C201789B7B9FF1C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=329291%2C14235%2C14222&b=Rx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=Qx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=aeb4625d8e949c8bf939b1f10179afd9%2F6652841475753835086&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116721&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC4e2mujSvZcerL56CmLAPitmIyAXE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0H--Mi-Gt7y4TL2OSo8j9-KkOjKySShJTOvhxFKvoGXDT7p0MeSGFbhl-P851SVR6vbIjSv6o4bv9cQwaarkB4rY_3we6CXPJIutGRA50s3aFsBJLxMz2QvcWNgTtfmDvmuEYfqdCkdzBN0xJaAanaFbDyICc97nFAKFLqbeqLynhwZUgcQsecbJDl_5Yhp1vxLP77XXWAoKKHtFUHHPfLMf1DqSY5K46SdAXumTxHIsVyOY9kBzVCRdqykpVEuhuXIEXMcqkVNf9M3K-sJPT8ZyRGMsMWCB2ZoR2EgwjjziKlYiJ4QSTDZQ_fUAzHIsdrS9khdVJS3r_szpos__N6pEtxgZl7PkpLcc32xZ_MAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljb2NvyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_67iS8AYdOINZx2XjgZW3fx7i21BL10VqHUBQbeWYuav5q_ZNoTZuvct2FQa6GAE%2526sig%253DAOD64_1byzuNCY8U2XTHyTHjB4VrV0z05A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-C2x_jqEcCzVEGCY2YfsIZc0yGEH77Owtsg_9ld_XmsznhFhrlGw6meB9OLpB2vc-1meTYHDydHxWgBcyyLc1_zLW05Vddf34LIyiua1Ka4BI2En_SG_n7ZP7cMyOb2IBpVciiypwQfuQpZzJ4LYzex5sEDw1H7fnhfsYOUoxAGoxD-Jq0%2526cry%253D1%2526dbm_d%253DAKAmf-AHoQoC9QXH9qqMbpmrNWeLxT1ZMQ2jC9ugDsQ-sjpL-KrC8-uSKJmlM2gHc_hZQcaYmlVbXWMyzXpw1T0Ia0RtzN5XQJXca-ixJzInGOQqMpW7we6r6ZMjwJmObjDaPz_agQrNct8t-5T4iGJTUiFJE22ASeOlFBuyswA7ftvz7E6fK_NwgqzovroVUzSxvghXx76Wc36L2iI7g2swnnxPWMTR73_emYnUGWXIxHCnwaENOXU_4ACdjIX21BTxRrxHgs6rSM-Q_F-fzgQvY6E1zlcQwWt8Ro9Tm6yOPtp4OdYy4mOF3-8-OsiOG8fKWhpt3ak00UcBG3SO8qruWH0_3WJQaNxUxNi-3UOsZjdHkufKGspSHtnyLc-SIdJ_FABykNdLBAC5za4tRErPhYPWCdabs6jEmIZ1I7iaKOnmlYvF9mTLSjbgZ6AFJ6fXvncyXRieHQf1ydk260RvyH2_ehXKGfxYa67PZVudCn46oPrr20wJQmY9rfHKZjU5eko9Dnx29u4K34BJnidunzexW5zwVQ%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
738e8e4babe4f26dc496be3b1eed919ade66e46a7c4d2bf25029c3dd01f4b8c1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
280717
cf-polished
qual=85, origFmt=jpeg, origSize=114828
alt-svc
h3=":443"; ma=86400
content-length
44698
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 13:30:03 GMT
server
cloudflare
etag
"c70fe60a5e89d6cf5912a08191db5823"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teu4MdzkTZbBX7BvkAlrFFeoTzUM%2Bg8JK2yaM2i7HHQ7mvFtZJnxsmTK45Yl%2BYSGZCkvwqq8QU10T64IddA%2FhhQaPk56PDFKTBCE7LY0MTmUIAEZe6agf4uqgbABBJzq4vhLZLNakvvsEcVf"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d013c5c746ae1-FRA
cshow.php
www.awin1.com/ Frame AD22
43 B
704 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2087405&v=12112&q=326715&r=412871&pv=1&pref3=oneiddEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCjoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=329291%2C14235%2C14222&b=Rx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=Qx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=aeb4625d8e949c8bf939b1f10179afd9%2F6652841475753835086&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116721&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC4e2mujSvZcerL56CmLAPitmIyAXE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0H--Mi-Gt7y4TL2OSo8j9-KkOjKySShJTOvhxFKvoGXDT7p0MeSGFbhl-P851SVR6vbIjSv6o4bv9cQwaarkB4rY_3we6CXPJIutGRA50s3aFsBJLxMz2QvcWNgTtfmDvmuEYfqdCkdzBN0xJaAanaFbDyICc97nFAKFLqbeqLynhwZUgcQsecbJDl_5Yhp1vxLP77XXWAoKKHtFUHHPfLMf1DqSY5K46SdAXumTxHIsVyOY9kBzVCRdqykpVEuhuXIEXMcqkVNf9M3K-sJPT8ZyRGMsMWCB2ZoR2EgwjjziKlYiJ4QSTDZQ_fUAzHIsdrS9khdVJS3r_szpos__N6pEtxgZl7PkpLcc32xZ_MAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljb2NvyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_67iS8AYdOINZx2XjgZW3fx7i21BL10VqHUBQbeWYuav5q_ZNoTZuvct2FQa6GAE%2526sig%253DAOD64_1byzuNCY8U2XTHyTHjB4VrV0z05A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-C2x_jqEcCzVEGCY2YfsIZc0yGEH77Owtsg_9ld_XmsznhFhrlGw6meB9OLpB2vc-1meTYHDydHxWgBcyyLc1_zLW05Vddf34LIyiua1Ka4BI2En_SG_n7ZP7cMyOb2IBpVciiypwQfuQpZzJ4LYzex5sEDw1H7fnhfsYOUoxAGoxD-Jq0%2526cry%253D1%2526dbm_d%253DAKAmf-AHoQoC9QXH9qqMbpmrNWeLxT1ZMQ2jC9ugDsQ-sjpL-KrC8-uSKJmlM2gHc_hZQcaYmlVbXWMyzXpw1T0Ia0RtzN5XQJXca-ixJzInGOQqMpW7we6r6ZMjwJmObjDaPz_agQrNct8t-5T4iGJTUiFJE22ASeOlFBuyswA7ftvz7E6fK_NwgqzovroVUzSxvghXx76Wc36L2iI7g2swnnxPWMTR73_emYnUGWXIxHCnwaENOXU_4ACdjIX21BTxRrxHgs6rSM-Q_F-fzgQvY6E1zlcQwWt8Ro9Tm6yOPtp4OdYy4mOF3-8-OsiOG8fKWhpt3ak00UcBG3SO8qruWH0_3WJQaNxUxNi-3UOsZjdHkufKGspSHtnyLc-SIdJ_FABykNdLBAC5za4tRErPhYPWCdabs6jEmIZ1I7iaKOnmlYvF9mTLSjbgZ6AFJ6fXvncyXRieHQf1ydk260RvyH2_ehXKGfxYa67PZVudCn46oPrr20wJQmY9rfHKZjU5eko9Dnx29u4K34BJnidunzexW5zwVQ%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:36 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
F99F7B1440ABEB022C430998FF44CDAB82F3CD00A36700CC79228A3DE9A87038D435D34B685200F2B70F978A7EE9C99F0C4437241E8F180117C8DF3E4EC05EC4
assets.ad4m.at/logo/ Frame AD22
11 KB
11 KB
Image
General
Full URL
https://assets.ad4m.at/logo/F99F7B1440ABEB022C430998FF44CDAB82F3CD00A36700CC79228A3DE9A87038D435D34B685200F2B70F978A7EE9C99F0C4437241E8F180117C8DF3E4EC05EC4
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=329291%2C14235%2C14222&b=Rx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=Qx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=aeb4625d8e949c8bf939b1f10179afd9%2F6652841475753835086&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116721&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC4e2mujSvZcerL56CmLAPitmIyAXE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0H--Mi-Gt7y4TL2OSo8j9-KkOjKySShJTOvhxFKvoGXDT7p0MeSGFbhl-P851SVR6vbIjSv6o4bv9cQwaarkB4rY_3we6CXPJIutGRA50s3aFsBJLxMz2QvcWNgTtfmDvmuEYfqdCkdzBN0xJaAanaFbDyICc97nFAKFLqbeqLynhwZUgcQsecbJDl_5Yhp1vxLP77XXWAoKKHtFUHHPfLMf1DqSY5K46SdAXumTxHIsVyOY9kBzVCRdqykpVEuhuXIEXMcqkVNf9M3K-sJPT8ZyRGMsMWCB2ZoR2EgwjjziKlYiJ4QSTDZQ_fUAzHIsdrS9khdVJS3r_szpos__N6pEtxgZl7PkpLcc32xZ_MAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljb2NvyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_67iS8AYdOINZx2XjgZW3fx7i21BL10VqHUBQbeWYuav5q_ZNoTZuvct2FQa6GAE%2526sig%253DAOD64_1byzuNCY8U2XTHyTHjB4VrV0z05A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-C2x_jqEcCzVEGCY2YfsIZc0yGEH77Owtsg_9ld_XmsznhFhrlGw6meB9OLpB2vc-1meTYHDydHxWgBcyyLc1_zLW05Vddf34LIyiua1Ka4BI2En_SG_n7ZP7cMyOb2IBpVciiypwQfuQpZzJ4LYzex5sEDw1H7fnhfsYOUoxAGoxD-Jq0%2526cry%253D1%2526dbm_d%253DAKAmf-AHoQoC9QXH9qqMbpmrNWeLxT1ZMQ2jC9ugDsQ-sjpL-KrC8-uSKJmlM2gHc_hZQcaYmlVbXWMyzXpw1T0Ia0RtzN5XQJXca-ixJzInGOQqMpW7we6r6ZMjwJmObjDaPz_agQrNct8t-5T4iGJTUiFJE22ASeOlFBuyswA7ftvz7E6fK_NwgqzovroVUzSxvghXx76Wc36L2iI7g2swnnxPWMTR73_emYnUGWXIxHCnwaENOXU_4ACdjIX21BTxRrxHgs6rSM-Q_F-fzgQvY6E1zlcQwWt8Ro9Tm6yOPtp4OdYy4mOF3-8-OsiOG8fKWhpt3ak00UcBG3SO8qruWH0_3WJQaNxUxNi-3UOsZjdHkufKGspSHtnyLc-SIdJ_FABykNdLBAC5za4tRErPhYPWCdabs6jEmIZ1I7iaKOnmlYvF9mTLSjbgZ6AFJ6fXvncyXRieHQf1ydk260RvyH2_ehXKGfxYa67PZVudCn46oPrr20wJQmY9rfHKZjU5eko9Dnx29u4K34BJnidunzexW5zwVQ%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3381eefb1d27cb110697afc4e4d12efc2e245609113ef6e53d4caf1db9d5f5e0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
291321
cf-polished
origFmt=png, origSize=14365
alt-svc
h3=":443"; ma=86400
content-length
10826
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 15:40:41 GMT
server
cloudflare
etag
"9bf9c6b0623b3198e5f2a1630ee7175c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ov3CKODe2Xb5%2BZ4TauUA%2Bch2i%2BEJJ35%2B0Uc1ESaoY2x102GPxpf9rmmk0hdYEZjav%2BEFhk8KBX6gyIZFND0Hi02lvBa8pkHE36OnC%2FM6iUpPSEfGWIotIbjzvWIhUnTiBv09SMAO76IrEUAw"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d013c5c766ae1-FRA
87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
assets.ad4m.at/ Frame AD22
8 KB
8 KB
Image
General
Full URL
https://assets.ad4m.at/87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=329291%2C14235%2C14222&b=Rx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=Qx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=aeb4625d8e949c8bf939b1f10179afd9%2F6652841475753835086&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116721&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC4e2mujSvZcerL56CmLAPitmIyAXE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0H--Mi-Gt7y4TL2OSo8j9-KkOjKySShJTOvhxFKvoGXDT7p0MeSGFbhl-P851SVR6vbIjSv6o4bv9cQwaarkB4rY_3we6CXPJIutGRA50s3aFsBJLxMz2QvcWNgTtfmDvmuEYfqdCkdzBN0xJaAanaFbDyICc97nFAKFLqbeqLynhwZUgcQsecbJDl_5Yhp1vxLP77XXWAoKKHtFUHHPfLMf1DqSY5K46SdAXumTxHIsVyOY9kBzVCRdqykpVEuhuXIEXMcqkVNf9M3K-sJPT8ZyRGMsMWCB2ZoR2EgwjjziKlYiJ4QSTDZQ_fUAzHIsdrS9khdVJS3r_szpos__N6pEtxgZl7PkpLcc32xZ_MAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljb2NvyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_67iS8AYdOINZx2XjgZW3fx7i21BL10VqHUBQbeWYuav5q_ZNoTZuvct2FQa6GAE%2526sig%253DAOD64_1byzuNCY8U2XTHyTHjB4VrV0z05A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-C2x_jqEcCzVEGCY2YfsIZc0yGEH77Owtsg_9ld_XmsznhFhrlGw6meB9OLpB2vc-1meTYHDydHxWgBcyyLc1_zLW05Vddf34LIyiua1Ka4BI2En_SG_n7ZP7cMyOb2IBpVciiypwQfuQpZzJ4LYzex5sEDw1H7fnhfsYOUoxAGoxD-Jq0%2526cry%253D1%2526dbm_d%253DAKAmf-AHoQoC9QXH9qqMbpmrNWeLxT1ZMQ2jC9ugDsQ-sjpL-KrC8-uSKJmlM2gHc_hZQcaYmlVbXWMyzXpw1T0Ia0RtzN5XQJXca-ixJzInGOQqMpW7we6r6ZMjwJmObjDaPz_agQrNct8t-5T4iGJTUiFJE22ASeOlFBuyswA7ftvz7E6fK_NwgqzovroVUzSxvghXx76Wc36L2iI7g2swnnxPWMTR73_emYnUGWXIxHCnwaENOXU_4ACdjIX21BTxRrxHgs6rSM-Q_F-fzgQvY6E1zlcQwWt8Ro9Tm6yOPtp4OdYy4mOF3-8-OsiOG8fKWhpt3ak00UcBG3SO8qruWH0_3WJQaNxUxNi-3UOsZjdHkufKGspSHtnyLc-SIdJ_FABykNdLBAC5za4tRErPhYPWCdabs6jEmIZ1I7iaKOnmlYvF9mTLSjbgZ6AFJ6fXvncyXRieHQf1ydk260RvyH2_ehXKGfxYa67PZVudCn46oPrr20wJQmY9rfHKZjU5eko9Dnx29u4K34BJnidunzexW5zwVQ%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec687923f2e182639e80a81f1eaf224c1b696157eb1f3a4c5caed8f91a57fea

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
282277
cf-polished
origFmt=png, origSize=8019
alt-svc
h3=":443"; ma=86400
content-length
7958
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 Nov 2023 15:33:04 GMT
server
cloudflare
etag
"1e4fa7b99cb7b50b4a1d7346d08f09ce"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KS%2BbNdiE9rhXlJqFs2ApcXYsQYteH5zlQoA4Jg9B24fd7xoO04yT4wJ4NnU0pKjwiYjTTL1vId%2FAchgok0%2BNdbG9yl5S0jl%2Fo9ICBBGZR%2BaGWtbD2xbwNzS2aPSZSG3bmkLo8mrFpi0ds6%2FG"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d013c5c776ae1-FRA
ztpv.php
www.conrad.ch/ Frame AD22
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2246263&v=11467&q=346415&r=412871&pv=1&pref3=oneidJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtXoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.ch/ztpv.php?awc=11467_412871_1705981116_e42fd530-b9a0-11ee-b3cc-2233d0695e79&insert=AW&gdpr=0&gdpr_consent=
0
198 B
Image
General
Full URL
https://www.conrad.ch/ztpv.php?awc=11467_412871_1705981116_e42fd530-b9a0-11ee-b3cc-2233d0695e79&insert=AW&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=329291%2C14235%2C14222&b=Rx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7%2CdEmTEfe7dMu4reuEHjHwtEtb69h3T4T5WCj%2CJBWFzfmY3qaZDxUBH6H7tptB8wfXTgT4WtX&f=Qx8T4fYGZ5Cp3DZsxH5HYt9C77XDaDT4TGqHV%2CK13CRfR5x2fK1Bf5HMHktzCB9Ec8TAT8Gaq%2CGjJUBfjgz1T4jVuKHeHGtBCwWVs2TYTJAHE&c=728&d=90&e=&g=aeb4625d8e949c8bf939b1f10179afd9%2F6652841475753835086&i=113349%2C20533%2C17712&j=22%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116721&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC4e2mujSvZcerL56CmLAPitmIyAXE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAiFew2lAQLI-qAMByAObBKoEkAJP0H--Mi-Gt7y4TL2OSo8j9-KkOjKySShJTOvhxFKvoGXDT7p0MeSGFbhl-P851SVR6vbIjSv6o4bv9cQwaarkB4rY_3we6CXPJIutGRA50s3aFsBJLxMz2QvcWNgTtfmDvmuEYfqdCkdzBN0xJaAanaFbDyICc97nFAKFLqbeqLynhwZUgcQsecbJDl_5Yhp1vxLP77XXWAoKKHtFUHHPfLMf1DqSY5K46SdAXumTxHIsVyOY9kBzVCRdqykpVEuhuXIEXMcqkVNf9M3K-sJPT8ZyRGMsMWCB2ZoR2EgwjjziKlYiJ4QSTDZQ_fUAzHIsdrS9khdVJS3r_szpos__N6pEtxgZl7PkpLcc32xZ_MAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljb2NvyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_67iS8AYdOINZx2XjgZW3fx7i21BL10VqHUBQbeWYuav5q_ZNoTZuvct2FQa6GAE%2526sig%253DAOD64_1byzuNCY8U2XTHyTHjB4VrV0z05A%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-C2x_jqEcCzVEGCY2YfsIZc0yGEH77Owtsg_9ld_XmsznhFhrlGw6meB9OLpB2vc-1meTYHDydHxWgBcyyLc1_zLW05Vddf34LIyiua1Ka4BI2En_SG_n7ZP7cMyOb2IBpVciiypwQfuQpZzJ4LYzex5sEDw1H7fnhfsYOUoxAGoxD-Jq0%2526cry%253D1%2526dbm_d%253DAKAmf-AHoQoC9QXH9qqMbpmrNWeLxT1ZMQ2jC9ugDsQ-sjpL-KrC8-uSKJmlM2gHc_hZQcaYmlVbXWMyzXpw1T0Ia0RtzN5XQJXca-ixJzInGOQqMpW7we6r6ZMjwJmObjDaPz_agQrNct8t-5T4iGJTUiFJE22ASeOlFBuyswA7ftvz7E6fK_NwgqzovroVUzSxvghXx76Wc36L2iI7g2swnnxPWMTR73_emYnUGWXIxHCnwaENOXU_4ACdjIX21BTxRrxHgs6rSM-Q_F-fzgQvY6E1zlcQwWt8Ro9Tm6yOPtp4OdYy4mOF3-8-OsiOG8fKWhpt3ak00UcBG3SO8qruWH0_3WJQaNxUxNi-3UOsZjdHkufKGspSHtnyLc-SIdJ_FABykNdLBAC5za4tRErPhYPWCdabs6jEmIZ1I7iaKOnmlYvF9mTLSjbgZ6AFJ6fXvncyXRieHQf1ydk260RvyH2_ehXKGfxYa67PZVudCn46oPrr20wJQmY9rfHKZjU5eko9Dnx29u4K34BJnidunzexW5zwVQ%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:bae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache
cf-ray
849d01406f751c2a-FRA
content-length
0
expires
-1

Redirect headers

Date
Tue, 23 Jan 2024 03:38:36 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.ch/ztpv.php?awc=11467_412871_1705981116_e42fd530-b9a0-11ee-b3cc-2233d0695e79&insert=AW&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
rar
as.ad4m.at/ad/ Frame F8A1
11 KB
5 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=14184%2C1174630%2C14231&b=YxeTrfzrEwc9P1FVH9HetQteZZFAT1TdpHr%2CdEmTEfe7dMuDMRxuEHjHwtEtABVdT3T4T5WCj%2C8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk&f=q4AcmfBKJYcbxDSZHgHDtRCwGGuPTgTJ2H3%2CK13CRfR5x2fer5wC5HMHktzCXr68a8TAT8Gaq%2CZx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ&c=728&d=90&e=&g=be7ad2aae831f2d104dbfa74c93c7ccd%2F9688348786189972242&i=17952%2C306304%2C17833&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116797&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCgp0LujSvZeesOrLJmLAPu9W6UMT-wtJop4OKpNQL-y4QASC35YQhYPWVzoHgBMgBCakChxZyOYpCsj6oAwHIA5sEqgSQAk_Q-MARynjIw2DAXL1cgw9m2fCt7VkFZXa2RS1lM4u40ReIZMxP83PLfX2jivgP7Y4lxqfaYN7G-KUib0HayE2cyWt2QAC6nvRsYBYY_S9g-k6hwUYZdB8hvsR2JfTCFONjXLF8HCoaHHNnAjqQReOT35hcf8QjG_inrF4H2jJHzCCmSEW3Ewnb9wCu5oT8wbxqcGca4SnwJIEzdnlxl4mrQdSglfoFMYViEZGqPXzktpj8A_sdAD50rqWjN-tfq5Wwd-wrrHnJ-vdMhrROgc0Ie4gcB92JpD_8kWsLbJhYTTMhnlVHBwVJlO8zh2XnNTgn2KcYZzJQIsFM4CTg0xox0x3wGopO7xlW7BcJ_BL0wASx0aXUOOAEA4gFwc_7eJAGAaAGTYAHgY7yN6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARhfMgKKAjoEgECAQEi9_cE6WMPU5vLK8oMD8ggNYmlkZGVyLTIwMTMzNoAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_mr2gDCcx2rxvT3HZ0UDOYuqbe6FpBUZ6ysTpQA_OfOw2134FEhnKLdQAnZr9GAE%2526sig%253DAOD64_37_aOjeZtYud-o-68C64nJKEVn4w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AdysAgWGq1N32-QTGjnCco2UKzz6JHYpSutanydFxMzmm-oUDNT1amp5GZpgZ0qzYYEXwqHGUWq367KFOIh-bAP4BCNHFr3KJETpwXtiJ-SHCKBhfhMtGt76wf17or2mdlGXqAFIwNmAb3SGl5k29gmFuHnPJ9cgSYW4bm4TU4f8-NH-Q%2526cry%253D1%2526dbm_d%253DAKAmf-CPdwX3SjzkrklTnw87_k7tU2EDQCFspuzMVTcDzdDQM1i864zhecfDtESBCmKRPjS2bJNdgxdGp06qSqUKu-X7g2vaeQreG4PctWcN3jtqJ1nStqvnAv2K6x_yMTlcg-UJlpBRG18e9UvBuT5hgne3d6eX89A_ULlqkg8U4meO0zHPvQxLsFlOaAc1bHD-QlHKiT0V-r_BrudiBpgiL0rE-sGnGbLjcfZkEyXzTMYL3Bac1Sj8HuyNdWhDVhL26tUG6I_NCIpKXV-GDkdWEzh14zdOB-IJ69ce4FL3O_ySFot0KqON0AVC-vJmnDs01eJRr4dVkU6viTzaVwbVta9-jpnr9dhpE-LOGAnT0Q7qZfwQeVTJJJYK8XEhrrTRBIs-dIYwWZpeWVj3nYSQn44mxRYIuBOVj9ZzTdPkns0PO9mdnMc_EFGsGNogy3GTdwgZs-RV86UpZVIZOWBJ-h_xr3eZz8TmBEWSNWtFUclTO_TOb-1sg2b09MydubRtgaeZUa0sC5Ede4eX_ImrmeoqZhYQmw%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f46e716c860f5553ebba27e8f8e4099720df32dfdd26145458f3bc31d12e6849
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
849d013c5c6e6ae1-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:36 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
Standard
s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 5646
91 KB
39 KB
Script
General
Full URL
https://s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ed8343699e054a0900f23319e31cba32ad43bf77136313508ea25d86073366bb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
last-modified
Tue, 19 Dec 2023 10:28:27 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 19 Jan 2024 16:52:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0066
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BQQhsuzSvZaK7Of3b7_UPj7aqiAoAAAAAOAHgBAI&bg=!i4iliMfNAAa8BdJLnAU7ADQBe5WfOKXWNd2keCTtMN5l7Mb5GGEhqaC2qzcQdCCvf7Uqzj42BQixKA1KiDoRqTv4oepqAgAAAMxSAAAAAWgBB5kDRab9LTtVnpZf5rK0mMCiOA_6H4qmzPolLRJhgX1cRFb_ozib4l_bJDntC8UcsLpuk0AjXQ3jCw75mAizEay2ybSkkdLKPKDXg_fNDM4LSPcIUOTaS_hyxWUxWJFo0z9kgxz-fTCul2kNn1H-8evVSnUKwQr4rwrLk5AYjuquHfGolPdlf61bBjpa9GaEOXClWLOCgnMA6dyQC2-93Ffe-wUYaBmPBNzVZYGVpGF_J71J-SKyqBtPNuzocmfYhk5W1_wjYsy5aaftlz1iRtN1JiPMIzeg6tARtr0Fan9ju1zWnXEJpyBLx7Bn4oQ6PGWMxKRHyvfeyl38zKNpLBvOxQ5cY9QoEQeF0UNHPx3DN9SWjFCVYKhTUyFtXoJn38cWMvmEQk_DjM3mahSvfp_t9dUvGCd_hr62gdMjVn_KZltv_KcfKm8z93ueTkuuFrxmjO5_ilZLLfjo2ueuWUOikZWij5UYWmY_LmXxLFdKXRJ6NdnovWxIoHvNNqn9nzj0kWhUl_RuNiIl4VfXx0R4CBSkDjksT6MxS55JTCkLUnJNKog_xK9U4Xibhbuj4PY5VwNgSLzWl9SV9Vqo7yuF0ypHTA2-NPgLdxb4YgsWxekKj76U3i_dHFeFW_vGKNNdHyTvNAbXNe0g89r8E4fuuNYGp0H45KH0_v4Pe_kIsOSJvXVAE48Kt6kdflgTOFtrKoX-MZ_C_kLrviN4ugF8FOHzkOo8xmT-Eu9Kh8gjpyv78pYT65xnD_DUOaYr9JiACI0UeSY5NVC9ovfw4iUKofAdpO2ftViBVuQDT7TOTpo2zv9kjZkIBafLWzlj-GsDNOmvfJnKuwz9o30hGVDtgcR6h2Oy4nKo4G7zR9_nvpwYw3fz4zxWyhqvh2snSR5tyPsB6AWiku2D1D2tl9JXaRjgf3zxdxd9hImL6A0NoT6RdE6-By6OKOI2YD20F68ik5c7IMuOQkGl3UxeCOv2GryLBWSv6Tsrex8FdPvcLnugjkq2OVI93g454zEz50GqVRGGJGEUQP9_GAUtAgxFKGd0PQTU91zvRhEjfvbiIi-HPgcvyrQe3r4QHFEl2gUsgFznALgRZU8h7nruOhc2hZo76urKWw
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rar
as.ad4m.at/ad/ Frame 19AC
11 KB
5 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=517453%2C309728%2C336262&b=xEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2C62GfefmJR6aEBZ7TeHmHYtkt91eAS2T1T3qT7%2Ce7Vu3fYPkACJE1QtjHZHet1tM3DKtjTQTK8H1&f=YxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CXxZTzfw189h2Pmgh6H4Het1CweWQhBTkT5KCJ%2CDjmU3f3qxGTmW5ka3HmH9twCemrdTWTmTY8HV&c=728&d=90&e=&g=b3eea552cbcd5e364822515b1562eceb%2F6690139865749810000&i=196936%2C108139%2C114236&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116814&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCH73QuzSvZY6SBLP7kdUPpP2ykATE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Ollsh1G-4vDCEWoP9AO8pvCkteWlXHbCZocVFvvIqGzVAizTJZZeLGMwyz_c8Ap7U7vkHOuyspGBiy2RoxoZMQw_AKNo1WnH0RanzIzuvK80A4cdJ9IJoURaDBOz954f9Faxt5DUTSZgHzraLDLxUtAJ4LB-5JDQrKe_rL2jIlGnRdUUUi90BFhEi7xoQCEK8rCwqk5J6GTKeC45Mzhmpnz1Oj4jPzRMS-0JqKl2oXmpWxvHbmYHoPPc4lnzhNgAT07Yj6dBLwWM7voZP_0iYZlYFpCapJW_kbnPDENmOeGLy6huQu6TZoxfn4J40w_mwH_0oTXuDZbGoEeCkBaRlZ_11OYlLhCuh6pian8vcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljEuu3yyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_xIDoJIpJbZCUnw4nhwP-ojpHw6AdZaBjU1DCrGWnoK8tBaX_l-bu0iXaZafLGAE%2526sig%253DAOD64_2JCWKQErPPSsLKnqQb_Q-P4FmFvQ%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-CSNjCCd0pgBoB2ESMuCI63iMCtkQMOG-R9MC7GX5l9McMGNVtRy6-DBa5XSKTAGBzLPJRZm8Fn8hueo7Iu83YRYjsDpR8sBnvZPLzlTSXC0J2XIo9bHpJqmStGK191AFvwL2HczKcGAxuaVYPJB2fa5Sm2pBVe3rLnqChpykAJbQ5OYZY%2526cry%253D1%2526dbm_d%253DAKAmf-BFhcFtKRfwRa7oy0axT9W9nTdiRVSHli-a3YeHnJBaZxIAYTd_T_p87jqTHshmZeT_areCA0L32UO9AR_KxWalDF7eMSxjrHii9AqfBazpq6eNMhjGEFiBwIGIcr1wmzOxFpq-r8fBKzxW9qSHqYQDkVJfxi9RfOi_AQZVbB7XZUhFCI-Q5k7c1JzZ-wey-JqfBG6gsHwF3mQf367iTjBf6oM0P09Y7QMrMHxgwpFI3ICxpHsOK_JlR1Qa-U2OHKTKr7S5O9_ur0dBTzsEDq8sGcJzP99sIDeeglYWEQTVaTOa0aOKSyn_WbZ_o24YG5eWXW5FG7I0qU57mcCJkunTvPDvwL3y-nm9KcDlHGYgZ1hs_vZ14ujFy7tGw76B1THSBxrxHZQY81IQnxNZS0pP0RtmuCFwOKwav4d1wdkoUtFlcVO-LcsQwXOjYjOhJd13OGndHclPkQ-FyqNla2oFNC_1uSEwpUtFre5saUhq7QtnunulVn5uDqzZJCV_PyCRJdCEq3FoRAXeXMxIlV_BT87j8A%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cba26c68f8d6c20aa083b17d619b921289a8a201c8ee0431381e341c044fff46
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
849d013c6c7a6ae1-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:36 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame EE02
11 KB
5 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=726385%2C543072%2C189095&b=2bEa6f642McDbxwtVHWHkt8t2wk8sWT7TgGHg%2CxEpTQfEwD3Sb4EQSPHdHztQtmMA6CJT6TKkHA%2CzmWfRf4jMkTqXJeCpHBHMtqtPJGKfJTwTQBHW&f=4rmHEf2xVYC26ZesGH9HdtzCM8ZQhZTpT76fK%2CYxeTrfzrEwc9e5DaVH9HetgC6VxYUAT1TdpHr%2C8RpaDf2P46CRgXktgHJHEtqCewZGsPTwTpJHk&c=728&d=90&e=&g=3c7d15364fd15b38b0bd5426270ab2a6%2F4129257182803659990&i=74692%2C108188%2C75077&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116816&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTeOYuzSvZZyBD7fUmLAP3Yyr2APE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Nk5mX0ZTXZZ1S2YFHwvnaUOXCwDkQf6X3KJ08ch8evWc0pJl80RjziLuLFrgvaLAP3H0HuTiG-MtQy4v162vJTK3vOzyTRTu-DnipllzVIHtWR88-7FNCYoZNleUVTcDPqVGSK-z64cTcRV7q0W5bHN7wb1rIXyv1QYIl2WbNq_pxV173jCxaYxbW0hxRsxiji7YH8mc5NTCcN-SdgIJA3DkDvJkN_fnfFiDCCTaK-Ybwx5TzJ9kGtGNUVpBTYaoRw51iQwPONIs-cB-EKW9I4xrAe_KdkxRhjrVhyo9I_8kQqtbfl-ZhaazLrJBma5_78BXJOq8hQuXPHdCML2FAWIpfH8LLULWF3UCDqCFcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliFrfjyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_TGGW2Or_djVvr6u4ETjZNWPAtbvJLXZF3VQJEI5uSI-_ygRbpa-qHOeodXfGGAE%2526sig%253DAOD64_3jLkm-UN7j-jonGkimIAIjU0790Q%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Agb5TLx385SwMUF6-r0kwTFLkVmELfIV0ovq6X2yRo5We8iLq_Ij141h5KY_uBVvTtKvgihE2FQDfBoJv_Wlf1XOlNbRht-icYE4Z9t4tE_XjWw5RK1UetbFbKfUk7DZbv4VHXdISbk4i5a_Dp5naoLIsM0gJ9F_vC2DmWxUOo0raGzRg%2526cry%253D1%2526dbm_d%253DAKAmf-CkY45fHHXYtHehsh2Sv1b43ZbZMhoLktA7XWwM5GbJpsr0h7ChFcuqohMrNStAiMururUK3Ibj-bWmj4gsGUohHiHsPuuyoPTvvUiY67jiwj0F16zHQZRVPetFwBzA3doLipyVxwXOpCJ4gz612BT5cbtZewcPcOfeJ8oul7Qw056eJaW7smG-SqKyuZkHEri_3z1VVWpwrDx1Dfz88DC3nuFyBHGyJ6L8svHFJOOkCErxjkfOovOn74tluFj8f043NxWS9EwlmnV9quCgVhGAx8AHcQgs8hf8xScmKxLA7YKTQ6K1k9vGGKWADfhvmGhp84A1dJeUyNq_beYCGACIalnJOS0H4jfiv_8vyXh9_JlA_6K9ZneB8X8XwsFCYxnkQ60y6EJL1xlkb__anumO2Y12VS6tlycjVn1--HwyHB9cbYQBYCoZnwJuFOKyS8RRsnsXMLAw9-EUdLSAPDYFYPyw16jpTM710zyEfby7KnprdRBd3TcuEY8arWKzcugD5rDV7sFadCXkGFY8yzCb0jU97g%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fac2e8c5bb9f93b869197adb5a33f149e76cb76ce951bf1c9ae78d5d82e61a2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
849d013c6c7b6ae1-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:36 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
live_intent_sync
x.dlx.addthis.com/e/ Frame 3B42
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-9chB69L3rJXE67ww_jAptQYa47KTPOB1km_8mA
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=2ba2ab41-70c6-45d7-8951-9ef87add91a7
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=2ba2ab41-70c6-45d7-8951-9ef87add91a7&rd=Y
43 B
595 B
Image
General
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=2ba2ab41-70c6-45d7-8951-9ef87add91a7&rd=Y
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Server
72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-169-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Tue, 23 Jan 2024 03:38:38 GMT
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:38 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=2ba2ab41-70c6-45d7-8951-9ef87add91a7&rd=Y
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Tue, 23 Jan 2024 03:38:37 GMT
ZMAwryCI
sync-tm.everesttech.net/ct/upi/pid/ Frame 3B42
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Za80vAAQhl55OABU
85 B
160 B
Image
General
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Za80vAAQhl55OABU
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-mxp6972-MXP
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
2659
x-timer
S1705981118.509454,VS0,VE0
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
85
x-cache-hits
1017

Redirect headers

x-served-by
cache-mxp6972-MXP
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1705981117.880310,VS0,VE100
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Za80vAAQhl55OABU
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
tp_out
d.adroll.com/cm/index/ Frame 3B42
42 B
180 B
Image
General
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:9109:5249:ec1e:4708 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
getuid
ads.avct.cloud/ Frame 3B42
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex
0
0

dcm
s.amazon-adsystem.com/ Frame 3B42
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T0S81DQG7JKGQHARE07Q
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Za80ux4LORIGoWQwyWak5QAACFIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 3B42
43 B
601 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:a6fa:b563:be0e:7526 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 3B42
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d66a4b7b-03af-4ef7-a49c-f9a85e0344f9
43 B
737 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d66a4b7b-03af-4ef7-a49c-f9a85e0344f9
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zg1HC4q1QhlQqrS3FXSkWbh%2BuYEriBWP403DM8vJEK%2FHfA3W465Cu9HfdRQ58WW124y6BNySnITtZ6bhRMO1SF1i9YubhqD%2BwLibamPS4%2BxHpO6Ch%2B70QLsf84GxeTY6SWqs%2Bpj62mbcNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d013ce86b4d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d66a4b7b-03af-4ef7-a49c-f9a85e0344f9
date
Tue, 23 Jan 2024 03:38:36 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
ix
ad4m.at/ad/sim/ Frame 3B42
0
0
Image
General
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

htw-pixel.gif
js-sec.indexww.com/ht/ Frame 3B42
43 B
103 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Za80ux4LORIGoWQwyWak5QAA%262130
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
21
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
849d013c9a8a18ef-FRA
content-length
43
expires
Tue, 23 Jan 2024 07:38:36 GMT
/
track.adform.net/jsmetrics/ Frame 8CA3
43 B
208 B
Image
General
Full URL
https://track.adform.net/jsmetrics/?sid=756&rid=10188&cid=1737&adfserve=91&asset=74&deviceType=Desktop
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 28 Jul 2023 11:03:52 GMT
server
nginx
etag
"64c3a098-2b"
content-type
image/gif
accept-ranges
bytes
content-length
43
usermatch
ssum-sec.casalemedia.com/ Frame 6B02
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126bf005143e240bec00185c7265ea992808854b04e8d0c93a0fe815b6a6702b

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
849d013c883a4d22-FRA
content-encoding
br
content-type
text/html
date
Tue, 23 Jan 2024 03:38:36 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kc2f6rkkCFMtEvSvVpOZNR8RuvX9CXKxxD7ljNlejWhVvDXxMzaIj5h5rIotb1usAf2MzaNTT4tCqVNZuAciJohOS%2FMB8Q6G4bUSdFus1tH4UCEdt4cfNgli0HYdIARLCWNMlWrkNtS2lA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
track.adform.net/csimpr/ Frame 66E3
35 B
626 B
Ping
General
Full URL
https://track.adform.net/csimpr/?bn=67903448&csi=UB7FXwK_11zUo2AIcDDua3ySK_YRK_3s4UpKCNiU6RoJDwKV3Zer3AZU1ud_ztNq32Qo4o12s2b7PMN4Q4IwgSQf6BfgfukZEBQ5juPi97UDvP-67D9Y4w2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
Standard
s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 8CA3
85 KB
36 KB
Script
General
Full URL
https://s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
78825f2c0d076c5ece3f855790f01561ee9f71e52babe220c3931299bd51e6ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
last-modified
Tue, 19 Dec 2023 10:28:27 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Fri, 19 Jan 2024 16:52:32 GMT
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame F8A1
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14184%2C1174630%2C14231&b=YxeTrfzrEwc9P1FVH9HetQteZZFAT1TdpHr%2CdEmTEfe7dMuDMRxuEHjHwtEtABVdT3T4T5WCj%2C8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk&f=q4AcmfBKJYcbxDSZHgHDtRCwGGuPTgTJ2H3%2CK13CRfR5x2fer5wC5HMHktzCXr68a8TAT8Gaq%2CZx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ&c=728&d=90&e=&g=be7ad2aae831f2d104dbfa74c93c7ccd%2F9688348786189972242&i=17952%2C306304%2C17833&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116797&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCgp0LujSvZeesOrLJmLAPu9W6UMT-wtJop4OKpNQL-y4QASC35YQhYPWVzoHgBMgBCakChxZyOYpCsj6oAwHIA5sEqgSQAk_Q-MARynjIw2DAXL1cgw9m2fCt7VkFZXa2RS1lM4u40ReIZMxP83PLfX2jivgP7Y4lxqfaYN7G-KUib0HayE2cyWt2QAC6nvRsYBYY_S9g-k6hwUYZdB8hvsR2JfTCFONjXLF8HCoaHHNnAjqQReOT35hcf8QjG_inrF4H2jJHzCCmSEW3Ewnb9wCu5oT8wbxqcGca4SnwJIEzdnlxl4mrQdSglfoFMYViEZGqPXzktpj8A_sdAD50rqWjN-tfq5Wwd-wrrHnJ-vdMhrROgc0Ie4gcB92JpD_8kWsLbJhYTTMhnlVHBwVJlO8zh2XnNTgn2KcYZzJQIsFM4CTg0xox0x3wGopO7xlW7BcJ_BL0wASx0aXUOOAEA4gFwc_7eJAGAaAGTYAHgY7yN6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARhfMgKKAjoEgECAQEi9_cE6WMPU5vLK8oMD8ggNYmlkZGVyLTIwMTMzNoAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_mr2gDCcx2rxvT3HZ0UDOYuqbe6FpBUZ6ysTpQA_OfOw2134FEhnKLdQAnZr9GAE%2526sig%253DAOD64_37_aOjeZtYud-o-68C64nJKEVn4w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AdysAgWGq1N32-QTGjnCco2UKzz6JHYpSutanydFxMzmm-oUDNT1amp5GZpgZ0qzYYEXwqHGUWq367KFOIh-bAP4BCNHFr3KJETpwXtiJ-SHCKBhfhMtGt76wf17or2mdlGXqAFIwNmAb3SGl5k29gmFuHnPJ9cgSYW4bm4TU4f8-NH-Q%2526cry%253D1%2526dbm_d%253DAKAmf-CPdwX3SjzkrklTnw87_k7tU2EDQCFspuzMVTcDzdDQM1i864zhecfDtESBCmKRPjS2bJNdgxdGp06qSqUKu-X7g2vaeQreG4PctWcN3jtqJ1nStqvnAv2K6x_yMTlcg-UJlpBRG18e9UvBuT5hgne3d6eX89A_ULlqkg8U4meO0zHPvQxLsFlOaAc1bHD-QlHKiT0V-r_BrudiBpgiL0rE-sGnGbLjcfZkEyXzTMYL3Bac1Sj8HuyNdWhDVhL26tUG6I_NCIpKXV-GDkdWEzh14zdOB-IJ69ce4FL3O_ySFot0KqON0AVC-vJmnDs01eJRr4dVkU6viTzaVwbVta9-jpnr9dhpE-LOGAnT0Q7qZfwQeVTJJJYK8XEhrrTRBIs-dIYwWZpeWVj3nYSQn44mxRYIuBOVj9ZzTdPkns0PO9mdnMc_EFGsGNogy3GTdwgZs-RV86UpZVIZOWBJ-h_xr3eZz8TmBEWSNWtFUclTO_TOb-1sg2b09MydubRtgaeZUa0sC5Ede4eX_ImrmeoqZhYQmw%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=14184%2C1174630%2C14231&b=YxeTrfzrEwc9P1FVH9HetQteZZFAT1TdpHr%2CdEmTEfe7dMuDMRxuEHjHwtEtABVdT3T4T5WCj%2C8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk&f=q4AcmfBKJYcbxDSZHgHDtRCwGGuPTgTJ2H3%2CK13CRfR5x2fer5wC5HMHktzCXr68a8TAT8Gaq%2CZx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ&c=728&d=90&e=&g=be7ad2aae831f2d104dbfa74c93c7ccd%2F9688348786189972242&i=17952%2C306304%2C17833&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116797&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCgp0LujSvZeesOrLJmLAPu9W6UMT-wtJop4OKpNQL-y4QASC35YQhYPWVzoHgBMgBCakChxZyOYpCsj6oAwHIA5sEqgSQAk_Q-MARynjIw2DAXL1cgw9m2fCt7VkFZXa2RS1lM4u40ReIZMxP83PLfX2jivgP7Y4lxqfaYN7G-KUib0HayE2cyWt2QAC6nvRsYBYY_S9g-k6hwUYZdB8hvsR2JfTCFONjXLF8HCoaHHNnAjqQReOT35hcf8QjG_inrF4H2jJHzCCmSEW3Ewnb9wCu5oT8wbxqcGca4SnwJIEzdnlxl4mrQdSglfoFMYViEZGqPXzktpj8A_sdAD50rqWjN-tfq5Wwd-wrrHnJ-vdMhrROgc0Ie4gcB92JpD_8kWsLbJhYTTMhnlVHBwVJlO8zh2XnNTgn2KcYZzJQIsFM4CTg0xox0x3wGopO7xlW7BcJ_BL0wASx0aXUOOAEA4gFwc_7eJAGAaAGTYAHgY7yN6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARhfMgKKAjoEgECAQEi9_cE6WMPU5vLK8oMD8ggNYmlkZGVyLTIwMTMzNoAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_mr2gDCcx2rxvT3HZ0UDOYuqbe6FpBUZ6ysTpQA_OfOw2134FEhnKLdQAnZr9GAE%2526sig%253DAOD64_37_aOjeZtYud-o-68C64nJKEVn4w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AdysAgWGq1N32-QTGjnCco2UKzz6JHYpSutanydFxMzmm-oUDNT1amp5GZpgZ0qzYYEXwqHGUWq367KFOIh-bAP4BCNHFr3KJETpwXtiJ-SHCKBhfhMtGt76wf17or2mdlGXqAFIwNmAb3SGl5k29gmFuHnPJ9cgSYW4bm4TU4f8-NH-Q%2526cry%253D1%2526dbm_d%253DAKAmf-CPdwX3SjzkrklTnw87_k7tU2EDQCFspuzMVTcDzdDQM1i864zhecfDtESBCmKRPjS2bJNdgxdGp06qSqUKu-X7g2vaeQreG4PctWcN3jtqJ1nStqvnAv2K6x_yMTlcg-UJlpBRG18e9UvBuT5hgne3d6eX89A_ULlqkg8U4meO0zHPvQxLsFlOaAc1bHD-QlHKiT0V-r_BrudiBpgiL0rE-sGnGbLjcfZkEyXzTMYL3Bac1Sj8HuyNdWhDVhL26tUG6I_NCIpKXV-GDkdWEzh14zdOB-IJ69ce4FL3O_ySFot0KqON0AVC-vJmnDs01eJRr4dVkU6viTzaVwbVta9-jpnr9dhpE-LOGAnT0Q7qZfwQeVTJJJYK8XEhrrTRBIs-dIYwWZpeWVj3nYSQn44mxRYIuBOVj9ZzTdPkns0PO9mdnMc_EFGsGNogy3GTdwgZs-RV86UpZVIZOWBJ-h_xr3eZz8TmBEWSNWtFUclTO_TOb-1sg2b09MydubRtgaeZUa0sC5Ede4eX_ImrmeoqZhYQmw%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
600876
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNLQ3qAhF%2FEKh7gdA9CsIE7q8TeotucbqQ3m%2FhmRP82Kd7l%2BSObyPf%2F4%2BshRt8uhkfI3OC2%2FmjNvB3F2KlGtZ%2FcHDj6e2VE2SfLP%2Bh%2FD5yeWAWTcVLhlcDhlh8LdyUYoDq1CxVcChIE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
849d013cbcad6ae1-FRA
expires
Wed, 24 Jan 2024 03:38:36 GMT
D96BCFD1626F222B96F878AD386A1FB31C385B24511404E2F5D6173B147867C651112B6904D72C556CF93CF9A02005190B6FB0311204242CC6C5707659EA9C3B
assets.ad4m.at/logo/ Frame F8A1
1 KB
2 KB
Image
General
Full URL
https://assets.ad4m.at/logo/D96BCFD1626F222B96F878AD386A1FB31C385B24511404E2F5D6173B147867C651112B6904D72C556CF93CF9A02005190B6FB0311204242CC6C5707659EA9C3B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14184%2C1174630%2C14231&b=YxeTrfzrEwc9P1FVH9HetQteZZFAT1TdpHr%2CdEmTEfe7dMuDMRxuEHjHwtEtABVdT3T4T5WCj%2C8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk&f=q4AcmfBKJYcbxDSZHgHDtRCwGGuPTgTJ2H3%2CK13CRfR5x2fer5wC5HMHktzCXr68a8TAT8Gaq%2CZx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ&c=728&d=90&e=&g=be7ad2aae831f2d104dbfa74c93c7ccd%2F9688348786189972242&i=17952%2C306304%2C17833&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116797&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCgp0LujSvZeesOrLJmLAPu9W6UMT-wtJop4OKpNQL-y4QASC35YQhYPWVzoHgBMgBCakChxZyOYpCsj6oAwHIA5sEqgSQAk_Q-MARynjIw2DAXL1cgw9m2fCt7VkFZXa2RS1lM4u40ReIZMxP83PLfX2jivgP7Y4lxqfaYN7G-KUib0HayE2cyWt2QAC6nvRsYBYY_S9g-k6hwUYZdB8hvsR2JfTCFONjXLF8HCoaHHNnAjqQReOT35hcf8QjG_inrF4H2jJHzCCmSEW3Ewnb9wCu5oT8wbxqcGca4SnwJIEzdnlxl4mrQdSglfoFMYViEZGqPXzktpj8A_sdAD50rqWjN-tfq5Wwd-wrrHnJ-vdMhrROgc0Ie4gcB92JpD_8kWsLbJhYTTMhnlVHBwVJlO8zh2XnNTgn2KcYZzJQIsFM4CTg0xox0x3wGopO7xlW7BcJ_BL0wASx0aXUOOAEA4gFwc_7eJAGAaAGTYAHgY7yN6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARhfMgKKAjoEgECAQEi9_cE6WMPU5vLK8oMD8ggNYmlkZGVyLTIwMTMzNoAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_mr2gDCcx2rxvT3HZ0UDOYuqbe6FpBUZ6ysTpQA_OfOw2134FEhnKLdQAnZr9GAE%2526sig%253DAOD64_37_aOjeZtYud-o-68C64nJKEVn4w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AdysAgWGq1N32-QTGjnCco2UKzz6JHYpSutanydFxMzmm-oUDNT1amp5GZpgZ0qzYYEXwqHGUWq367KFOIh-bAP4BCNHFr3KJETpwXtiJ-SHCKBhfhMtGt76wf17or2mdlGXqAFIwNmAb3SGl5k29gmFuHnPJ9cgSYW4bm4TU4f8-NH-Q%2526cry%253D1%2526dbm_d%253DAKAmf-CPdwX3SjzkrklTnw87_k7tU2EDQCFspuzMVTcDzdDQM1i864zhecfDtESBCmKRPjS2bJNdgxdGp06qSqUKu-X7g2vaeQreG4PctWcN3jtqJ1nStqvnAv2K6x_yMTlcg-UJlpBRG18e9UvBuT5hgne3d6eX89A_ULlqkg8U4meO0zHPvQxLsFlOaAc1bHD-QlHKiT0V-r_BrudiBpgiL0rE-sGnGbLjcfZkEyXzTMYL3Bac1Sj8HuyNdWhDVhL26tUG6I_NCIpKXV-GDkdWEzh14zdOB-IJ69ce4FL3O_ySFot0KqON0AVC-vJmnDs01eJRr4dVkU6viTzaVwbVta9-jpnr9dhpE-LOGAnT0Q7qZfwQeVTJJJYK8XEhrrTRBIs-dIYwWZpeWVj3nYSQn44mxRYIuBOVj9ZzTdPkns0PO9mdnMc_EFGsGNogy3GTdwgZs-RV86UpZVIZOWBJ-h_xr3eZz8TmBEWSNWtFUclTO_TOb-1sg2b09MydubRtgaeZUa0sC5Ede4eX_ImrmeoqZhYQmw%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66de149726bc4de094a778e3fb1698d0e8f763f6b8f480765253f41f546ce265

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1070057
cf-polished
origFmt=gif, origSize=3902
alt-svc
h3=":443"; ma=86400
content-length
1050
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 15:37:11 GMT
server
cloudflare
etag
"5e9e08a081b7e7827ec0cb9abb2acb46"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8C7zXymvO32VQHwFEsiBK3YHV4vwz6fcPM6ju9xyiut91HUm94%2FjsZ8f3XwmBmxggedVV6l6DH0ZuFqB42rHH76oWEz%2BWOjZDfiR3%2Fz7spVfKeGd01IkHNCZ9dUmG1kTOvslYD%2BW1rxQYti"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d013cbcb06ae1-FRA
306E46C2F6C85952C880B9964D607BB924108E3ED562D4DC833DB5105984784DD386927CBB490D21177D4F76AFDC9F7F875FEEDCC715F98ABFF84DC3A5B5B6DD
assets.ad4m.at/product_image/ Frame F8A1
303 KB
303 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/306E46C2F6C85952C880B9964D607BB924108E3ED562D4DC833DB5105984784DD386927CBB490D21177D4F76AFDC9F7F875FEEDCC715F98ABFF84DC3A5B5B6DD
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14184%2C1174630%2C14231&b=YxeTrfzrEwc9P1FVH9HetQteZZFAT1TdpHr%2CdEmTEfe7dMuDMRxuEHjHwtEtABVdT3T4T5WCj%2C8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk&f=q4AcmfBKJYcbxDSZHgHDtRCwGGuPTgTJ2H3%2CK13CRfR5x2fer5wC5HMHktzCXr68a8TAT8Gaq%2CZx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ&c=728&d=90&e=&g=be7ad2aae831f2d104dbfa74c93c7ccd%2F9688348786189972242&i=17952%2C306304%2C17833&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116797&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCgp0LujSvZeesOrLJmLAPu9W6UMT-wtJop4OKpNQL-y4QASC35YQhYPWVzoHgBMgBCakChxZyOYpCsj6oAwHIA5sEqgSQAk_Q-MARynjIw2DAXL1cgw9m2fCt7VkFZXa2RS1lM4u40ReIZMxP83PLfX2jivgP7Y4lxqfaYN7G-KUib0HayE2cyWt2QAC6nvRsYBYY_S9g-k6hwUYZdB8hvsR2JfTCFONjXLF8HCoaHHNnAjqQReOT35hcf8QjG_inrF4H2jJHzCCmSEW3Ewnb9wCu5oT8wbxqcGca4SnwJIEzdnlxl4mrQdSglfoFMYViEZGqPXzktpj8A_sdAD50rqWjN-tfq5Wwd-wrrHnJ-vdMhrROgc0Ie4gcB92JpD_8kWsLbJhYTTMhnlVHBwVJlO8zh2XnNTgn2KcYZzJQIsFM4CTg0xox0x3wGopO7xlW7BcJ_BL0wASx0aXUOOAEA4gFwc_7eJAGAaAGTYAHgY7yN6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARhfMgKKAjoEgECAQEi9_cE6WMPU5vLK8oMD8ggNYmlkZGVyLTIwMTMzNoAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_mr2gDCcx2rxvT3HZ0UDOYuqbe6FpBUZ6ysTpQA_OfOw2134FEhnKLdQAnZr9GAE%2526sig%253DAOD64_37_aOjeZtYud-o-68C64nJKEVn4w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AdysAgWGq1N32-QTGjnCco2UKzz6JHYpSutanydFxMzmm-oUDNT1amp5GZpgZ0qzYYEXwqHGUWq367KFOIh-bAP4BCNHFr3KJETpwXtiJ-SHCKBhfhMtGt76wf17or2mdlGXqAFIwNmAb3SGl5k29gmFuHnPJ9cgSYW4bm4TU4f8-NH-Q%2526cry%253D1%2526dbm_d%253DAKAmf-CPdwX3SjzkrklTnw87_k7tU2EDQCFspuzMVTcDzdDQM1i864zhecfDtESBCmKRPjS2bJNdgxdGp06qSqUKu-X7g2vaeQreG4PctWcN3jtqJ1nStqvnAv2K6x_yMTlcg-UJlpBRG18e9UvBuT5hgne3d6eX89A_ULlqkg8U4meO0zHPvQxLsFlOaAc1bHD-QlHKiT0V-r_BrudiBpgiL0rE-sGnGbLjcfZkEyXzTMYL3Bac1Sj8HuyNdWhDVhL26tUG6I_NCIpKXV-GDkdWEzh14zdOB-IJ69ce4FL3O_ySFot0KqON0AVC-vJmnDs01eJRr4dVkU6viTzaVwbVta9-jpnr9dhpE-LOGAnT0Q7qZfwQeVTJJJYK8XEhrrTRBIs-dIYwWZpeWVj3nYSQn44mxRYIuBOVj9ZzTdPkns0PO9mdnMc_EFGsGNogy3GTdwgZs-RV86UpZVIZOWBJ-h_xr3eZz8TmBEWSNWtFUclTO_TOb-1sg2b09MydubRtgaeZUa0sC5Ede4eX_ImrmeoqZhYQmw%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55d658eb2be0892523c04ca8373d2c3dd9de9b1522e783666dbd1dd675bde522

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
906579
cf-polished
origFmt=png, origSize=510755
alt-svc
h3=":443"; ma=86400
content-length
309828
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 16:00:06 GMT
server
cloudflare
etag
"12511ea8d637fd7cc12b64289c7d54d4"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wqKdn0XqX2PO6FZ9742EugPk4%2BH2MLOF%2Fzp%2BhQp4tXmEs78uimkGCQQMRhe7705GwlBOBL9SpIJ3wpB3FkgvPNX3TOWVq8TYVQlggmH0wGgtabVV2bHRts0wNyXNjNx1GS3pTFMV9xsg7PZ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d013cbcb16ae1-FRA
ad.aspx
ums-tr.eterna.de/ Frame F8A1
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2212629&v=11965&q=343054&r=412871&pv=1&pref3=oneidYxeTrfzrEwc9P1FVH9HetQteZZFAT1TdpHroneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://ums-tr.eterna.de/ad.aspx?prog=216609&networkID=21&ch=RT&noredir=1
0
809 B
Image
General
Full URL
https://ums-tr.eterna.de/ad.aspx?prog=216609&networkID=21&ch=RT&noredir=1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14184%2C1174630%2C14231&b=YxeTrfzrEwc9P1FVH9HetQteZZFAT1TdpHr%2CdEmTEfe7dMuDMRxuEHjHwtEtABVdT3T4T5WCj%2C8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk&f=q4AcmfBKJYcbxDSZHgHDtRCwGGuPTgTJ2H3%2CK13CRfR5x2fer5wC5HMHktzCXr68a8TAT8Gaq%2CZx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ&c=728&d=90&e=&g=be7ad2aae831f2d104dbfa74c93c7ccd%2F9688348786189972242&i=17952%2C306304%2C17833&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116797&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCgp0LujSvZeesOrLJmLAPu9W6UMT-wtJop4OKpNQL-y4QASC35YQhYPWVzoHgBMgBCakChxZyOYpCsj6oAwHIA5sEqgSQAk_Q-MARynjIw2DAXL1cgw9m2fCt7VkFZXa2RS1lM4u40ReIZMxP83PLfX2jivgP7Y4lxqfaYN7G-KUib0HayE2cyWt2QAC6nvRsYBYY_S9g-k6hwUYZdB8hvsR2JfTCFONjXLF8HCoaHHNnAjqQReOT35hcf8QjG_inrF4H2jJHzCCmSEW3Ewnb9wCu5oT8wbxqcGca4SnwJIEzdnlxl4mrQdSglfoFMYViEZGqPXzktpj8A_sdAD50rqWjN-tfq5Wwd-wrrHnJ-vdMhrROgc0Ie4gcB92JpD_8kWsLbJhYTTMhnlVHBwVJlO8zh2XnNTgn2KcYZzJQIsFM4CTg0xox0x3wGopO7xlW7BcJ_BL0wASx0aXUOOAEA4gFwc_7eJAGAaAGTYAHgY7yN6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARhfMgKKAjoEgECAQEi9_cE6WMPU5vLK8oMD8ggNYmlkZGVyLTIwMTMzNoAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_mr2gDCcx2rxvT3HZ0UDOYuqbe6FpBUZ6ysTpQA_OfOw2134FEhnKLdQAnZr9GAE%2526sig%253DAOD64_37_aOjeZtYud-o-68C64nJKEVn4w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AdysAgWGq1N32-QTGjnCco2UKzz6JHYpSutanydFxMzmm-oUDNT1amp5GZpgZ0qzYYEXwqHGUWq367KFOIh-bAP4BCNHFr3KJETpwXtiJ-SHCKBhfhMtGt76wf17or2mdlGXqAFIwNmAb3SGl5k29gmFuHnPJ9cgSYW4bm4TU4f8-NH-Q%2526cry%253D1%2526dbm_d%253DAKAmf-CPdwX3SjzkrklTnw87_k7tU2EDQCFspuzMVTcDzdDQM1i864zhecfDtESBCmKRPjS2bJNdgxdGp06qSqUKu-X7g2vaeQreG4PctWcN3jtqJ1nStqvnAv2K6x_yMTlcg-UJlpBRG18e9UvBuT5hgne3d6eX89A_ULlqkg8U4meO0zHPvQxLsFlOaAc1bHD-QlHKiT0V-r_BrudiBpgiL0rE-sGnGbLjcfZkEyXzTMYL3Bac1Sj8HuyNdWhDVhL26tUG6I_NCIpKXV-GDkdWEzh14zdOB-IJ69ce4FL3O_ySFot0KqON0AVC-vJmnDs01eJRr4dVkU6viTzaVwbVta9-jpnr9dhpE-LOGAnT0Q7qZfwQeVTJJJYK8XEhrrTRBIs-dIYwWZpeWVj3nYSQn44mxRYIuBOVj9ZzTdPkns0PO9mdnMc_EFGsGNogy3GTdwgZs-RV86UpZVIZOWBJ-h_xr3eZz8TmBEWSNWtFUclTO_TOb-1sg2b09MydubRtgaeZUa0sC5Ede4eX_ImrmeoqZhYQmw%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700:20::681a:4f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnet-version
4.0.30319
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62HSVNbKTte%2FLmV2q5iqexgGKUPIOQ78AzcojMvR23YcO8Ok4d8ps%2BMm1pxxOOR4ABAg4zgmA1KASsgIfjlrozAtSo90oJEx99GPmohAl1AOOl31bwz3qWNNlYMQ3piApsv4FJ0fwDqLdna1Lng%3D"}],"group":"cf-nel","max_age":604800}
p3p
CP="STP CUR OUR"
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
cf-ray
849d0140cf7a65c3-FRA
expires
0

Redirect headers

Date
Tue, 23 Jan 2024 03:38:36 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://ums-tr.eterna.de/ad.aspx?prog=216609&networkID=21&ch=RT&noredir=1
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
143B35768C738D57679793EB1D246845B4DC53ED02314AC808B94DD12E4252DA493E97BBEB5965FCBDD4F222D209B1E677675EBDA4E4DA476BB3C3E837028797
assets.ad4m.at/logo/ Frame F8A1
12 KB
12 KB
Image
General
Full URL
https://assets.ad4m.at/logo/143B35768C738D57679793EB1D246845B4DC53ED02314AC808B94DD12E4252DA493E97BBEB5965FCBDD4F222D209B1E677675EBDA4E4DA476BB3C3E837028797
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14184%2C1174630%2C14231&b=YxeTrfzrEwc9P1FVH9HetQteZZFAT1TdpHr%2CdEmTEfe7dMuDMRxuEHjHwtEtABVdT3T4T5WCj%2C8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk&f=q4AcmfBKJYcbxDSZHgHDtRCwGGuPTgTJ2H3%2CK13CRfR5x2fer5wC5HMHktzCXr68a8TAT8Gaq%2CZx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ&c=728&d=90&e=&g=be7ad2aae831f2d104dbfa74c93c7ccd%2F9688348786189972242&i=17952%2C306304%2C17833&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116797&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCgp0LujSvZeesOrLJmLAPu9W6UMT-wtJop4OKpNQL-y4QASC35YQhYPWVzoHgBMgBCakChxZyOYpCsj6oAwHIA5sEqgSQAk_Q-MARynjIw2DAXL1cgw9m2fCt7VkFZXa2RS1lM4u40ReIZMxP83PLfX2jivgP7Y4lxqfaYN7G-KUib0HayE2cyWt2QAC6nvRsYBYY_S9g-k6hwUYZdB8hvsR2JfTCFONjXLF8HCoaHHNnAjqQReOT35hcf8QjG_inrF4H2jJHzCCmSEW3Ewnb9wCu5oT8wbxqcGca4SnwJIEzdnlxl4mrQdSglfoFMYViEZGqPXzktpj8A_sdAD50rqWjN-tfq5Wwd-wrrHnJ-vdMhrROgc0Ie4gcB92JpD_8kWsLbJhYTTMhnlVHBwVJlO8zh2XnNTgn2KcYZzJQIsFM4CTg0xox0x3wGopO7xlW7BcJ_BL0wASx0aXUOOAEA4gFwc_7eJAGAaAGTYAHgY7yN6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARhfMgKKAjoEgECAQEi9_cE6WMPU5vLK8oMD8ggNYmlkZGVyLTIwMTMzNoAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_mr2gDCcx2rxvT3HZ0UDOYuqbe6FpBUZ6ysTpQA_OfOw2134FEhnKLdQAnZr9GAE%2526sig%253DAOD64_37_aOjeZtYud-o-68C64nJKEVn4w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AdysAgWGq1N32-QTGjnCco2UKzz6JHYpSutanydFxMzmm-oUDNT1amp5GZpgZ0qzYYEXwqHGUWq367KFOIh-bAP4BCNHFr3KJETpwXtiJ-SHCKBhfhMtGt76wf17or2mdlGXqAFIwNmAb3SGl5k29gmFuHnPJ9cgSYW4bm4TU4f8-NH-Q%2526cry%253D1%2526dbm_d%253DAKAmf-CPdwX3SjzkrklTnw87_k7tU2EDQCFspuzMVTcDzdDQM1i864zhecfDtESBCmKRPjS2bJNdgxdGp06qSqUKu-X7g2vaeQreG4PctWcN3jtqJ1nStqvnAv2K6x_yMTlcg-UJlpBRG18e9UvBuT5hgne3d6eX89A_ULlqkg8U4meO0zHPvQxLsFlOaAc1bHD-QlHKiT0V-r_BrudiBpgiL0rE-sGnGbLjcfZkEyXzTMYL3Bac1Sj8HuyNdWhDVhL26tUG6I_NCIpKXV-GDkdWEzh14zdOB-IJ69ce4FL3O_ySFot0KqON0AVC-vJmnDs01eJRr4dVkU6viTzaVwbVta9-jpnr9dhpE-LOGAnT0Q7qZfwQeVTJJJYK8XEhrrTRBIs-dIYwWZpeWVj3nYSQn44mxRYIuBOVj9ZzTdPkns0PO9mdnMc_EFGsGNogy3GTdwgZs-RV86UpZVIZOWBJ-h_xr3eZz8TmBEWSNWtFUclTO_TOb-1sg2b09MydubRtgaeZUa0sC5Ede4eX_ImrmeoqZhYQmw%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0bc4ebeef055988ac53e5b06d779f323cf800937e42713a516605f7e87bb76d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1010896
cf-polished
origFmt=png, origSize=26846
alt-svc
h3=":443"; ma=86400
content-length
11854
cf-bgj
imgq:85,h2pri
last-modified
Fri, 22 Dec 2023 09:27:54 GMT
server
cloudflare
etag
"00a9fe9cc6c771262c49737961fe55c0"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtVCcxZZYyLHNWjJ6Fs%2BhrEhoyjyFT6p%2FxqnlKetvCiTrXOybGBEN9m4ImKmS%2FHYvV3KBYi9155gDhZO1wnTucRJZcVoqaXY2gMHXt4B1gMR0sIfI0zYhG3VKcwwrGHjs%2FuwQ8T2q5iIV8Ry"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d013cdce46ae1-FRA
4186D86A52EB0F431929CBF5D933A75A062912A733E0A2A0F898B20BE5871648F17324246E2521E29CA0C9FFC5B11E93449FB5C6A96D679B064A1A913E3C49FA
assets.ad4m.at/ Frame F8A1
65 KB
65 KB
Image
General
Full URL
https://assets.ad4m.at/4186D86A52EB0F431929CBF5D933A75A062912A733E0A2A0F898B20BE5871648F17324246E2521E29CA0C9FFC5B11E93449FB5C6A96D679B064A1A913E3C49FA
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14184%2C1174630%2C14231&b=YxeTrfzrEwc9P1FVH9HetQteZZFAT1TdpHr%2CdEmTEfe7dMuDMRxuEHjHwtEtABVdT3T4T5WCj%2C8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk&f=q4AcmfBKJYcbxDSZHgHDtRCwGGuPTgTJ2H3%2CK13CRfR5x2fer5wC5HMHktzCXr68a8TAT8Gaq%2CZx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ&c=728&d=90&e=&g=be7ad2aae831f2d104dbfa74c93c7ccd%2F9688348786189972242&i=17952%2C306304%2C17833&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116797&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCgp0LujSvZeesOrLJmLAPu9W6UMT-wtJop4OKpNQL-y4QASC35YQhYPWVzoHgBMgBCakChxZyOYpCsj6oAwHIA5sEqgSQAk_Q-MARynjIw2DAXL1cgw9m2fCt7VkFZXa2RS1lM4u40ReIZMxP83PLfX2jivgP7Y4lxqfaYN7G-KUib0HayE2cyWt2QAC6nvRsYBYY_S9g-k6hwUYZdB8hvsR2JfTCFONjXLF8HCoaHHNnAjqQReOT35hcf8QjG_inrF4H2jJHzCCmSEW3Ewnb9wCu5oT8wbxqcGca4SnwJIEzdnlxl4mrQdSglfoFMYViEZGqPXzktpj8A_sdAD50rqWjN-tfq5Wwd-wrrHnJ-vdMhrROgc0Ie4gcB92JpD_8kWsLbJhYTTMhnlVHBwVJlO8zh2XnNTgn2KcYZzJQIsFM4CTg0xox0x3wGopO7xlW7BcJ_BL0wASx0aXUOOAEA4gFwc_7eJAGAaAGTYAHgY7yN6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARhfMgKKAjoEgECAQEi9_cE6WMPU5vLK8oMD8ggNYmlkZGVyLTIwMTMzNoAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_mr2gDCcx2rxvT3HZ0UDOYuqbe6FpBUZ6ysTpQA_OfOw2134FEhnKLdQAnZr9GAE%2526sig%253DAOD64_37_aOjeZtYud-o-68C64nJKEVn4w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AdysAgWGq1N32-QTGjnCco2UKzz6JHYpSutanydFxMzmm-oUDNT1amp5GZpgZ0qzYYEXwqHGUWq367KFOIh-bAP4BCNHFr3KJETpwXtiJ-SHCKBhfhMtGt76wf17or2mdlGXqAFIwNmAb3SGl5k29gmFuHnPJ9cgSYW4bm4TU4f8-NH-Q%2526cry%253D1%2526dbm_d%253DAKAmf-CPdwX3SjzkrklTnw87_k7tU2EDQCFspuzMVTcDzdDQM1i864zhecfDtESBCmKRPjS2bJNdgxdGp06qSqUKu-X7g2vaeQreG4PctWcN3jtqJ1nStqvnAv2K6x_yMTlcg-UJlpBRG18e9UvBuT5hgne3d6eX89A_ULlqkg8U4meO0zHPvQxLsFlOaAc1bHD-QlHKiT0V-r_BrudiBpgiL0rE-sGnGbLjcfZkEyXzTMYL3Bac1Sj8HuyNdWhDVhL26tUG6I_NCIpKXV-GDkdWEzh14zdOB-IJ69ce4FL3O_ySFot0KqON0AVC-vJmnDs01eJRr4dVkU6viTzaVwbVta9-jpnr9dhpE-LOGAnT0Q7qZfwQeVTJJJYK8XEhrrTRBIs-dIYwWZpeWVj3nYSQn44mxRYIuBOVj9ZzTdPkns0PO9mdnMc_EFGsGNogy3GTdwgZs-RV86UpZVIZOWBJ-h_xr3eZz8TmBEWSNWtFUclTO_TOb-1sg2b09MydubRtgaeZUa0sC5Ede4eX_ImrmeoqZhYQmw%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b09ba27caac344635861c05395b6f9543611d228f8bdcabcb735714f6fcc1a

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2136892
cf-polished
origFmt=png, origSize=100134
alt-svc
h3=":443"; ma=86400
content-length
66106
cf-bgj
imgq:85,h2pri
last-modified
Fri, 22 Dec 2023 09:42:53 GMT
server
cloudflare
etag
"eb1baef64943a4a74523314d89ab2f20"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odYqfTV4SzvNOWHf0%2F5IUDSwJLU117SujiCqO5J%2B4PC4BzLCx2yygyiPqK%2Fts0ZHguKD%2FkghJYwDv3bcIoG9OC8qkod0LbJ5nie8SctoBZWx5aAKqjlX03BD%2F7qlteZs5v%2FxkJR%2BrYWYF6gu"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d013cdce66ae1-FRA
cshow.php
www.awin1.com/ Frame F8A1
43 B
704 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=3515897&v=68826&q=477959&r=412871&pv=1&pref3=oneiddEmTEfe7dMuDMRxuEHjHwtEtABVdT3T4T5WCjoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14184%2C1174630%2C14231&b=YxeTrfzrEwc9P1FVH9HetQteZZFAT1TdpHr%2CdEmTEfe7dMuDMRxuEHjHwtEtABVdT3T4T5WCj%2C8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk&f=q4AcmfBKJYcbxDSZHgHDtRCwGGuPTgTJ2H3%2CK13CRfR5x2fer5wC5HMHktzCXr68a8TAT8Gaq%2CZx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ&c=728&d=90&e=&g=be7ad2aae831f2d104dbfa74c93c7ccd%2F9688348786189972242&i=17952%2C306304%2C17833&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116797&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCgp0LujSvZeesOrLJmLAPu9W6UMT-wtJop4OKpNQL-y4QASC35YQhYPWVzoHgBMgBCakChxZyOYpCsj6oAwHIA5sEqgSQAk_Q-MARynjIw2DAXL1cgw9m2fCt7VkFZXa2RS1lM4u40ReIZMxP83PLfX2jivgP7Y4lxqfaYN7G-KUib0HayE2cyWt2QAC6nvRsYBYY_S9g-k6hwUYZdB8hvsR2JfTCFONjXLF8HCoaHHNnAjqQReOT35hcf8QjG_inrF4H2jJHzCCmSEW3Ewnb9wCu5oT8wbxqcGca4SnwJIEzdnlxl4mrQdSglfoFMYViEZGqPXzktpj8A_sdAD50rqWjN-tfq5Wwd-wrrHnJ-vdMhrROgc0Ie4gcB92JpD_8kWsLbJhYTTMhnlVHBwVJlO8zh2XnNTgn2KcYZzJQIsFM4CTg0xox0x3wGopO7xlW7BcJ_BL0wASx0aXUOOAEA4gFwc_7eJAGAaAGTYAHgY7yN6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARhfMgKKAjoEgECAQEi9_cE6WMPU5vLK8oMD8ggNYmlkZGVyLTIwMTMzNoAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_mr2gDCcx2rxvT3HZ0UDOYuqbe6FpBUZ6ysTpQA_OfOw2134FEhnKLdQAnZr9GAE%2526sig%253DAOD64_37_aOjeZtYud-o-68C64nJKEVn4w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AdysAgWGq1N32-QTGjnCco2UKzz6JHYpSutanydFxMzmm-oUDNT1amp5GZpgZ0qzYYEXwqHGUWq367KFOIh-bAP4BCNHFr3KJETpwXtiJ-SHCKBhfhMtGt76wf17or2mdlGXqAFIwNmAb3SGl5k29gmFuHnPJ9cgSYW4bm4TU4f8-NH-Q%2526cry%253D1%2526dbm_d%253DAKAmf-CPdwX3SjzkrklTnw87_k7tU2EDQCFspuzMVTcDzdDQM1i864zhecfDtESBCmKRPjS2bJNdgxdGp06qSqUKu-X7g2vaeQreG4PctWcN3jtqJ1nStqvnAv2K6x_yMTlcg-UJlpBRG18e9UvBuT5hgne3d6eX89A_ULlqkg8U4meO0zHPvQxLsFlOaAc1bHD-QlHKiT0V-r_BrudiBpgiL0rE-sGnGbLjcfZkEyXzTMYL3Bac1Sj8HuyNdWhDVhL26tUG6I_NCIpKXV-GDkdWEzh14zdOB-IJ69ce4FL3O_ySFot0KqON0AVC-vJmnDs01eJRr4dVkU6viTzaVwbVta9-jpnr9dhpE-LOGAnT0Q7qZfwQeVTJJJYK8XEhrrTRBIs-dIYwWZpeWVj3nYSQn44mxRYIuBOVj9ZzTdPkns0PO9mdnMc_EFGsGNogy3GTdwgZs-RV86UpZVIZOWBJ-h_xr3eZz8TmBEWSNWtFUclTO_TOb-1sg2b09MydubRtgaeZUa0sC5Ede4eX_ImrmeoqZhYQmw%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:36 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
D3B45A55F1C50FB7DB83A4641D3A00C5469052BD411126DAEF979DC6C7E100A43C6EEA78A629947E9B95CB19A68C69E940F7D222E09A96EADEB8614D07C65C60
assets.ad4m.at/logo/ Frame F8A1
11 KB
11 KB
Image
General
Full URL
https://assets.ad4m.at/logo/D3B45A55F1C50FB7DB83A4641D3A00C5469052BD411126DAEF979DC6C7E100A43C6EEA78A629947E9B95CB19A68C69E940F7D222E09A96EADEB8614D07C65C60
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14184%2C1174630%2C14231&b=YxeTrfzrEwc9P1FVH9HetQteZZFAT1TdpHr%2CdEmTEfe7dMuDMRxuEHjHwtEtABVdT3T4T5WCj%2C8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk&f=q4AcmfBKJYcbxDSZHgHDtRCwGGuPTgTJ2H3%2CK13CRfR5x2fer5wC5HMHktzCXr68a8TAT8Gaq%2CZx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ&c=728&d=90&e=&g=be7ad2aae831f2d104dbfa74c93c7ccd%2F9688348786189972242&i=17952%2C306304%2C17833&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116797&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCgp0LujSvZeesOrLJmLAPu9W6UMT-wtJop4OKpNQL-y4QASC35YQhYPWVzoHgBMgBCakChxZyOYpCsj6oAwHIA5sEqgSQAk_Q-MARynjIw2DAXL1cgw9m2fCt7VkFZXa2RS1lM4u40ReIZMxP83PLfX2jivgP7Y4lxqfaYN7G-KUib0HayE2cyWt2QAC6nvRsYBYY_S9g-k6hwUYZdB8hvsR2JfTCFONjXLF8HCoaHHNnAjqQReOT35hcf8QjG_inrF4H2jJHzCCmSEW3Ewnb9wCu5oT8wbxqcGca4SnwJIEzdnlxl4mrQdSglfoFMYViEZGqPXzktpj8A_sdAD50rqWjN-tfq5Wwd-wrrHnJ-vdMhrROgc0Ie4gcB92JpD_8kWsLbJhYTTMhnlVHBwVJlO8zh2XnNTgn2KcYZzJQIsFM4CTg0xox0x3wGopO7xlW7BcJ_BL0wASx0aXUOOAEA4gFwc_7eJAGAaAGTYAHgY7yN6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARhfMgKKAjoEgECAQEi9_cE6WMPU5vLK8oMD8ggNYmlkZGVyLTIwMTMzNoAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_mr2gDCcx2rxvT3HZ0UDOYuqbe6FpBUZ6ysTpQA_OfOw2134FEhnKLdQAnZr9GAE%2526sig%253DAOD64_37_aOjeZtYud-o-68C64nJKEVn4w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AdysAgWGq1N32-QTGjnCco2UKzz6JHYpSutanydFxMzmm-oUDNT1amp5GZpgZ0qzYYEXwqHGUWq367KFOIh-bAP4BCNHFr3KJETpwXtiJ-SHCKBhfhMtGt76wf17or2mdlGXqAFIwNmAb3SGl5k29gmFuHnPJ9cgSYW4bm4TU4f8-NH-Q%2526cry%253D1%2526dbm_d%253DAKAmf-CPdwX3SjzkrklTnw87_k7tU2EDQCFspuzMVTcDzdDQM1i864zhecfDtESBCmKRPjS2bJNdgxdGp06qSqUKu-X7g2vaeQreG4PctWcN3jtqJ1nStqvnAv2K6x_yMTlcg-UJlpBRG18e9UvBuT5hgne3d6eX89A_ULlqkg8U4meO0zHPvQxLsFlOaAc1bHD-QlHKiT0V-r_BrudiBpgiL0rE-sGnGbLjcfZkEyXzTMYL3Bac1Sj8HuyNdWhDVhL26tUG6I_NCIpKXV-GDkdWEzh14zdOB-IJ69ce4FL3O_ySFot0KqON0AVC-vJmnDs01eJRr4dVkU6viTzaVwbVta9-jpnr9dhpE-LOGAnT0Q7qZfwQeVTJJJYK8XEhrrTRBIs-dIYwWZpeWVj3nYSQn44mxRYIuBOVj9ZzTdPkns0PO9mdnMc_EFGsGNogy3GTdwgZs-RV86UpZVIZOWBJ-h_xr3eZz8TmBEWSNWtFUclTO_TOb-1sg2b09MydubRtgaeZUa0sC5Ede4eX_ImrmeoqZhYQmw%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3381eefb1d27cb110697afc4e4d12efc2e245609113ef6e53d4caf1db9d5f5e0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
368434
cf-polished
origFmt=png, origSize=14365
alt-svc
h3=":443"; ma=86400
content-length
10826
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 15:36:32 GMT
server
cloudflare
etag
"405368a2037ee53412eae93c3ecf0526"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jDDfOSt1o8A5ni7V7z31xELDvq2dYCjGyupnRjB%2BL1f2e9051lFc4HxSWlCx0B372YFczrZZEF%2Bcuvy8DjCjKdUodns%2FR0ZgFRdWOfFnbW2VIocBmBZWnQpApY9XRRIuj5%2BmqG%2FFj7I4yeg3"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d013cdce86ae1-FRA
87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
assets.ad4m.at/ Frame F8A1
8 KB
8 KB
Image
General
Full URL
https://assets.ad4m.at/87EB1E3C91A7F2FBD01851803C86B50949EC5D98970BF26CECE3B361544ECCE0F6BE0CC56DBC9A680FEE0A17D0C12D6E6BDC05023F5328B1D75C412C1C02D6CC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14184%2C1174630%2C14231&b=YxeTrfzrEwc9P1FVH9HetQteZZFAT1TdpHr%2CdEmTEfe7dMuDMRxuEHjHwtEtABVdT3T4T5WCj%2C8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk&f=q4AcmfBKJYcbxDSZHgHDtRCwGGuPTgTJ2H3%2CK13CRfR5x2fer5wC5HMHktzCXr68a8TAT8Gaq%2CZx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ&c=728&d=90&e=&g=be7ad2aae831f2d104dbfa74c93c7ccd%2F9688348786189972242&i=17952%2C306304%2C17833&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116797&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCgp0LujSvZeesOrLJmLAPu9W6UMT-wtJop4OKpNQL-y4QASC35YQhYPWVzoHgBMgBCakChxZyOYpCsj6oAwHIA5sEqgSQAk_Q-MARynjIw2DAXL1cgw9m2fCt7VkFZXa2RS1lM4u40ReIZMxP83PLfX2jivgP7Y4lxqfaYN7G-KUib0HayE2cyWt2QAC6nvRsYBYY_S9g-k6hwUYZdB8hvsR2JfTCFONjXLF8HCoaHHNnAjqQReOT35hcf8QjG_inrF4H2jJHzCCmSEW3Ewnb9wCu5oT8wbxqcGca4SnwJIEzdnlxl4mrQdSglfoFMYViEZGqPXzktpj8A_sdAD50rqWjN-tfq5Wwd-wrrHnJ-vdMhrROgc0Ie4gcB92JpD_8kWsLbJhYTTMhnlVHBwVJlO8zh2XnNTgn2KcYZzJQIsFM4CTg0xox0x3wGopO7xlW7BcJ_BL0wASx0aXUOOAEA4gFwc_7eJAGAaAGTYAHgY7yN6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARhfMgKKAjoEgECAQEi9_cE6WMPU5vLK8oMD8ggNYmlkZGVyLTIwMTMzNoAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_mr2gDCcx2rxvT3HZ0UDOYuqbe6FpBUZ6ysTpQA_OfOw2134FEhnKLdQAnZr9GAE%2526sig%253DAOD64_37_aOjeZtYud-o-68C64nJKEVn4w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AdysAgWGq1N32-QTGjnCco2UKzz6JHYpSutanydFxMzmm-oUDNT1amp5GZpgZ0qzYYEXwqHGUWq367KFOIh-bAP4BCNHFr3KJETpwXtiJ-SHCKBhfhMtGt76wf17or2mdlGXqAFIwNmAb3SGl5k29gmFuHnPJ9cgSYW4bm4TU4f8-NH-Q%2526cry%253D1%2526dbm_d%253DAKAmf-CPdwX3SjzkrklTnw87_k7tU2EDQCFspuzMVTcDzdDQM1i864zhecfDtESBCmKRPjS2bJNdgxdGp06qSqUKu-X7g2vaeQreG4PctWcN3jtqJ1nStqvnAv2K6x_yMTlcg-UJlpBRG18e9UvBuT5hgne3d6eX89A_ULlqkg8U4meO0zHPvQxLsFlOaAc1bHD-QlHKiT0V-r_BrudiBpgiL0rE-sGnGbLjcfZkEyXzTMYL3Bac1Sj8HuyNdWhDVhL26tUG6I_NCIpKXV-GDkdWEzh14zdOB-IJ69ce4FL3O_ySFot0KqON0AVC-vJmnDs01eJRr4dVkU6viTzaVwbVta9-jpnr9dhpE-LOGAnT0Q7qZfwQeVTJJJYK8XEhrrTRBIs-dIYwWZpeWVj3nYSQn44mxRYIuBOVj9ZzTdPkns0PO9mdnMc_EFGsGNogy3GTdwgZs-RV86UpZVIZOWBJ-h_xr3eZz8TmBEWSNWtFUclTO_TOb-1sg2b09MydubRtgaeZUa0sC5Ede4eX_ImrmeoqZhYQmw%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec687923f2e182639e80a81f1eaf224c1b696157eb1f3a4c5caed8f91a57fea

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
282277
cf-polished
origFmt=png, origSize=8019
alt-svc
h3=":443"; ma=86400
content-length
7958
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 Nov 2023 15:33:04 GMT
server
cloudflare
etag
"1e4fa7b99cb7b50b4a1d7346d08f09ce"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwBKzK%2FPLQ8AAXeU8mbxPQ%2BfwY08marbV5qi5IgvMLMwOsPloaxOpekPvBiGizZQ1zHAF9yXqCg61hj%2F%2FLFLFyUxOpDc6pG1irAJkDmElnj%2BGb3%2FBNqwwHd%2FTEb52ZAUVJJKBU2aS5aso19o"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d013cdcea6ae1-FRA
ztpv.php
www.conrad.ch/ Frame F8A1
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2246444&v=11482&q=346440&r=412871&pv=1&pref3=oneid8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHkoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.ch/ztpv.php?insert=AW
0
113 B
Image
General
Full URL
https://www.conrad.ch/ztpv.php?insert=AW
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14184%2C1174630%2C14231&b=YxeTrfzrEwc9P1FVH9HetQteZZFAT1TdpHr%2CdEmTEfe7dMuDMRxuEHjHwtEtABVdT3T4T5WCj%2C8RpaDf2P46CZ76CgHJHEtxtjwBhPTwTpJHk&f=q4AcmfBKJYcbxDSZHgHDtRCwGGuPTgTJ2H3%2CK13CRfR5x2fer5wC5HMHktzCXr68a8TAT8Gaq%2CZx1TwfKX9Za84WamHDHDtDC8R9CVTXTQ3HJ&c=728&d=90&e=&g=be7ad2aae831f2d104dbfa74c93c7ccd%2F9688348786189972242&i=17952%2C306304%2C17833&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116797&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCgp0LujSvZeesOrLJmLAPu9W6UMT-wtJop4OKpNQL-y4QASC35YQhYPWVzoHgBMgBCakChxZyOYpCsj6oAwHIA5sEqgSQAk_Q-MARynjIw2DAXL1cgw9m2fCt7VkFZXa2RS1lM4u40ReIZMxP83PLfX2jivgP7Y4lxqfaYN7G-KUib0HayE2cyWt2QAC6nvRsYBYY_S9g-k6hwUYZdB8hvsR2JfTCFONjXLF8HCoaHHNnAjqQReOT35hcf8QjG_inrF4H2jJHzCCmSEW3Ewnb9wCu5oT8wbxqcGca4SnwJIEzdnlxl4mrQdSglfoFMYViEZGqPXzktpj8A_sdAD50rqWjN-tfq5Wwd-wrrHnJ-vdMhrROgc0Ie4gcB92JpD_8kWsLbJhYTTMhnlVHBwVJlO8zh2XnNTgn2KcYZzJQIsFM4CTg0xox0x3wGopO7xlW7BcJ_BL0wASx0aXUOOAEA4gFwc_7eJAGAaAGTYAHgY7yN6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARhfMgKKAjoEgECAQEi9_cE6WMPU5vLK8oMD8ggNYmlkZGVyLTIwMTMzNoAKBJgLAcgLAYAMAaoNAkNIsBPby-sC2BMDiBQB2BQB0BUB-BYBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_mr2gDCcx2rxvT3HZ0UDOYuqbe6FpBUZ6ysTpQA_OfOw2134FEhnKLdQAnZr9GAE%2526sig%253DAOD64_37_aOjeZtYud-o-68C64nJKEVn4w%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-AdysAgWGq1N32-QTGjnCco2UKzz6JHYpSutanydFxMzmm-oUDNT1amp5GZpgZ0qzYYEXwqHGUWq367KFOIh-bAP4BCNHFr3KJETpwXtiJ-SHCKBhfhMtGt76wf17or2mdlGXqAFIwNmAb3SGl5k29gmFuHnPJ9cgSYW4bm4TU4f8-NH-Q%2526cry%253D1%2526dbm_d%253DAKAmf-CPdwX3SjzkrklTnw87_k7tU2EDQCFspuzMVTcDzdDQM1i864zhecfDtESBCmKRPjS2bJNdgxdGp06qSqUKu-X7g2vaeQreG4PctWcN3jtqJ1nStqvnAv2K6x_yMTlcg-UJlpBRG18e9UvBuT5hgne3d6eX89A_ULlqkg8U4meO0zHPvQxLsFlOaAc1bHD-QlHKiT0V-r_BrudiBpgiL0rE-sGnGbLjcfZkEyXzTMYL3Bac1Sj8HuyNdWhDVhL26tUG6I_NCIpKXV-GDkdWEzh14zdOB-IJ69ce4FL3O_ySFot0KqON0AVC-vJmnDs01eJRr4dVkU6viTzaVwbVta9-jpnr9dhpE-LOGAnT0Q7qZfwQeVTJJJYK8XEhrrTRBIs-dIYwWZpeWVj3nYSQn44mxRYIuBOVj9ZzTdPkns0PO9mdnMc_EFGsGNogy3GTdwgZs-RV86UpZVIZOWBJ-h_xr3eZz8TmBEWSNWtFUclTO_TOb-1sg2b09MydubRtgaeZUa0sC5Ede4eX_ImrmeoqZhYQmw%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:bae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache
cf-ray
849d01407f781c2a-FRA
content-length
0
expires
-1

Redirect headers

Date
Tue, 23 Jan 2024 03:38:37 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.ch/ztpv.php?insert=AW
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 35A3
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BMwtQvDSvZYhvoLqO7A_W1YuACgAAAAA4AeAEAg&bg=!5eal5qnNAAZVxkGXdcY7ADQBe5WfODly-4zWzO2bMNghvmuRhftKdzh4UMM2FHBWzb4KRoIq1FuF9F-haxpjpTs1qMevAgAAALVSAAAAAmgBB5kDVhUHZITXU9RQfyP9vRxUgLD_-myD1zs2JcM_mQhYBMtOG6EAe0vEvntxuF9h7CXZOSqnTzRCRplfkXHdRpiS-VaIwMaK7wqhs0I9RherfNx3ImN9rGm2RCP2GothBFWOTV5T7p68vPXk1x9RsY8Z5T_BhZnm4LMC2ew6Zsxk0-nPuecMedg403j5_KNYw2Ro6XrAld6cCkZrM_cKs3vyQs3Zg-3TO_Nir0zXtktyYLGz8pmZRvAqFyRPYjBULC-kF3uFIKyZzFWV-S0GL1eRjKiWvVtcJqd8on4ZCH7X5Mc_7ej12Ff7O_lMbwU25VskPzrKmbCaD_6QWanNPBAUmRfBvA-lW_BiqlR0kt_3nDd4GXL955oG6x07VEwULfFc_in2URtPg1jGLTbP1OmBfdmL6fOLezSoTP1aXffnraqTdPZobfCnMXODVt2Y83t2RM_k4QGQkxL97dhylpKV216J_OkcNGml6oYgUkTqpLcqy3KNMwJGd_lnrO7IQGmLjEssEwLHQlPkrjsOTPLmHjMzEI3Od9wZWaj3J_1UE_VO2MPmGQmJ3HW6KtWxRZ_9iJUUDsuANX2aNb0VfLIxPdyg_SLVjkn672DuNasEMqogDHpRuen62saARliP8UR6EZidIyKPE9H8E0mzfF-r9H9ZtvqiJTdh-sFqpMv8kXCO19OCI2Oo8pAjZq497wJgjIS-eIe3dZxfJ1tspGeqdKftXz2FY0m17UAx4LA2Kz1DXD04kFKmwQS5YAsbkQP9Rr3TSFmLw40kSIBS7iq2jSVz1Z6jYiwBRhUlC2FSvekSJRl_t9IgVxLQKkXOSxua3GT0cRYHhg1DChjDPUCUs6ZfhFcNBXxvgflEdHSkfmm4M2GERYt_fAVl8IgfhtbwKaGhTRQ3_D3l4zn06UqPJTGwbyRcZWXTmb7l5g6mnohagg5k1C8rsZmaYqxyV2WDqNjBOz6wlc4rr_scx8zJzTf0vMchtPqJALxd8ACeH4RDy3QCsQaY527_-Y_cwuTjRCQpxn8yr6NTn4sZkeztwCWAVroBx_5WPypgY3vUmyw5FAJp1xFS2FO21MjgSvEtzYNfvZ7vhd-z150qiRj2QQJcolWwswNyBlaQOG7XKQh_x17Vzs2J
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 19AC
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=517453%2C309728%2C336262&b=xEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2C62GfefmJR6aEBZ7TeHmHYtkt91eAS2T1T3qT7%2Ce7Vu3fYPkACJE1QtjHZHet1tM3DKtjTQTK8H1&f=YxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CXxZTzfw189h2Pmgh6H4Het1CweWQhBTkT5KCJ%2CDjmU3f3qxGTmW5ka3HmH9twCemrdTWTmTY8HV&c=728&d=90&e=&g=b3eea552cbcd5e364822515b1562eceb%2F6690139865749810000&i=196936%2C108139%2C114236&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116814&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCH73QuzSvZY6SBLP7kdUPpP2ykATE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Ollsh1G-4vDCEWoP9AO8pvCkteWlXHbCZocVFvvIqGzVAizTJZZeLGMwyz_c8Ap7U7vkHOuyspGBiy2RoxoZMQw_AKNo1WnH0RanzIzuvK80A4cdJ9IJoURaDBOz954f9Faxt5DUTSZgHzraLDLxUtAJ4LB-5JDQrKe_rL2jIlGnRdUUUi90BFhEi7xoQCEK8rCwqk5J6GTKeC45Mzhmpnz1Oj4jPzRMS-0JqKl2oXmpWxvHbmYHoPPc4lnzhNgAT07Yj6dBLwWM7voZP_0iYZlYFpCapJW_kbnPDENmOeGLy6huQu6TZoxfn4J40w_mwH_0oTXuDZbGoEeCkBaRlZ_11OYlLhCuh6pian8vcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljEuu3yyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_xIDoJIpJbZCUnw4nhwP-ojpHw6AdZaBjU1DCrGWnoK8tBaX_l-bu0iXaZafLGAE%2526sig%253DAOD64_2JCWKQErPPSsLKnqQb_Q-P4FmFvQ%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-CSNjCCd0pgBoB2ESMuCI63iMCtkQMOG-R9MC7GX5l9McMGNVtRy6-DBa5XSKTAGBzLPJRZm8Fn8hueo7Iu83YRYjsDpR8sBnvZPLzlTSXC0J2XIo9bHpJqmStGK191AFvwL2HczKcGAxuaVYPJB2fa5Sm2pBVe3rLnqChpykAJbQ5OYZY%2526cry%253D1%2526dbm_d%253DAKAmf-BFhcFtKRfwRa7oy0axT9W9nTdiRVSHli-a3YeHnJBaZxIAYTd_T_p87jqTHshmZeT_areCA0L32UO9AR_KxWalDF7eMSxjrHii9AqfBazpq6eNMhjGEFiBwIGIcr1wmzOxFpq-r8fBKzxW9qSHqYQDkVJfxi9RfOi_AQZVbB7XZUhFCI-Q5k7c1JzZ-wey-JqfBG6gsHwF3mQf367iTjBf6oM0P09Y7QMrMHxgwpFI3ICxpHsOK_JlR1Qa-U2OHKTKr7S5O9_ur0dBTzsEDq8sGcJzP99sIDeeglYWEQTVaTOa0aOKSyn_WbZ_o24YG5eWXW5FG7I0qU57mcCJkunTvPDvwL3y-nm9KcDlHGYgZ1hs_vZ14ujFy7tGw76B1THSBxrxHZQY81IQnxNZS0pP0RtmuCFwOKwav4d1wdkoUtFlcVO-LcsQwXOjYjOhJd13OGndHclPkQ-FyqNla2oFNC_1uSEwpUtFre5saUhq7QtnunulVn5uDqzZJCV_PyCRJdCEq3FoRAXeXMxIlV_BT87j8A%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=517453%2C309728%2C336262&b=xEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2C62GfefmJR6aEBZ7TeHmHYtkt91eAS2T1T3qT7%2Ce7Vu3fYPkACJE1QtjHZHet1tM3DKtjTQTK8H1&f=YxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CXxZTzfw189h2Pmgh6H4Het1CweWQhBTkT5KCJ%2CDjmU3f3qxGTmW5ka3HmH9twCemrdTWTmTY8HV&c=728&d=90&e=&g=b3eea552cbcd5e364822515b1562eceb%2F6690139865749810000&i=196936%2C108139%2C114236&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116814&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCH73QuzSvZY6SBLP7kdUPpP2ykATE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Ollsh1G-4vDCEWoP9AO8pvCkteWlXHbCZocVFvvIqGzVAizTJZZeLGMwyz_c8Ap7U7vkHOuyspGBiy2RoxoZMQw_AKNo1WnH0RanzIzuvK80A4cdJ9IJoURaDBOz954f9Faxt5DUTSZgHzraLDLxUtAJ4LB-5JDQrKe_rL2jIlGnRdUUUi90BFhEi7xoQCEK8rCwqk5J6GTKeC45Mzhmpnz1Oj4jPzRMS-0JqKl2oXmpWxvHbmYHoPPc4lnzhNgAT07Yj6dBLwWM7voZP_0iYZlYFpCapJW_kbnPDENmOeGLy6huQu6TZoxfn4J40w_mwH_0oTXuDZbGoEeCkBaRlZ_11OYlLhCuh6pian8vcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljEuu3yyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_xIDoJIpJbZCUnw4nhwP-ojpHw6AdZaBjU1DCrGWnoK8tBaX_l-bu0iXaZafLGAE%2526sig%253DAOD64_2JCWKQErPPSsLKnqQb_Q-P4FmFvQ%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-CSNjCCd0pgBoB2ESMuCI63iMCtkQMOG-R9MC7GX5l9McMGNVtRy6-DBa5XSKTAGBzLPJRZm8Fn8hueo7Iu83YRYjsDpR8sBnvZPLzlTSXC0J2XIo9bHpJqmStGK191AFvwL2HczKcGAxuaVYPJB2fa5Sm2pBVe3rLnqChpykAJbQ5OYZY%2526cry%253D1%2526dbm_d%253DAKAmf-BFhcFtKRfwRa7oy0axT9W9nTdiRVSHli-a3YeHnJBaZxIAYTd_T_p87jqTHshmZeT_areCA0L32UO9AR_KxWalDF7eMSxjrHii9AqfBazpq6eNMhjGEFiBwIGIcr1wmzOxFpq-r8fBKzxW9qSHqYQDkVJfxi9RfOi_AQZVbB7XZUhFCI-Q5k7c1JzZ-wey-JqfBG6gsHwF3mQf367iTjBf6oM0P09Y7QMrMHxgwpFI3ICxpHsOK_JlR1Qa-U2OHKTKr7S5O9_ur0dBTzsEDq8sGcJzP99sIDeeglYWEQTVaTOa0aOKSyn_WbZ_o24YG5eWXW5FG7I0qU57mcCJkunTvPDvwL3y-nm9KcDlHGYgZ1hs_vZ14ujFy7tGw76B1THSBxrxHZQY81IQnxNZS0pP0RtmuCFwOKwav4d1wdkoUtFlcVO-LcsQwXOjYjOhJd13OGndHclPkQ-FyqNla2oFNC_1uSEwpUtFre5saUhq7QtnunulVn5uDqzZJCV_PyCRJdCEq3FoRAXeXMxIlV_BT87j8A%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
600876
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1eo3e44Gmclpjg%2B3CA4o%2BfTxI2Rl%2Bw14loLhO1GVSi1FzZUKU74oc0uunhznLfyjd%2BdbO1KEDwGPey%2FM0zazBF7I5S5YESSXQXBOdWMJXRwP3Iutr0rBLCjBjxLaNQXWzddPlXXMmY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
849d013ccccc6ae1-FRA
expires
Wed, 24 Jan 2024 03:38:36 GMT
5A4D44C3DE4BA2EE5CE7C957B94056F614D8C1AF31527286DF76718BA19538D51EFD158B736C3D2B03ABD47F6785B4182E88C8C362F86346C112BF56EB8E75B1
assets.ad4m.at/logo/ Frame 19AC
3 KB
3 KB
Image
General
Full URL
https://assets.ad4m.at/logo/5A4D44C3DE4BA2EE5CE7C957B94056F614D8C1AF31527286DF76718BA19538D51EFD158B736C3D2B03ABD47F6785B4182E88C8C362F86346C112BF56EB8E75B1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=517453%2C309728%2C336262&b=xEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2C62GfefmJR6aEBZ7TeHmHYtkt91eAS2T1T3qT7%2Ce7Vu3fYPkACJE1QtjHZHet1tM3DKtjTQTK8H1&f=YxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CXxZTzfw189h2Pmgh6H4Het1CweWQhBTkT5KCJ%2CDjmU3f3qxGTmW5ka3HmH9twCemrdTWTmTY8HV&c=728&d=90&e=&g=b3eea552cbcd5e364822515b1562eceb%2F6690139865749810000&i=196936%2C108139%2C114236&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116814&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCH73QuzSvZY6SBLP7kdUPpP2ykATE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Ollsh1G-4vDCEWoP9AO8pvCkteWlXHbCZocVFvvIqGzVAizTJZZeLGMwyz_c8Ap7U7vkHOuyspGBiy2RoxoZMQw_AKNo1WnH0RanzIzuvK80A4cdJ9IJoURaDBOz954f9Faxt5DUTSZgHzraLDLxUtAJ4LB-5JDQrKe_rL2jIlGnRdUUUi90BFhEi7xoQCEK8rCwqk5J6GTKeC45Mzhmpnz1Oj4jPzRMS-0JqKl2oXmpWxvHbmYHoPPc4lnzhNgAT07Yj6dBLwWM7voZP_0iYZlYFpCapJW_kbnPDENmOeGLy6huQu6TZoxfn4J40w_mwH_0oTXuDZbGoEeCkBaRlZ_11OYlLhCuh6pian8vcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljEuu3yyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_xIDoJIpJbZCUnw4nhwP-ojpHw6AdZaBjU1DCrGWnoK8tBaX_l-bu0iXaZafLGAE%2526sig%253DAOD64_2JCWKQErPPSsLKnqQb_Q-P4FmFvQ%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-CSNjCCd0pgBoB2ESMuCI63iMCtkQMOG-R9MC7GX5l9McMGNVtRy6-DBa5XSKTAGBzLPJRZm8Fn8hueo7Iu83YRYjsDpR8sBnvZPLzlTSXC0J2XIo9bHpJqmStGK191AFvwL2HczKcGAxuaVYPJB2fa5Sm2pBVe3rLnqChpykAJbQ5OYZY%2526cry%253D1%2526dbm_d%253DAKAmf-BFhcFtKRfwRa7oy0axT9W9nTdiRVSHli-a3YeHnJBaZxIAYTd_T_p87jqTHshmZeT_areCA0L32UO9AR_KxWalDF7eMSxjrHii9AqfBazpq6eNMhjGEFiBwIGIcr1wmzOxFpq-r8fBKzxW9qSHqYQDkVJfxi9RfOi_AQZVbB7XZUhFCI-Q5k7c1JzZ-wey-JqfBG6gsHwF3mQf367iTjBf6oM0P09Y7QMrMHxgwpFI3ICxpHsOK_JlR1Qa-U2OHKTKr7S5O9_ur0dBTzsEDq8sGcJzP99sIDeeglYWEQTVaTOa0aOKSyn_WbZ_o24YG5eWXW5FG7I0qU57mcCJkunTvPDvwL3y-nm9KcDlHGYgZ1hs_vZ14ujFy7tGw76B1THSBxrxHZQY81IQnxNZS0pP0RtmuCFwOKwav4d1wdkoUtFlcVO-LcsQwXOjYjOhJd13OGndHclPkQ-FyqNla2oFNC_1uSEwpUtFre5saUhq7QtnunulVn5uDqzZJCV_PyCRJdCEq3FoRAXeXMxIlV_BT87j8A%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e71f18edd174a4cb13dc9b75daa0d9d7ce1fc949585941eac0f85263893bcac

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
279878
cf-polished
origFmt=png, origSize=10671
alt-svc
h3=":443"; ma=86400
content-length
2788
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 15:47:11 GMT
server
cloudflare
etag
"9acf9d00a48a7f6dbfd2227b1e5270f4"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uo2FMXYXDE2Y2a8wDhvmoNwXrj%2BxqMFqHUnHh%2FVCRb4Ufk1xY83RQBIhb5v5etgiToLuyYV5Q3a9GWjnIhwm107GBgNlihAxClBPGFD5WTYYgXdmZJBHMrmu9mugf2mXNh2dUR4eKWpEWmuW"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d013ccccd6ae1-FRA
83B190E70C0AA9B95F6BCCDB3A57CEAF501AA63168C9AD4C9EDC5CE5B876040D48E4230B3C84514DBA05FA6AC3A57F755FEC87C355A18FD82B1F88B8F702271D
assets.ad4m.at/ Frame 19AC
29 KB
29 KB
Image
General
Full URL
https://assets.ad4m.at/83B190E70C0AA9B95F6BCCDB3A57CEAF501AA63168C9AD4C9EDC5CE5B876040D48E4230B3C84514DBA05FA6AC3A57F755FEC87C355A18FD82B1F88B8F702271D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=517453%2C309728%2C336262&b=xEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2C62GfefmJR6aEBZ7TeHmHYtkt91eAS2T1T3qT7%2Ce7Vu3fYPkACJE1QtjHZHet1tM3DKtjTQTK8H1&f=YxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CXxZTzfw189h2Pmgh6H4Het1CweWQhBTkT5KCJ%2CDjmU3f3qxGTmW5ka3HmH9twCemrdTWTmTY8HV&c=728&d=90&e=&g=b3eea552cbcd5e364822515b1562eceb%2F6690139865749810000&i=196936%2C108139%2C114236&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116814&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCH73QuzSvZY6SBLP7kdUPpP2ykATE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Ollsh1G-4vDCEWoP9AO8pvCkteWlXHbCZocVFvvIqGzVAizTJZZeLGMwyz_c8Ap7U7vkHOuyspGBiy2RoxoZMQw_AKNo1WnH0RanzIzuvK80A4cdJ9IJoURaDBOz954f9Faxt5DUTSZgHzraLDLxUtAJ4LB-5JDQrKe_rL2jIlGnRdUUUi90BFhEi7xoQCEK8rCwqk5J6GTKeC45Mzhmpnz1Oj4jPzRMS-0JqKl2oXmpWxvHbmYHoPPc4lnzhNgAT07Yj6dBLwWM7voZP_0iYZlYFpCapJW_kbnPDENmOeGLy6huQu6TZoxfn4J40w_mwH_0oTXuDZbGoEeCkBaRlZ_11OYlLhCuh6pian8vcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljEuu3yyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_xIDoJIpJbZCUnw4nhwP-ojpHw6AdZaBjU1DCrGWnoK8tBaX_l-bu0iXaZafLGAE%2526sig%253DAOD64_2JCWKQErPPSsLKnqQb_Q-P4FmFvQ%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-CSNjCCd0pgBoB2ESMuCI63iMCtkQMOG-R9MC7GX5l9McMGNVtRy6-DBa5XSKTAGBzLPJRZm8Fn8hueo7Iu83YRYjsDpR8sBnvZPLzlTSXC0J2XIo9bHpJqmStGK191AFvwL2HczKcGAxuaVYPJB2fa5Sm2pBVe3rLnqChpykAJbQ5OYZY%2526cry%253D1%2526dbm_d%253DAKAmf-BFhcFtKRfwRa7oy0axT9W9nTdiRVSHli-a3YeHnJBaZxIAYTd_T_p87jqTHshmZeT_areCA0L32UO9AR_KxWalDF7eMSxjrHii9AqfBazpq6eNMhjGEFiBwIGIcr1wmzOxFpq-r8fBKzxW9qSHqYQDkVJfxi9RfOi_AQZVbB7XZUhFCI-Q5k7c1JzZ-wey-JqfBG6gsHwF3mQf367iTjBf6oM0P09Y7QMrMHxgwpFI3ICxpHsOK_JlR1Qa-U2OHKTKr7S5O9_ur0dBTzsEDq8sGcJzP99sIDeeglYWEQTVaTOa0aOKSyn_WbZ_o24YG5eWXW5FG7I0qU57mcCJkunTvPDvwL3y-nm9KcDlHGYgZ1hs_vZ14ujFy7tGw76B1THSBxrxHZQY81IQnxNZS0pP0RtmuCFwOKwav4d1wdkoUtFlcVO-LcsQwXOjYjOhJd13OGndHclPkQ-FyqNla2oFNC_1uSEwpUtFre5saUhq7QtnunulVn5uDqzZJCV_PyCRJdCEq3FoRAXeXMxIlV_BT87j8A%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
493c8e5e8f262311f7c5a36dc28f3ddbd38ba9613aafe00bba0ca330529cd152

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4572135
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
29272
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 Nov 2023 14:52:27 GMT
server
cloudflare
etag
"a24698d2ecb1fb5c40c210433d544412"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2WoDmIs28zY%2B2JntbUdPTcKr5NmZ6gcPJUrmVcuIQW%2BoQDNFwbDj2%2FMamwDIWJ0tVV3Ctm8W1rB4VPs3YFD%2Fa%2FgbLzkE4KuSsXQxF9GYpi%2F2Gi75lm0iF%2Fw3RtigwS8%2B69NIagmDaYQrrewe"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d013cccce6ae1-FRA
cshow.php
www.awin1.com/ Frame 19AC
43 B
704 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2578904&v=18851&q=382783&r=412871&pv=1&pref3=oneidxEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHAoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=517453%2C309728%2C336262&b=xEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2C62GfefmJR6aEBZ7TeHmHYtkt91eAS2T1T3qT7%2Ce7Vu3fYPkACJE1QtjHZHet1tM3DKtjTQTK8H1&f=YxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CXxZTzfw189h2Pmgh6H4Het1CweWQhBTkT5KCJ%2CDjmU3f3qxGTmW5ka3HmH9twCemrdTWTmTY8HV&c=728&d=90&e=&g=b3eea552cbcd5e364822515b1562eceb%2F6690139865749810000&i=196936%2C108139%2C114236&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116814&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCH73QuzSvZY6SBLP7kdUPpP2ykATE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Ollsh1G-4vDCEWoP9AO8pvCkteWlXHbCZocVFvvIqGzVAizTJZZeLGMwyz_c8Ap7U7vkHOuyspGBiy2RoxoZMQw_AKNo1WnH0RanzIzuvK80A4cdJ9IJoURaDBOz954f9Faxt5DUTSZgHzraLDLxUtAJ4LB-5JDQrKe_rL2jIlGnRdUUUi90BFhEi7xoQCEK8rCwqk5J6GTKeC45Mzhmpnz1Oj4jPzRMS-0JqKl2oXmpWxvHbmYHoPPc4lnzhNgAT07Yj6dBLwWM7voZP_0iYZlYFpCapJW_kbnPDENmOeGLy6huQu6TZoxfn4J40w_mwH_0oTXuDZbGoEeCkBaRlZ_11OYlLhCuh6pian8vcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljEuu3yyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_xIDoJIpJbZCUnw4nhwP-ojpHw6AdZaBjU1DCrGWnoK8tBaX_l-bu0iXaZafLGAE%2526sig%253DAOD64_2JCWKQErPPSsLKnqQb_Q-P4FmFvQ%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-CSNjCCd0pgBoB2ESMuCI63iMCtkQMOG-R9MC7GX5l9McMGNVtRy6-DBa5XSKTAGBzLPJRZm8Fn8hueo7Iu83YRYjsDpR8sBnvZPLzlTSXC0J2XIo9bHpJqmStGK191AFvwL2HczKcGAxuaVYPJB2fa5Sm2pBVe3rLnqChpykAJbQ5OYZY%2526cry%253D1%2526dbm_d%253DAKAmf-BFhcFtKRfwRa7oy0axT9W9nTdiRVSHli-a3YeHnJBaZxIAYTd_T_p87jqTHshmZeT_areCA0L32UO9AR_KxWalDF7eMSxjrHii9AqfBazpq6eNMhjGEFiBwIGIcr1wmzOxFpq-r8fBKzxW9qSHqYQDkVJfxi9RfOi_AQZVbB7XZUhFCI-Q5k7c1JzZ-wey-JqfBG6gsHwF3mQf367iTjBf6oM0P09Y7QMrMHxgwpFI3ICxpHsOK_JlR1Qa-U2OHKTKr7S5O9_ur0dBTzsEDq8sGcJzP99sIDeeglYWEQTVaTOa0aOKSyn_WbZ_o24YG5eWXW5FG7I0qU57mcCJkunTvPDvwL3y-nm9KcDlHGYgZ1hs_vZ14ujFy7tGw76B1THSBxrxHZQY81IQnxNZS0pP0RtmuCFwOKwav4d1wdkoUtFlcVO-LcsQwXOjYjOhJd13OGndHclPkQ-FyqNla2oFNC_1uSEwpUtFre5saUhq7QtnunulVn5uDqzZJCV_PyCRJdCEq3FoRAXeXMxIlV_BT87j8A%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:37 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
5ADFE8E61796216FE47BC733DCFC9DD63B61276A7399338A4FD02DD38A06397ED34B1F70C77E90957EEBF3FCA6C59E479C45BEDE3B7E74E2B173156616DB6D17
assets.ad4m.at/logo/ Frame 19AC
15 KB
16 KB
Image
General
Full URL
https://assets.ad4m.at/logo/5ADFE8E61796216FE47BC733DCFC9DD63B61276A7399338A4FD02DD38A06397ED34B1F70C77E90957EEBF3FCA6C59E479C45BEDE3B7E74E2B173156616DB6D17
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=517453%2C309728%2C336262&b=xEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2C62GfefmJR6aEBZ7TeHmHYtkt91eAS2T1T3qT7%2Ce7Vu3fYPkACJE1QtjHZHet1tM3DKtjTQTK8H1&f=YxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CXxZTzfw189h2Pmgh6H4Het1CweWQhBTkT5KCJ%2CDjmU3f3qxGTmW5ka3HmH9twCemrdTWTmTY8HV&c=728&d=90&e=&g=b3eea552cbcd5e364822515b1562eceb%2F6690139865749810000&i=196936%2C108139%2C114236&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116814&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCH73QuzSvZY6SBLP7kdUPpP2ykATE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Ollsh1G-4vDCEWoP9AO8pvCkteWlXHbCZocVFvvIqGzVAizTJZZeLGMwyz_c8Ap7U7vkHOuyspGBiy2RoxoZMQw_AKNo1WnH0RanzIzuvK80A4cdJ9IJoURaDBOz954f9Faxt5DUTSZgHzraLDLxUtAJ4LB-5JDQrKe_rL2jIlGnRdUUUi90BFhEi7xoQCEK8rCwqk5J6GTKeC45Mzhmpnz1Oj4jPzRMS-0JqKl2oXmpWxvHbmYHoPPc4lnzhNgAT07Yj6dBLwWM7voZP_0iYZlYFpCapJW_kbnPDENmOeGLy6huQu6TZoxfn4J40w_mwH_0oTXuDZbGoEeCkBaRlZ_11OYlLhCuh6pian8vcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljEuu3yyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_xIDoJIpJbZCUnw4nhwP-ojpHw6AdZaBjU1DCrGWnoK8tBaX_l-bu0iXaZafLGAE%2526sig%253DAOD64_2JCWKQErPPSsLKnqQb_Q-P4FmFvQ%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-CSNjCCd0pgBoB2ESMuCI63iMCtkQMOG-R9MC7GX5l9McMGNVtRy6-DBa5XSKTAGBzLPJRZm8Fn8hueo7Iu83YRYjsDpR8sBnvZPLzlTSXC0J2XIo9bHpJqmStGK191AFvwL2HczKcGAxuaVYPJB2fa5Sm2pBVe3rLnqChpykAJbQ5OYZY%2526cry%253D1%2526dbm_d%253DAKAmf-BFhcFtKRfwRa7oy0axT9W9nTdiRVSHli-a3YeHnJBaZxIAYTd_T_p87jqTHshmZeT_areCA0L32UO9AR_KxWalDF7eMSxjrHii9AqfBazpq6eNMhjGEFiBwIGIcr1wmzOxFpq-r8fBKzxW9qSHqYQDkVJfxi9RfOi_AQZVbB7XZUhFCI-Q5k7c1JzZ-wey-JqfBG6gsHwF3mQf367iTjBf6oM0P09Y7QMrMHxgwpFI3ICxpHsOK_JlR1Qa-U2OHKTKr7S5O9_ur0dBTzsEDq8sGcJzP99sIDeeglYWEQTVaTOa0aOKSyn_WbZ_o24YG5eWXW5FG7I0qU57mcCJkunTvPDvwL3y-nm9KcDlHGYgZ1hs_vZ14ujFy7tGw76B1THSBxrxHZQY81IQnxNZS0pP0RtmuCFwOKwav4d1wdkoUtFlcVO-LcsQwXOjYjOhJd13OGndHclPkQ-FyqNla2oFNC_1uSEwpUtFre5saUhq7QtnunulVn5uDqzZJCV_PyCRJdCEq3FoRAXeXMxIlV_BT87j8A%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f837866795d2a876b1ab1ffa8720fb1ae4424f82310722203801d64082eab093

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
282128
cf-polished
qual=85, origFmt=jpeg, origSize=17494
alt-svc
h3=":443"; ma=86400
content-length
15578
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 Nov 2023 13:20:32 GMT
server
cloudflare
etag
"b98cae532f899c635268dd45e9fd8066"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3FHoFsqMxIVg9wef3nnjMtjZWq0aowGDP5Fm8%2F%2BSS0zKGEz%2Fd7%2BVIMlSREeprk0596MRw6jyL6BmuIZvpdHHGdMUnpZmaTLjdZJnshYAi65wWdYMkp0pqVpqDrN9pHDxllX9G4evA7wlOJp"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d01406f2e6ae1-FRA
E4C0498048C5EE755703BDD48B2B4729CA6119DAC82BB93F2C60E089044BDD729DA23E8E29E8CDF2F28B982A690671CBA371BAD7E2860386A56DFF737F6F70F4
assets.ad4m.at/ Frame 19AC
37 KB
38 KB
Image
General
Full URL
https://assets.ad4m.at/E4C0498048C5EE755703BDD48B2B4729CA6119DAC82BB93F2C60E089044BDD729DA23E8E29E8CDF2F28B982A690671CBA371BAD7E2860386A56DFF737F6F70F4
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=517453%2C309728%2C336262&b=xEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2C62GfefmJR6aEBZ7TeHmHYtkt91eAS2T1T3qT7%2Ce7Vu3fYPkACJE1QtjHZHet1tM3DKtjTQTK8H1&f=YxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CXxZTzfw189h2Pmgh6H4Het1CweWQhBTkT5KCJ%2CDjmU3f3qxGTmW5ka3HmH9twCemrdTWTmTY8HV&c=728&d=90&e=&g=b3eea552cbcd5e364822515b1562eceb%2F6690139865749810000&i=196936%2C108139%2C114236&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116814&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCH73QuzSvZY6SBLP7kdUPpP2ykATE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Ollsh1G-4vDCEWoP9AO8pvCkteWlXHbCZocVFvvIqGzVAizTJZZeLGMwyz_c8Ap7U7vkHOuyspGBiy2RoxoZMQw_AKNo1WnH0RanzIzuvK80A4cdJ9IJoURaDBOz954f9Faxt5DUTSZgHzraLDLxUtAJ4LB-5JDQrKe_rL2jIlGnRdUUUi90BFhEi7xoQCEK8rCwqk5J6GTKeC45Mzhmpnz1Oj4jPzRMS-0JqKl2oXmpWxvHbmYHoPPc4lnzhNgAT07Yj6dBLwWM7voZP_0iYZlYFpCapJW_kbnPDENmOeGLy6huQu6TZoxfn4J40w_mwH_0oTXuDZbGoEeCkBaRlZ_11OYlLhCuh6pian8vcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljEuu3yyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_xIDoJIpJbZCUnw4nhwP-ojpHw6AdZaBjU1DCrGWnoK8tBaX_l-bu0iXaZafLGAE%2526sig%253DAOD64_2JCWKQErPPSsLKnqQb_Q-P4FmFvQ%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-CSNjCCd0pgBoB2ESMuCI63iMCtkQMOG-R9MC7GX5l9McMGNVtRy6-DBa5XSKTAGBzLPJRZm8Fn8hueo7Iu83YRYjsDpR8sBnvZPLzlTSXC0J2XIo9bHpJqmStGK191AFvwL2HczKcGAxuaVYPJB2fa5Sm2pBVe3rLnqChpykAJbQ5OYZY%2526cry%253D1%2526dbm_d%253DAKAmf-BFhcFtKRfwRa7oy0axT9W9nTdiRVSHli-a3YeHnJBaZxIAYTd_T_p87jqTHshmZeT_areCA0L32UO9AR_KxWalDF7eMSxjrHii9AqfBazpq6eNMhjGEFiBwIGIcr1wmzOxFpq-r8fBKzxW9qSHqYQDkVJfxi9RfOi_AQZVbB7XZUhFCI-Q5k7c1JzZ-wey-JqfBG6gsHwF3mQf367iTjBf6oM0P09Y7QMrMHxgwpFI3ICxpHsOK_JlR1Qa-U2OHKTKr7S5O9_ur0dBTzsEDq8sGcJzP99sIDeeglYWEQTVaTOa0aOKSyn_WbZ_o24YG5eWXW5FG7I0qU57mcCJkunTvPDvwL3y-nm9KcDlHGYgZ1hs_vZ14ujFy7tGw76B1THSBxrxHZQY81IQnxNZS0pP0RtmuCFwOKwav4d1wdkoUtFlcVO-LcsQwXOjYjOhJd13OGndHclPkQ-FyqNla2oFNC_1uSEwpUtFre5saUhq7QtnunulVn5uDqzZJCV_PyCRJdCEq3FoRAXeXMxIlV_BT87j8A%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d1a83866a35d5b8d73120a03689fffbcc20a5067ba8c11944b844303f61f940

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4583178
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
37981
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:22:21 GMT
server
cloudflare
etag
"f78c9a77df77f21b8e614cd477330a68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KocdGuZf5w5P8ElT2pJn6F7PF7uYYDm9MPuoANzT1BP2z83%2BlmUbo0RPGaQ%2Fy6HRx0FobH6X3%2BbwZ1WqXHBYpKakJ5F73Sgqw%2FSiG2ynHcC9P27wu2nIlmAVOgGLgaD%2FG226WgWHjNCIuxDK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d01406f2f6ae1-FRA
cshow.php
www.awin1.com/ Frame 19AC
43 B
704 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=3195745&v=30011&q=436805&r=412871&pv=1&pref3=oneid62GfefmJR6aEBZ7TeHmHYtkt91eAS2T1T3qT7oneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=517453%2C309728%2C336262&b=xEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2C62GfefmJR6aEBZ7TeHmHYtkt91eAS2T1T3qT7%2Ce7Vu3fYPkACJE1QtjHZHet1tM3DKtjTQTK8H1&f=YxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CXxZTzfw189h2Pmgh6H4Het1CweWQhBTkT5KCJ%2CDjmU3f3qxGTmW5ka3HmH9twCemrdTWTmTY8HV&c=728&d=90&e=&g=b3eea552cbcd5e364822515b1562eceb%2F6690139865749810000&i=196936%2C108139%2C114236&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116814&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCH73QuzSvZY6SBLP7kdUPpP2ykATE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Ollsh1G-4vDCEWoP9AO8pvCkteWlXHbCZocVFvvIqGzVAizTJZZeLGMwyz_c8Ap7U7vkHOuyspGBiy2RoxoZMQw_AKNo1WnH0RanzIzuvK80A4cdJ9IJoURaDBOz954f9Faxt5DUTSZgHzraLDLxUtAJ4LB-5JDQrKe_rL2jIlGnRdUUUi90BFhEi7xoQCEK8rCwqk5J6GTKeC45Mzhmpnz1Oj4jPzRMS-0JqKl2oXmpWxvHbmYHoPPc4lnzhNgAT07Yj6dBLwWM7voZP_0iYZlYFpCapJW_kbnPDENmOeGLy6huQu6TZoxfn4J40w_mwH_0oTXuDZbGoEeCkBaRlZ_11OYlLhCuh6pian8vcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljEuu3yyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_xIDoJIpJbZCUnw4nhwP-ojpHw6AdZaBjU1DCrGWnoK8tBaX_l-bu0iXaZafLGAE%2526sig%253DAOD64_2JCWKQErPPSsLKnqQb_Q-P4FmFvQ%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-CSNjCCd0pgBoB2ESMuCI63iMCtkQMOG-R9MC7GX5l9McMGNVtRy6-DBa5XSKTAGBzLPJRZm8Fn8hueo7Iu83YRYjsDpR8sBnvZPLzlTSXC0J2XIo9bHpJqmStGK191AFvwL2HczKcGAxuaVYPJB2fa5Sm2pBVe3rLnqChpykAJbQ5OYZY%2526cry%253D1%2526dbm_d%253DAKAmf-BFhcFtKRfwRa7oy0axT9W9nTdiRVSHli-a3YeHnJBaZxIAYTd_T_p87jqTHshmZeT_areCA0L32UO9AR_KxWalDF7eMSxjrHii9AqfBazpq6eNMhjGEFiBwIGIcr1wmzOxFpq-r8fBKzxW9qSHqYQDkVJfxi9RfOi_AQZVbB7XZUhFCI-Q5k7c1JzZ-wey-JqfBG6gsHwF3mQf367iTjBf6oM0P09Y7QMrMHxgwpFI3ICxpHsOK_JlR1Qa-U2OHKTKr7S5O9_ur0dBTzsEDq8sGcJzP99sIDeeglYWEQTVaTOa0aOKSyn_WbZ_o24YG5eWXW5FG7I0qU57mcCJkunTvPDvwL3y-nm9KcDlHGYgZ1hs_vZ14ujFy7tGw76B1THSBxrxHZQY81IQnxNZS0pP0RtmuCFwOKwav4d1wdkoUtFlcVO-LcsQwXOjYjOhJd13OGndHclPkQ-FyqNla2oFNC_1uSEwpUtFre5saUhq7QtnunulVn5uDqzZJCV_PyCRJdCEq3FoRAXeXMxIlV_BT87j8A%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:37 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
500A615916A2552EE4DDF87BE0EB5B5B50C43F3FCCC3B2B6352FE311C4315882D7B62F06B12474CD5AAE4568D9A53245B7EB14514B1930DB6635B6F53ACC932A
assets.ad4m.at/logo/ Frame 19AC
33 KB
34 KB
Image
General
Full URL
https://assets.ad4m.at/logo/500A615916A2552EE4DDF87BE0EB5B5B50C43F3FCCC3B2B6352FE311C4315882D7B62F06B12474CD5AAE4568D9A53245B7EB14514B1930DB6635B6F53ACC932A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=517453%2C309728%2C336262&b=xEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2C62GfefmJR6aEBZ7TeHmHYtkt91eAS2T1T3qT7%2Ce7Vu3fYPkACJE1QtjHZHet1tM3DKtjTQTK8H1&f=YxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CXxZTzfw189h2Pmgh6H4Het1CweWQhBTkT5KCJ%2CDjmU3f3qxGTmW5ka3HmH9twCemrdTWTmTY8HV&c=728&d=90&e=&g=b3eea552cbcd5e364822515b1562eceb%2F6690139865749810000&i=196936%2C108139%2C114236&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116814&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCH73QuzSvZY6SBLP7kdUPpP2ykATE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Ollsh1G-4vDCEWoP9AO8pvCkteWlXHbCZocVFvvIqGzVAizTJZZeLGMwyz_c8Ap7U7vkHOuyspGBiy2RoxoZMQw_AKNo1WnH0RanzIzuvK80A4cdJ9IJoURaDBOz954f9Faxt5DUTSZgHzraLDLxUtAJ4LB-5JDQrKe_rL2jIlGnRdUUUi90BFhEi7xoQCEK8rCwqk5J6GTKeC45Mzhmpnz1Oj4jPzRMS-0JqKl2oXmpWxvHbmYHoPPc4lnzhNgAT07Yj6dBLwWM7voZP_0iYZlYFpCapJW_kbnPDENmOeGLy6huQu6TZoxfn4J40w_mwH_0oTXuDZbGoEeCkBaRlZ_11OYlLhCuh6pian8vcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljEuu3yyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_xIDoJIpJbZCUnw4nhwP-ojpHw6AdZaBjU1DCrGWnoK8tBaX_l-bu0iXaZafLGAE%2526sig%253DAOD64_2JCWKQErPPSsLKnqQb_Q-P4FmFvQ%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-CSNjCCd0pgBoB2ESMuCI63iMCtkQMOG-R9MC7GX5l9McMGNVtRy6-DBa5XSKTAGBzLPJRZm8Fn8hueo7Iu83YRYjsDpR8sBnvZPLzlTSXC0J2XIo9bHpJqmStGK191AFvwL2HczKcGAxuaVYPJB2fa5Sm2pBVe3rLnqChpykAJbQ5OYZY%2526cry%253D1%2526dbm_d%253DAKAmf-BFhcFtKRfwRa7oy0axT9W9nTdiRVSHli-a3YeHnJBaZxIAYTd_T_p87jqTHshmZeT_areCA0L32UO9AR_KxWalDF7eMSxjrHii9AqfBazpq6eNMhjGEFiBwIGIcr1wmzOxFpq-r8fBKzxW9qSHqYQDkVJfxi9RfOi_AQZVbB7XZUhFCI-Q5k7c1JzZ-wey-JqfBG6gsHwF3mQf367iTjBf6oM0P09Y7QMrMHxgwpFI3ICxpHsOK_JlR1Qa-U2OHKTKr7S5O9_ur0dBTzsEDq8sGcJzP99sIDeeglYWEQTVaTOa0aOKSyn_WbZ_o24YG5eWXW5FG7I0qU57mcCJkunTvPDvwL3y-nm9KcDlHGYgZ1hs_vZ14ujFy7tGw76B1THSBxrxHZQY81IQnxNZS0pP0RtmuCFwOKwav4d1wdkoUtFlcVO-LcsQwXOjYjOhJd13OGndHclPkQ-FyqNla2oFNC_1uSEwpUtFre5saUhq7QtnunulVn5uDqzZJCV_PyCRJdCEq3FoRAXeXMxIlV_BT87j8A%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6f528cebac9b1597f1ddc32d408f660e5c980d38e73b530494ea86c02b233ba

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
cf-cache-status
MISS
last-modified
Thu, 12 Oct 2023 15:46:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"06db929d0f5cb9f5b4fd9a086b1f2b79"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHe61TlePeAUpQmbXr6%2Fz0aC7ZBonq79e6PAWvnyJxY6ZbqYeMx5uNiJKcY3fuaiC0Z8z9krt9P3jJLudMfwUsEndT58zyPRx59VTGCz8M8eVhHrC2nxK82BUFUe8tIdfqcS3KWKO2kjPmmn"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d01407f356ae1-FRA
alt-svc
h3=":443"; ma=86400
content-length
34291
B335F3CC0857B2257AC4FC0ED9CD1E8B0A1BD0DA0AD847F6740B9DFB3D05F4C6F770384F742C5E0FA9A2FC45C9D49FB68E46F4B7EC4008C99EBC38F2924674E6
assets.ad4m.at/product_image/ Frame 19AC
15 KB
16 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/B335F3CC0857B2257AC4FC0ED9CD1E8B0A1BD0DA0AD847F6740B9DFB3D05F4C6F770384F742C5E0FA9A2FC45C9D49FB68E46F4B7EC4008C99EBC38F2924674E6
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=517453%2C309728%2C336262&b=xEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2C62GfefmJR6aEBZ7TeHmHYtkt91eAS2T1T3qT7%2Ce7Vu3fYPkACJE1QtjHZHet1tM3DKtjTQTK8H1&f=YxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CXxZTzfw189h2Pmgh6H4Het1CweWQhBTkT5KCJ%2CDjmU3f3qxGTmW5ka3HmH9twCemrdTWTmTY8HV&c=728&d=90&e=&g=b3eea552cbcd5e364822515b1562eceb%2F6690139865749810000&i=196936%2C108139%2C114236&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116814&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCH73QuzSvZY6SBLP7kdUPpP2ykATE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Ollsh1G-4vDCEWoP9AO8pvCkteWlXHbCZocVFvvIqGzVAizTJZZeLGMwyz_c8Ap7U7vkHOuyspGBiy2RoxoZMQw_AKNo1WnH0RanzIzuvK80A4cdJ9IJoURaDBOz954f9Faxt5DUTSZgHzraLDLxUtAJ4LB-5JDQrKe_rL2jIlGnRdUUUi90BFhEi7xoQCEK8rCwqk5J6GTKeC45Mzhmpnz1Oj4jPzRMS-0JqKl2oXmpWxvHbmYHoPPc4lnzhNgAT07Yj6dBLwWM7voZP_0iYZlYFpCapJW_kbnPDENmOeGLy6huQu6TZoxfn4J40w_mwH_0oTXuDZbGoEeCkBaRlZ_11OYlLhCuh6pian8vcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljEuu3yyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_xIDoJIpJbZCUnw4nhwP-ojpHw6AdZaBjU1DCrGWnoK8tBaX_l-bu0iXaZafLGAE%2526sig%253DAOD64_2JCWKQErPPSsLKnqQb_Q-P4FmFvQ%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-CSNjCCd0pgBoB2ESMuCI63iMCtkQMOG-R9MC7GX5l9McMGNVtRy6-DBa5XSKTAGBzLPJRZm8Fn8hueo7Iu83YRYjsDpR8sBnvZPLzlTSXC0J2XIo9bHpJqmStGK191AFvwL2HczKcGAxuaVYPJB2fa5Sm2pBVe3rLnqChpykAJbQ5OYZY%2526cry%253D1%2526dbm_d%253DAKAmf-BFhcFtKRfwRa7oy0axT9W9nTdiRVSHli-a3YeHnJBaZxIAYTd_T_p87jqTHshmZeT_areCA0L32UO9AR_KxWalDF7eMSxjrHii9AqfBazpq6eNMhjGEFiBwIGIcr1wmzOxFpq-r8fBKzxW9qSHqYQDkVJfxi9RfOi_AQZVbB7XZUhFCI-Q5k7c1JzZ-wey-JqfBG6gsHwF3mQf367iTjBf6oM0P09Y7QMrMHxgwpFI3ICxpHsOK_JlR1Qa-U2OHKTKr7S5O9_ur0dBTzsEDq8sGcJzP99sIDeeglYWEQTVaTOa0aOKSyn_WbZ_o24YG5eWXW5FG7I0qU57mcCJkunTvPDvwL3y-nm9KcDlHGYgZ1hs_vZ14ujFy7tGw76B1THSBxrxHZQY81IQnxNZS0pP0RtmuCFwOKwav4d1wdkoUtFlcVO-LcsQwXOjYjOhJd13OGndHclPkQ-FyqNla2oFNC_1uSEwpUtFre5saUhq7QtnunulVn5uDqzZJCV_PyCRJdCEq3FoRAXeXMxIlV_BT87j8A%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0500a40419570f47e77e03549101b0492d84f581961128b1c1cb3e1115ae9dc8

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6416486
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
15846
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 21:06:38 GMT
server
cloudflare
etag
"e2aaa210aed94bb4c7bc2ab9430688f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5RsPklZBj0K1FldFBTmMAgFyaFvgePIdtRXmfQyYmthLJurOWml1lMvIGUAcRJAUd%2FmsoeFMNowZGHtn9AoJcKigii4%2B%2FrDFXI5Bw66np11NtRbFhGTzCTqwq19rsOIDxMV6lfnBLZX1DteD"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d01407f376ae1-FRA
cshow.php
www.awin1.com/ Frame 19AC
43 B
704 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=3199228&v=32603&q=443151&r=412871&pv=1&pref3=oneide7Vu3fYPkACJE1QtjHZHet1tM3DKtjTQTK8H1oneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=517453%2C309728%2C336262&b=xEpTQfEwD3SbX35TPHdHztQtYwRDfJT6TKkHA%2C62GfefmJR6aEBZ7TeHmHYtkt91eAS2T1T3qT7%2Ce7Vu3fYPkACJE1QtjHZHet1tM3DKtjTQTK8H1&f=YxeTrfzrEwc9pYJfVH9HetgC7zREcAT1TdpHr%2CXxZTzfw189h2Pmgh6H4Het1CweWQhBTkT5KCJ%2CDjmU3f3qxGTmW5ka3HmH9twCemrdTWTmTY8HV&c=728&d=90&e=&g=b3eea552cbcd5e364822515b1562eceb%2F6690139865749810000&i=196936%2C108139%2C114236&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116814&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCH73QuzSvZY6SBLP7kdUPpP2ykATE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Ollsh1G-4vDCEWoP9AO8pvCkteWlXHbCZocVFvvIqGzVAizTJZZeLGMwyz_c8Ap7U7vkHOuyspGBiy2RoxoZMQw_AKNo1WnH0RanzIzuvK80A4cdJ9IJoURaDBOz954f9Faxt5DUTSZgHzraLDLxUtAJ4LB-5JDQrKe_rL2jIlGnRdUUUi90BFhEi7xoQCEK8rCwqk5J6GTKeC45Mzhmpnz1Oj4jPzRMS-0JqKl2oXmpWxvHbmYHoPPc4lnzhNgAT07Yj6dBLwWM7voZP_0iYZlYFpCapJW_kbnPDENmOeGLy6huQu6TZoxfn4J40w_mwH_0oTXuDZbGoEeCkBaRlZ_11OYlLhCuh6pian8vcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOljEuu3yyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAbIYBBIC6k4%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_xIDoJIpJbZCUnw4nhwP-ojpHw6AdZaBjU1DCrGWnoK8tBaX_l-bu0iXaZafLGAE%2526sig%253DAOD64_2JCWKQErPPSsLKnqQb_Q-P4FmFvQ%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-CSNjCCd0pgBoB2ESMuCI63iMCtkQMOG-R9MC7GX5l9McMGNVtRy6-DBa5XSKTAGBzLPJRZm8Fn8hueo7Iu83YRYjsDpR8sBnvZPLzlTSXC0J2XIo9bHpJqmStGK191AFvwL2HczKcGAxuaVYPJB2fa5Sm2pBVe3rLnqChpykAJbQ5OYZY%2526cry%253D1%2526dbm_d%253DAKAmf-BFhcFtKRfwRa7oy0axT9W9nTdiRVSHli-a3YeHnJBaZxIAYTd_T_p87jqTHshmZeT_areCA0L32UO9AR_KxWalDF7eMSxjrHii9AqfBazpq6eNMhjGEFiBwIGIcr1wmzOxFpq-r8fBKzxW9qSHqYQDkVJfxi9RfOi_AQZVbB7XZUhFCI-Q5k7c1JzZ-wey-JqfBG6gsHwF3mQf367iTjBf6oM0P09Y7QMrMHxgwpFI3ICxpHsOK_JlR1Qa-U2OHKTKr7S5O9_ur0dBTzsEDq8sGcJzP99sIDeeglYWEQTVaTOa0aOKSyn_WbZ_o24YG5eWXW5FG7I0qU57mcCJkunTvPDvwL3y-nm9KcDlHGYgZ1hs_vZ14ujFy7tGw76B1THSBxrxHZQY81IQnxNZS0pP0RtmuCFwOKwav4d1wdkoUtFlcVO-LcsQwXOjYjOhJd13OGndHclPkQ-FyqNla2oFNC_1uSEwpUtFre5saUhq7QtnunulVn5uDqzZJCV_PyCRJdCEq3FoRAXeXMxIlV_BT87j8A%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:37 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
/
track.adform.net/csimpr/ Frame 1CF0
35 B
626 B
Ping
General
Full URL
https://track.adform.net/csimpr/?bn=67903448&csi=aEsG-a9vV6Y7Poq-QsWArHjZgMgIYZw2uyrQEl5uZRkJDwKV3Zer3AZU1ud_ztNqqF0D6TVkOTMRB67DnkcILSQf6BfgfukZEBQ5juPi97UDvP-67D9Y4w2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
61139669.png
s1.adform.net/Banners/61139669/ Frame 1CF0
22 KB
22 KB
Image
General
Full URL
https://s1.adform.net/Banners/61139669/61139669.png?bv=3
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f05330bc0330060972600b53270ab622e77a783ffe8db7d1ca20fa4a3f5beb68

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
last-modified
Thu, 21 Dec 2023 11:49:41 GMT
server
nginx
x-amz-request-id
tx00000640e15e9214a3f39-006598c826-32959e94-default
etag
"4ba0462edebbb46c39b3c82bf184cc26"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
22243
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame EE02
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=726385%2C543072%2C189095&b=2bEa6f642McDbxwtVHWHkt8t2wk8sWT7TgGHg%2CxEpTQfEwD3Sb4EQSPHdHztQtmMA6CJT6TKkHA%2CzmWfRf4jMkTqXJeCpHBHMtqtPJGKfJTwTQBHW&f=4rmHEf2xVYC26ZesGH9HdtzCM8ZQhZTpT76fK%2CYxeTrfzrEwc9e5DaVH9HetgC6VxYUAT1TdpHr%2C8RpaDf2P46CRgXktgHJHEtqCewZGsPTwTpJHk&c=728&d=90&e=&g=3c7d15364fd15b38b0bd5426270ab2a6%2F4129257182803659990&i=74692%2C108188%2C75077&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116816&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTeOYuzSvZZyBD7fUmLAP3Yyr2APE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Nk5mX0ZTXZZ1S2YFHwvnaUOXCwDkQf6X3KJ08ch8evWc0pJl80RjziLuLFrgvaLAP3H0HuTiG-MtQy4v162vJTK3vOzyTRTu-DnipllzVIHtWR88-7FNCYoZNleUVTcDPqVGSK-z64cTcRV7q0W5bHN7wb1rIXyv1QYIl2WbNq_pxV173jCxaYxbW0hxRsxiji7YH8mc5NTCcN-SdgIJA3DkDvJkN_fnfFiDCCTaK-Ybwx5TzJ9kGtGNUVpBTYaoRw51iQwPONIs-cB-EKW9I4xrAe_KdkxRhjrVhyo9I_8kQqtbfl-ZhaazLrJBma5_78BXJOq8hQuXPHdCML2FAWIpfH8LLULWF3UCDqCFcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliFrfjyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_TGGW2Or_djVvr6u4ETjZNWPAtbvJLXZF3VQJEI5uSI-_ygRbpa-qHOeodXfGGAE%2526sig%253DAOD64_3jLkm-UN7j-jonGkimIAIjU0790Q%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Agb5TLx385SwMUF6-r0kwTFLkVmELfIV0ovq6X2yRo5We8iLq_Ij141h5KY_uBVvTtKvgihE2FQDfBoJv_Wlf1XOlNbRht-icYE4Z9t4tE_XjWw5RK1UetbFbKfUk7DZbv4VHXdISbk4i5a_Dp5naoLIsM0gJ9F_vC2DmWxUOo0raGzRg%2526cry%253D1%2526dbm_d%253DAKAmf-CkY45fHHXYtHehsh2Sv1b43ZbZMhoLktA7XWwM5GbJpsr0h7ChFcuqohMrNStAiMururUK3Ibj-bWmj4gsGUohHiHsPuuyoPTvvUiY67jiwj0F16zHQZRVPetFwBzA3doLipyVxwXOpCJ4gz612BT5cbtZewcPcOfeJ8oul7Qw056eJaW7smG-SqKyuZkHEri_3z1VVWpwrDx1Dfz88DC3nuFyBHGyJ6L8svHFJOOkCErxjkfOovOn74tluFj8f043NxWS9EwlmnV9quCgVhGAx8AHcQgs8hf8xScmKxLA7YKTQ6K1k9vGGKWADfhvmGhp84A1dJeUyNq_beYCGACIalnJOS0H4jfiv_8vyXh9_JlA_6K9ZneB8X8XwsFCYxnkQ60y6EJL1xlkb__anumO2Y12VS6tlycjVn1--HwyHB9cbYQBYCoZnwJuFOKyS8RRsnsXMLAw9-EUdLSAPDYFYPyw16jpTM710zyEfby7KnprdRBd3TcuEY8arWKzcugD5rDV7sFadCXkGFY8yzCb0jU97g%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=726385%2C543072%2C189095&b=2bEa6f642McDbxwtVHWHkt8t2wk8sWT7TgGHg%2CxEpTQfEwD3Sb4EQSPHdHztQtmMA6CJT6TKkHA%2CzmWfRf4jMkTqXJeCpHBHMtqtPJGKfJTwTQBHW&f=4rmHEf2xVYC26ZesGH9HdtzCM8ZQhZTpT76fK%2CYxeTrfzrEwc9e5DaVH9HetgC6VxYUAT1TdpHr%2C8RpaDf2P46CRgXktgHJHEtqCewZGsPTwTpJHk&c=728&d=90&e=&g=3c7d15364fd15b38b0bd5426270ab2a6%2F4129257182803659990&i=74692%2C108188%2C75077&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116816&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTeOYuzSvZZyBD7fUmLAP3Yyr2APE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Nk5mX0ZTXZZ1S2YFHwvnaUOXCwDkQf6X3KJ08ch8evWc0pJl80RjziLuLFrgvaLAP3H0HuTiG-MtQy4v162vJTK3vOzyTRTu-DnipllzVIHtWR88-7FNCYoZNleUVTcDPqVGSK-z64cTcRV7q0W5bHN7wb1rIXyv1QYIl2WbNq_pxV173jCxaYxbW0hxRsxiji7YH8mc5NTCcN-SdgIJA3DkDvJkN_fnfFiDCCTaK-Ybwx5TzJ9kGtGNUVpBTYaoRw51iQwPONIs-cB-EKW9I4xrAe_KdkxRhjrVhyo9I_8kQqtbfl-ZhaazLrJBma5_78BXJOq8hQuXPHdCML2FAWIpfH8LLULWF3UCDqCFcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliFrfjyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_TGGW2Or_djVvr6u4ETjZNWPAtbvJLXZF3VQJEI5uSI-_ygRbpa-qHOeodXfGGAE%2526sig%253DAOD64_3jLkm-UN7j-jonGkimIAIjU0790Q%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Agb5TLx385SwMUF6-r0kwTFLkVmELfIV0ovq6X2yRo5We8iLq_Ij141h5KY_uBVvTtKvgihE2FQDfBoJv_Wlf1XOlNbRht-icYE4Z9t4tE_XjWw5RK1UetbFbKfUk7DZbv4VHXdISbk4i5a_Dp5naoLIsM0gJ9F_vC2DmWxUOo0raGzRg%2526cry%253D1%2526dbm_d%253DAKAmf-CkY45fHHXYtHehsh2Sv1b43ZbZMhoLktA7XWwM5GbJpsr0h7ChFcuqohMrNStAiMururUK3Ibj-bWmj4gsGUohHiHsPuuyoPTvvUiY67jiwj0F16zHQZRVPetFwBzA3doLipyVxwXOpCJ4gz612BT5cbtZewcPcOfeJ8oul7Qw056eJaW7smG-SqKyuZkHEri_3z1VVWpwrDx1Dfz88DC3nuFyBHGyJ6L8svHFJOOkCErxjkfOovOn74tluFj8f043NxWS9EwlmnV9quCgVhGAx8AHcQgs8hf8xScmKxLA7YKTQ6K1k9vGGKWADfhvmGhp84A1dJeUyNq_beYCGACIalnJOS0H4jfiv_8vyXh9_JlA_6K9ZneB8X8XwsFCYxnkQ60y6EJL1xlkb__anumO2Y12VS6tlycjVn1--HwyHB9cbYQBYCoZnwJuFOKyS8RRsnsXMLAw9-EUdLSAPDYFYPyw16jpTM710zyEfby7KnprdRBd3TcuEY8arWKzcugD5rDV7sFadCXkGFY8yzCb0jU97g%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
600876
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q97EwAOlK5Gw4dkH5Oix%2B9w2Jnn91zZracgP8xuoycUSzdnD9EXKSb%2BFXxOxZ360N9YWd%2Fk6zldCtQ9ICybfXXX4VkKFMk3TA9OFfCwjfjpXArSPJzTIBbSEPHxwrnzL%2BB%2B%2F6IJUttI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
849d013cdcd86ae1-FRA
expires
Wed, 24 Jan 2024 03:38:36 GMT
261B342F58EC109D45E0EE102129A86D7921318561C48A0C9DA571AE0E2B790C2A08F068D63B3C4BE492E9EDA18A977DBDAFA0C4662AE62C7D3A74B9750604C6
assets.ad4m.at/logo/ Frame EE02
7 KB
7 KB
Image
General
Full URL
https://assets.ad4m.at/logo/261B342F58EC109D45E0EE102129A86D7921318561C48A0C9DA571AE0E2B790C2A08F068D63B3C4BE492E9EDA18A977DBDAFA0C4662AE62C7D3A74B9750604C6
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=726385%2C543072%2C189095&b=2bEa6f642McDbxwtVHWHkt8t2wk8sWT7TgGHg%2CxEpTQfEwD3Sb4EQSPHdHztQtmMA6CJT6TKkHA%2CzmWfRf4jMkTqXJeCpHBHMtqtPJGKfJTwTQBHW&f=4rmHEf2xVYC26ZesGH9HdtzCM8ZQhZTpT76fK%2CYxeTrfzrEwc9e5DaVH9HetgC6VxYUAT1TdpHr%2C8RpaDf2P46CRgXktgHJHEtqCewZGsPTwTpJHk&c=728&d=90&e=&g=3c7d15364fd15b38b0bd5426270ab2a6%2F4129257182803659990&i=74692%2C108188%2C75077&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116816&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTeOYuzSvZZyBD7fUmLAP3Yyr2APE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Nk5mX0ZTXZZ1S2YFHwvnaUOXCwDkQf6X3KJ08ch8evWc0pJl80RjziLuLFrgvaLAP3H0HuTiG-MtQy4v162vJTK3vOzyTRTu-DnipllzVIHtWR88-7FNCYoZNleUVTcDPqVGSK-z64cTcRV7q0W5bHN7wb1rIXyv1QYIl2WbNq_pxV173jCxaYxbW0hxRsxiji7YH8mc5NTCcN-SdgIJA3DkDvJkN_fnfFiDCCTaK-Ybwx5TzJ9kGtGNUVpBTYaoRw51iQwPONIs-cB-EKW9I4xrAe_KdkxRhjrVhyo9I_8kQqtbfl-ZhaazLrJBma5_78BXJOq8hQuXPHdCML2FAWIpfH8LLULWF3UCDqCFcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliFrfjyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_TGGW2Or_djVvr6u4ETjZNWPAtbvJLXZF3VQJEI5uSI-_ygRbpa-qHOeodXfGGAE%2526sig%253DAOD64_3jLkm-UN7j-jonGkimIAIjU0790Q%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Agb5TLx385SwMUF6-r0kwTFLkVmELfIV0ovq6X2yRo5We8iLq_Ij141h5KY_uBVvTtKvgihE2FQDfBoJv_Wlf1XOlNbRht-icYE4Z9t4tE_XjWw5RK1UetbFbKfUk7DZbv4VHXdISbk4i5a_Dp5naoLIsM0gJ9F_vC2DmWxUOo0raGzRg%2526cry%253D1%2526dbm_d%253DAKAmf-CkY45fHHXYtHehsh2Sv1b43ZbZMhoLktA7XWwM5GbJpsr0h7ChFcuqohMrNStAiMururUK3Ibj-bWmj4gsGUohHiHsPuuyoPTvvUiY67jiwj0F16zHQZRVPetFwBzA3doLipyVxwXOpCJ4gz612BT5cbtZewcPcOfeJ8oul7Qw056eJaW7smG-SqKyuZkHEri_3z1VVWpwrDx1Dfz88DC3nuFyBHGyJ6L8svHFJOOkCErxjkfOovOn74tluFj8f043NxWS9EwlmnV9quCgVhGAx8AHcQgs8hf8xScmKxLA7YKTQ6K1k9vGGKWADfhvmGhp84A1dJeUyNq_beYCGACIalnJOS0H4jfiv_8vyXh9_JlA_6K9ZneB8X8XwsFCYxnkQ60y6EJL1xlkb__anumO2Y12VS6tlycjVn1--HwyHB9cbYQBYCoZnwJuFOKyS8RRsnsXMLAw9-EUdLSAPDYFYPyw16jpTM710zyEfby7KnprdRBd3TcuEY8arWKzcugD5rDV7sFadCXkGFY8yzCb0jU97g%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
885730ca6e2ba1646931a99ca5a7f39bc4c0fbf9cb2e5a6ae66db1080e200f59

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3497597
cf-polished
origFmt=png, origSize=9073
alt-svc
h3=":443"; ma=86400
content-length
6882
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 15:43:38 GMT
server
cloudflare
etag
"4b1b1f38ca16f38b6d598855da99567c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=en4lD8r%2FPTX6AN8rr%2FnvZ82RWJWCHYGA%2B3Pg7s58xKmAb42sH8iWQxrZh7GxkO%2FLuIFyPpPPHnRudc4aK1Pn0rBTG7U9MtuBrNkhcqRgRsULSobBSCpfjldUOeMulskoj9ZZ7Vg3gZzcVmxS"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d013cdcda6ae1-FRA
DCCF40034B8D122A4A5E9522EEAC79B82578D34AE7B313150048D06BD206E752335703A37E97C8F2D9D8DB1EC236FC6F259BC8DF16600D74EA8675AE991920C9
assets.ad4m.at/ Frame EE02
19 KB
19 KB
Image
General
Full URL
https://assets.ad4m.at/DCCF40034B8D122A4A5E9522EEAC79B82578D34AE7B313150048D06BD206E752335703A37E97C8F2D9D8DB1EC236FC6F259BC8DF16600D74EA8675AE991920C9
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=726385%2C543072%2C189095&b=2bEa6f642McDbxwtVHWHkt8t2wk8sWT7TgGHg%2CxEpTQfEwD3Sb4EQSPHdHztQtmMA6CJT6TKkHA%2CzmWfRf4jMkTqXJeCpHBHMtqtPJGKfJTwTQBHW&f=4rmHEf2xVYC26ZesGH9HdtzCM8ZQhZTpT76fK%2CYxeTrfzrEwc9e5DaVH9HetgC6VxYUAT1TdpHr%2C8RpaDf2P46CRgXktgHJHEtqCewZGsPTwTpJHk&c=728&d=90&e=&g=3c7d15364fd15b38b0bd5426270ab2a6%2F4129257182803659990&i=74692%2C108188%2C75077&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116816&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTeOYuzSvZZyBD7fUmLAP3Yyr2APE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Nk5mX0ZTXZZ1S2YFHwvnaUOXCwDkQf6X3KJ08ch8evWc0pJl80RjziLuLFrgvaLAP3H0HuTiG-MtQy4v162vJTK3vOzyTRTu-DnipllzVIHtWR88-7FNCYoZNleUVTcDPqVGSK-z64cTcRV7q0W5bHN7wb1rIXyv1QYIl2WbNq_pxV173jCxaYxbW0hxRsxiji7YH8mc5NTCcN-SdgIJA3DkDvJkN_fnfFiDCCTaK-Ybwx5TzJ9kGtGNUVpBTYaoRw51iQwPONIs-cB-EKW9I4xrAe_KdkxRhjrVhyo9I_8kQqtbfl-ZhaazLrJBma5_78BXJOq8hQuXPHdCML2FAWIpfH8LLULWF3UCDqCFcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliFrfjyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_TGGW2Or_djVvr6u4ETjZNWPAtbvJLXZF3VQJEI5uSI-_ygRbpa-qHOeodXfGGAE%2526sig%253DAOD64_3jLkm-UN7j-jonGkimIAIjU0790Q%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Agb5TLx385SwMUF6-r0kwTFLkVmELfIV0ovq6X2yRo5We8iLq_Ij141h5KY_uBVvTtKvgihE2FQDfBoJv_Wlf1XOlNbRht-icYE4Z9t4tE_XjWw5RK1UetbFbKfUk7DZbv4VHXdISbk4i5a_Dp5naoLIsM0gJ9F_vC2DmWxUOo0raGzRg%2526cry%253D1%2526dbm_d%253DAKAmf-CkY45fHHXYtHehsh2Sv1b43ZbZMhoLktA7XWwM5GbJpsr0h7ChFcuqohMrNStAiMururUK3Ibj-bWmj4gsGUohHiHsPuuyoPTvvUiY67jiwj0F16zHQZRVPetFwBzA3doLipyVxwXOpCJ4gz612BT5cbtZewcPcOfeJ8oul7Qw056eJaW7smG-SqKyuZkHEri_3z1VVWpwrDx1Dfz88DC3nuFyBHGyJ6L8svHFJOOkCErxjkfOovOn74tluFj8f043NxWS9EwlmnV9quCgVhGAx8AHcQgs8hf8xScmKxLA7YKTQ6K1k9vGGKWADfhvmGhp84A1dJeUyNq_beYCGACIalnJOS0H4jfiv_8vyXh9_JlA_6K9ZneB8X8XwsFCYxnkQ60y6EJL1xlkb__anumO2Y12VS6tlycjVn1--HwyHB9cbYQBYCoZnwJuFOKyS8RRsnsXMLAw9-EUdLSAPDYFYPyw16jpTM710zyEfby7KnprdRBd3TcuEY8arWKzcugD5rDV7sFadCXkGFY8yzCb0jU97g%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71fdf3d7c6023ece9322fdd93cfc3ef8ed942d6ba93fb208641b057986d17dc1

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1064407
cf-polished
qual=85, origFmt=jpeg, origSize=21094
alt-svc
h3=":443"; ma=86400
content-length
19060
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 Nov 2023 15:26:21 GMT
server
cloudflare
etag
"6d2a7ef763e9e8ef5298baf5daa5cfa2"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13vgJQKJ9N%2FWzPOmrsDy1U4qEPvEtUwftky9s3RGXq%2FOfosetpxBku5VVdHZP%2BCwjaiWGwBxyo%2BVbpm8ubouZWK6ymQFzDqtiNpDvUeHVvLlAUpV6meiiUUd4LlGGgauNU5c5uNPcnA6sb%2Fa"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d013cdcdc6ae1-FRA
cshow.php
www.awin1.com/ Frame EE02
43 B
705 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=3028015&v=23466&q=426997&r=412871&pv=1&pref3=oneid2bEa6f642McDbxwtVHWHkt8t2wk8sWT7TgGHgoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=726385%2C543072%2C189095&b=2bEa6f642McDbxwtVHWHkt8t2wk8sWT7TgGHg%2CxEpTQfEwD3Sb4EQSPHdHztQtmMA6CJT6TKkHA%2CzmWfRf4jMkTqXJeCpHBHMtqtPJGKfJTwTQBHW&f=4rmHEf2xVYC26ZesGH9HdtzCM8ZQhZTpT76fK%2CYxeTrfzrEwc9e5DaVH9HetgC6VxYUAT1TdpHr%2C8RpaDf2P46CRgXktgHJHEtqCewZGsPTwTpJHk&c=728&d=90&e=&g=3c7d15364fd15b38b0bd5426270ab2a6%2F4129257182803659990&i=74692%2C108188%2C75077&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116816&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTeOYuzSvZZyBD7fUmLAP3Yyr2APE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Nk5mX0ZTXZZ1S2YFHwvnaUOXCwDkQf6X3KJ08ch8evWc0pJl80RjziLuLFrgvaLAP3H0HuTiG-MtQy4v162vJTK3vOzyTRTu-DnipllzVIHtWR88-7FNCYoZNleUVTcDPqVGSK-z64cTcRV7q0W5bHN7wb1rIXyv1QYIl2WbNq_pxV173jCxaYxbW0hxRsxiji7YH8mc5NTCcN-SdgIJA3DkDvJkN_fnfFiDCCTaK-Ybwx5TzJ9kGtGNUVpBTYaoRw51iQwPONIs-cB-EKW9I4xrAe_KdkxRhjrVhyo9I_8kQqtbfl-ZhaazLrJBma5_78BXJOq8hQuXPHdCML2FAWIpfH8LLULWF3UCDqCFcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliFrfjyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_TGGW2Or_djVvr6u4ETjZNWPAtbvJLXZF3VQJEI5uSI-_ygRbpa-qHOeodXfGGAE%2526sig%253DAOD64_3jLkm-UN7j-jonGkimIAIjU0790Q%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Agb5TLx385SwMUF6-r0kwTFLkVmELfIV0ovq6X2yRo5We8iLq_Ij141h5KY_uBVvTtKvgihE2FQDfBoJv_Wlf1XOlNbRht-icYE4Z9t4tE_XjWw5RK1UetbFbKfUk7DZbv4VHXdISbk4i5a_Dp5naoLIsM0gJ9F_vC2DmWxUOo0raGzRg%2526cry%253D1%2526dbm_d%253DAKAmf-CkY45fHHXYtHehsh2Sv1b43ZbZMhoLktA7XWwM5GbJpsr0h7ChFcuqohMrNStAiMururUK3Ibj-bWmj4gsGUohHiHsPuuyoPTvvUiY67jiwj0F16zHQZRVPetFwBzA3doLipyVxwXOpCJ4gz612BT5cbtZewcPcOfeJ8oul7Qw056eJaW7smG-SqKyuZkHEri_3z1VVWpwrDx1Dfz88DC3nuFyBHGyJ6L8svHFJOOkCErxjkfOovOn74tluFj8f043NxWS9EwlmnV9quCgVhGAx8AHcQgs8hf8xScmKxLA7YKTQ6K1k9vGGKWADfhvmGhp84A1dJeUyNq_beYCGACIalnJOS0H4jfiv_8vyXh9_JlA_6K9ZneB8X8XwsFCYxnkQ60y6EJL1xlkb__anumO2Y12VS6tlycjVn1--HwyHB9cbYQBYCoZnwJuFOKyS8RRsnsXMLAw9-EUdLSAPDYFYPyw16jpTM710zyEfby7KnprdRBd3TcuEY8arWKzcugD5rDV7sFadCXkGFY8yzCb0jU97g%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:37 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
73D1DBA6AF0F8B8526A7C1130A6AE1AF7D389276DF8237BC7EEABCB8EF0B49BD1622C203916DC4413B92935835ACAD379033D5B4D8E7BE4C02BC78D1BFB5DAF1
assets.ad4m.at/logo/ Frame EE02
15 KB
16 KB
Image
General
Full URL
https://assets.ad4m.at/logo/73D1DBA6AF0F8B8526A7C1130A6AE1AF7D389276DF8237BC7EEABCB8EF0B49BD1622C203916DC4413B92935835ACAD379033D5B4D8E7BE4C02BC78D1BFB5DAF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=726385%2C543072%2C189095&b=2bEa6f642McDbxwtVHWHkt8t2wk8sWT7TgGHg%2CxEpTQfEwD3Sb4EQSPHdHztQtmMA6CJT6TKkHA%2CzmWfRf4jMkTqXJeCpHBHMtqtPJGKfJTwTQBHW&f=4rmHEf2xVYC26ZesGH9HdtzCM8ZQhZTpT76fK%2CYxeTrfzrEwc9e5DaVH9HetgC6VxYUAT1TdpHr%2C8RpaDf2P46CRgXktgHJHEtqCewZGsPTwTpJHk&c=728&d=90&e=&g=3c7d15364fd15b38b0bd5426270ab2a6%2F4129257182803659990&i=74692%2C108188%2C75077&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116816&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTeOYuzSvZZyBD7fUmLAP3Yyr2APE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Nk5mX0ZTXZZ1S2YFHwvnaUOXCwDkQf6X3KJ08ch8evWc0pJl80RjziLuLFrgvaLAP3H0HuTiG-MtQy4v162vJTK3vOzyTRTu-DnipllzVIHtWR88-7FNCYoZNleUVTcDPqVGSK-z64cTcRV7q0W5bHN7wb1rIXyv1QYIl2WbNq_pxV173jCxaYxbW0hxRsxiji7YH8mc5NTCcN-SdgIJA3DkDvJkN_fnfFiDCCTaK-Ybwx5TzJ9kGtGNUVpBTYaoRw51iQwPONIs-cB-EKW9I4xrAe_KdkxRhjrVhyo9I_8kQqtbfl-ZhaazLrJBma5_78BXJOq8hQuXPHdCML2FAWIpfH8LLULWF3UCDqCFcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliFrfjyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_TGGW2Or_djVvr6u4ETjZNWPAtbvJLXZF3VQJEI5uSI-_ygRbpa-qHOeodXfGGAE%2526sig%253DAOD64_3jLkm-UN7j-jonGkimIAIjU0790Q%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Agb5TLx385SwMUF6-r0kwTFLkVmELfIV0ovq6X2yRo5We8iLq_Ij141h5KY_uBVvTtKvgihE2FQDfBoJv_Wlf1XOlNbRht-icYE4Z9t4tE_XjWw5RK1UetbFbKfUk7DZbv4VHXdISbk4i5a_Dp5naoLIsM0gJ9F_vC2DmWxUOo0raGzRg%2526cry%253D1%2526dbm_d%253DAKAmf-CkY45fHHXYtHehsh2Sv1b43ZbZMhoLktA7XWwM5GbJpsr0h7ChFcuqohMrNStAiMururUK3Ibj-bWmj4gsGUohHiHsPuuyoPTvvUiY67jiwj0F16zHQZRVPetFwBzA3doLipyVxwXOpCJ4gz612BT5cbtZewcPcOfeJ8oul7Qw056eJaW7smG-SqKyuZkHEri_3z1VVWpwrDx1Dfz88DC3nuFyBHGyJ6L8svHFJOOkCErxjkfOovOn74tluFj8f043NxWS9EwlmnV9quCgVhGAx8AHcQgs8hf8xScmKxLA7YKTQ6K1k9vGGKWADfhvmGhp84A1dJeUyNq_beYCGACIalnJOS0H4jfiv_8vyXh9_JlA_6K9ZneB8X8XwsFCYxnkQ60y6EJL1xlkb__anumO2Y12VS6tlycjVn1--HwyHB9cbYQBYCoZnwJuFOKyS8RRsnsXMLAw9-EUdLSAPDYFYPyw16jpTM710zyEfby7KnprdRBd3TcuEY8arWKzcugD5rDV7sFadCXkGFY8yzCb0jU97g%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e9bd2fd825c5f0320be96f92b2fa16c22dd53c33743295a30f391344988b93c

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1069919
cf-polished
origFmt=png, origSize=32773
alt-svc
h3=":443"; ma=86400
content-length
15446
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 15:48:55 GMT
server
cloudflare
etag
"0055533101a2e846be927b1974a60d59"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2FcJsUzpe51TPEARUIwlhxmGRRfiNftpTnkrcHwt5s%2FajAb2lusfZmoSF%2FYZd2R6%2FitTh1548pTLakFAfPvRN08pFuD20cm8wEMPRomcgAP%2FFN6DQUlkSUxoF2CMidcEB6smfL%2FZIKXSvHX9"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d01406f306ae1-FRA
D31AF75844167C32E82894C0A22E4B411EB79B41FD9D2FB7ACDCBD8CBE836F1B03AF136C7E695BC5393F190C3DF9361F27D6BE7C99BD8C03D83D576DA5D5A0E4
assets.ad4m.at/ Frame EE02
48 KB
49 KB
Image
General
Full URL
https://assets.ad4m.at/D31AF75844167C32E82894C0A22E4B411EB79B41FD9D2FB7ACDCBD8CBE836F1B03AF136C7E695BC5393F190C3DF9361F27D6BE7C99BD8C03D83D576DA5D5A0E4
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=726385%2C543072%2C189095&b=2bEa6f642McDbxwtVHWHkt8t2wk8sWT7TgGHg%2CxEpTQfEwD3Sb4EQSPHdHztQtmMA6CJT6TKkHA%2CzmWfRf4jMkTqXJeCpHBHMtqtPJGKfJTwTQBHW&f=4rmHEf2xVYC26ZesGH9HdtzCM8ZQhZTpT76fK%2CYxeTrfzrEwc9e5DaVH9HetgC6VxYUAT1TdpHr%2C8RpaDf2P46CRgXktgHJHEtqCewZGsPTwTpJHk&c=728&d=90&e=&g=3c7d15364fd15b38b0bd5426270ab2a6%2F4129257182803659990&i=74692%2C108188%2C75077&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116816&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTeOYuzSvZZyBD7fUmLAP3Yyr2APE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Nk5mX0ZTXZZ1S2YFHwvnaUOXCwDkQf6X3KJ08ch8evWc0pJl80RjziLuLFrgvaLAP3H0HuTiG-MtQy4v162vJTK3vOzyTRTu-DnipllzVIHtWR88-7FNCYoZNleUVTcDPqVGSK-z64cTcRV7q0W5bHN7wb1rIXyv1QYIl2WbNq_pxV173jCxaYxbW0hxRsxiji7YH8mc5NTCcN-SdgIJA3DkDvJkN_fnfFiDCCTaK-Ybwx5TzJ9kGtGNUVpBTYaoRw51iQwPONIs-cB-EKW9I4xrAe_KdkxRhjrVhyo9I_8kQqtbfl-ZhaazLrJBma5_78BXJOq8hQuXPHdCML2FAWIpfH8LLULWF3UCDqCFcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliFrfjyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_TGGW2Or_djVvr6u4ETjZNWPAtbvJLXZF3VQJEI5uSI-_ygRbpa-qHOeodXfGGAE%2526sig%253DAOD64_3jLkm-UN7j-jonGkimIAIjU0790Q%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Agb5TLx385SwMUF6-r0kwTFLkVmELfIV0ovq6X2yRo5We8iLq_Ij141h5KY_uBVvTtKvgihE2FQDfBoJv_Wlf1XOlNbRht-icYE4Z9t4tE_XjWw5RK1UetbFbKfUk7DZbv4VHXdISbk4i5a_Dp5naoLIsM0gJ9F_vC2DmWxUOo0raGzRg%2526cry%253D1%2526dbm_d%253DAKAmf-CkY45fHHXYtHehsh2Sv1b43ZbZMhoLktA7XWwM5GbJpsr0h7ChFcuqohMrNStAiMururUK3Ibj-bWmj4gsGUohHiHsPuuyoPTvvUiY67jiwj0F16zHQZRVPetFwBzA3doLipyVxwXOpCJ4gz612BT5cbtZewcPcOfeJ8oul7Qw056eJaW7smG-SqKyuZkHEri_3z1VVWpwrDx1Dfz88DC3nuFyBHGyJ6L8svHFJOOkCErxjkfOovOn74tluFj8f043NxWS9EwlmnV9quCgVhGAx8AHcQgs8hf8xScmKxLA7YKTQ6K1k9vGGKWADfhvmGhp84A1dJeUyNq_beYCGACIalnJOS0H4jfiv_8vyXh9_JlA_6K9ZneB8X8XwsFCYxnkQ60y6EJL1xlkb__anumO2Y12VS6tlycjVn1--HwyHB9cbYQBYCoZnwJuFOKyS8RRsnsXMLAw9-EUdLSAPDYFYPyw16jpTM710zyEfby7KnprdRBd3TcuEY8arWKzcugD5rDV7sFadCXkGFY8yzCb0jU97g%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd6ce7643866a4c1392bfda2a2ac69b1c65bcf67f0b7b0d1c8f9a691d7651be4

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4740809
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
49303
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 Nov 2023 13:13:01 GMT
server
cloudflare
etag
"2bf7e2c3104ba97a019a6b4e3a70f708"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2Fj8eVP8XMK%2BlrjNGuDdnhob%2B%2FIR8AmN5czPD27Z%2BVzzNWSpSnw2Pm%2BYjG8AhTC0a0KyIpWs1amisOpfRN1%2FWOvWAe237tQUFZWmZyv39y8Bfsrw%2B4ok1NABuZfUoviJuSc5Rfgy7oLS%2Bfef"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d01406f316ae1-FRA
cshow.php
www.awin1.com/ Frame EE02
43 B
702 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2552330&v=13668&q=379759&r=412871&pv=1&pref3=oneidxEpTQfEwD3Sb4EQSPHdHztQtmMA6CJT6TKkHAoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=726385%2C543072%2C189095&b=2bEa6f642McDbxwtVHWHkt8t2wk8sWT7TgGHg%2CxEpTQfEwD3Sb4EQSPHdHztQtmMA6CJT6TKkHA%2CzmWfRf4jMkTqXJeCpHBHMtqtPJGKfJTwTQBHW&f=4rmHEf2xVYC26ZesGH9HdtzCM8ZQhZTpT76fK%2CYxeTrfzrEwc9e5DaVH9HetgC6VxYUAT1TdpHr%2C8RpaDf2P46CRgXktgHJHEtqCewZGsPTwTpJHk&c=728&d=90&e=&g=3c7d15364fd15b38b0bd5426270ab2a6%2F4129257182803659990&i=74692%2C108188%2C75077&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116816&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTeOYuzSvZZyBD7fUmLAP3Yyr2APE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Nk5mX0ZTXZZ1S2YFHwvnaUOXCwDkQf6X3KJ08ch8evWc0pJl80RjziLuLFrgvaLAP3H0HuTiG-MtQy4v162vJTK3vOzyTRTu-DnipllzVIHtWR88-7FNCYoZNleUVTcDPqVGSK-z64cTcRV7q0W5bHN7wb1rIXyv1QYIl2WbNq_pxV173jCxaYxbW0hxRsxiji7YH8mc5NTCcN-SdgIJA3DkDvJkN_fnfFiDCCTaK-Ybwx5TzJ9kGtGNUVpBTYaoRw51iQwPONIs-cB-EKW9I4xrAe_KdkxRhjrVhyo9I_8kQqtbfl-ZhaazLrJBma5_78BXJOq8hQuXPHdCML2FAWIpfH8LLULWF3UCDqCFcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliFrfjyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_TGGW2Or_djVvr6u4ETjZNWPAtbvJLXZF3VQJEI5uSI-_ygRbpa-qHOeodXfGGAE%2526sig%253DAOD64_3jLkm-UN7j-jonGkimIAIjU0790Q%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Agb5TLx385SwMUF6-r0kwTFLkVmELfIV0ovq6X2yRo5We8iLq_Ij141h5KY_uBVvTtKvgihE2FQDfBoJv_Wlf1XOlNbRht-icYE4Z9t4tE_XjWw5RK1UetbFbKfUk7DZbv4VHXdISbk4i5a_Dp5naoLIsM0gJ9F_vC2DmWxUOo0raGzRg%2526cry%253D1%2526dbm_d%253DAKAmf-CkY45fHHXYtHehsh2Sv1b43ZbZMhoLktA7XWwM5GbJpsr0h7ChFcuqohMrNStAiMururUK3Ibj-bWmj4gsGUohHiHsPuuyoPTvvUiY67jiwj0F16zHQZRVPetFwBzA3doLipyVxwXOpCJ4gz612BT5cbtZewcPcOfeJ8oul7Qw056eJaW7smG-SqKyuZkHEri_3z1VVWpwrDx1Dfz88DC3nuFyBHGyJ6L8svHFJOOkCErxjkfOovOn74tluFj8f043NxWS9EwlmnV9quCgVhGAx8AHcQgs8hf8xScmKxLA7YKTQ6K1k9vGGKWADfhvmGhp84A1dJeUyNq_beYCGACIalnJOS0H4jfiv_8vyXh9_JlA_6K9ZneB8X8XwsFCYxnkQ60y6EJL1xlkb__anumO2Y12VS6tlycjVn1--HwyHB9cbYQBYCoZnwJuFOKyS8RRsnsXMLAw9-EUdLSAPDYFYPyw16jpTM710zyEfby7KnprdRBd3TcuEY8arWKzcugD5rDV7sFadCXkGFY8yzCb0jU97g%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:37 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
4650FE17B1126EAF1EFE1E56DD9A04073BEDC5C1D4E4CE35EB7303D917366A6A0AAF7BEC9782E83A4F74D32388DD575F0343BFEE3AD4C9239D0B8D318B4DA541
assets.ad4m.at/logo/ Frame EE02
61 KB
62 KB
Image
General
Full URL
https://assets.ad4m.at/logo/4650FE17B1126EAF1EFE1E56DD9A04073BEDC5C1D4E4CE35EB7303D917366A6A0AAF7BEC9782E83A4F74D32388DD575F0343BFEE3AD4C9239D0B8D318B4DA541
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=726385%2C543072%2C189095&b=2bEa6f642McDbxwtVHWHkt8t2wk8sWT7TgGHg%2CxEpTQfEwD3Sb4EQSPHdHztQtmMA6CJT6TKkHA%2CzmWfRf4jMkTqXJeCpHBHMtqtPJGKfJTwTQBHW&f=4rmHEf2xVYC26ZesGH9HdtzCM8ZQhZTpT76fK%2CYxeTrfzrEwc9e5DaVH9HetgC6VxYUAT1TdpHr%2C8RpaDf2P46CRgXktgHJHEtqCewZGsPTwTpJHk&c=728&d=90&e=&g=3c7d15364fd15b38b0bd5426270ab2a6%2F4129257182803659990&i=74692%2C108188%2C75077&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116816&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTeOYuzSvZZyBD7fUmLAP3Yyr2APE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Nk5mX0ZTXZZ1S2YFHwvnaUOXCwDkQf6X3KJ08ch8evWc0pJl80RjziLuLFrgvaLAP3H0HuTiG-MtQy4v162vJTK3vOzyTRTu-DnipllzVIHtWR88-7FNCYoZNleUVTcDPqVGSK-z64cTcRV7q0W5bHN7wb1rIXyv1QYIl2WbNq_pxV173jCxaYxbW0hxRsxiji7YH8mc5NTCcN-SdgIJA3DkDvJkN_fnfFiDCCTaK-Ybwx5TzJ9kGtGNUVpBTYaoRw51iQwPONIs-cB-EKW9I4xrAe_KdkxRhjrVhyo9I_8kQqtbfl-ZhaazLrJBma5_78BXJOq8hQuXPHdCML2FAWIpfH8LLULWF3UCDqCFcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliFrfjyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_TGGW2Or_djVvr6u4ETjZNWPAtbvJLXZF3VQJEI5uSI-_ygRbpa-qHOeodXfGGAE%2526sig%253DAOD64_3jLkm-UN7j-jonGkimIAIjU0790Q%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Agb5TLx385SwMUF6-r0kwTFLkVmELfIV0ovq6X2yRo5We8iLq_Ij141h5KY_uBVvTtKvgihE2FQDfBoJv_Wlf1XOlNbRht-icYE4Z9t4tE_XjWw5RK1UetbFbKfUk7DZbv4VHXdISbk4i5a_Dp5naoLIsM0gJ9F_vC2DmWxUOo0raGzRg%2526cry%253D1%2526dbm_d%253DAKAmf-CkY45fHHXYtHehsh2Sv1b43ZbZMhoLktA7XWwM5GbJpsr0h7ChFcuqohMrNStAiMururUK3Ibj-bWmj4gsGUohHiHsPuuyoPTvvUiY67jiwj0F16zHQZRVPetFwBzA3doLipyVxwXOpCJ4gz612BT5cbtZewcPcOfeJ8oul7Qw056eJaW7smG-SqKyuZkHEri_3z1VVWpwrDx1Dfz88DC3nuFyBHGyJ6L8svHFJOOkCErxjkfOovOn74tluFj8f043NxWS9EwlmnV9quCgVhGAx8AHcQgs8hf8xScmKxLA7YKTQ6K1k9vGGKWADfhvmGhp84A1dJeUyNq_beYCGACIalnJOS0H4jfiv_8vyXh9_JlA_6K9ZneB8X8XwsFCYxnkQ60y6EJL1xlkb__anumO2Y12VS6tlycjVn1--HwyHB9cbYQBYCoZnwJuFOKyS8RRsnsXMLAw9-EUdLSAPDYFYPyw16jpTM710zyEfby7KnprdRBd3TcuEY8arWKzcugD5rDV7sFadCXkGFY8yzCb0jU97g%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39fa629516fd07d054b82cdcf21961f1fbb5d75806cb504aab95f4df29ae6b10

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1065317
cf-polished
origFmt=png, origSize=94459
alt-svc
h3=":443"; ma=86400
content-length
62796
cf-bgj
imgq:85,h2pri
last-modified
Thu, 12 Oct 2023 15:45:43 GMT
server
cloudflare
etag
"6384720c4a405698792ff47431c13531"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhD3kLTMUuqIUxj%2FEa4BhfWC4UHghu2hX9RCD%2BcsbagcOPHHFq9eUwdYKFQ%2F84n7nzrrM6KQG6SzcX2jepoRskKwM%2FCWGgOsKYQ24p%2BZdIgBa3JaQmB68GCmTQv2jzRbXYH9iYcvdAP7lxGl"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d01407f3a6ae1-FRA
D120FC82A6338E0480DFA6D0EE3C332FAF53F1F426AB5EB92E25F6B2578929DB77DD383F21324E28DDBDC2DE27E7B490BDAFFB5AF4BD1557D4F5C1EE04DE5EA5
assets.ad4m.at/ Frame EE02
27 KB
27 KB
Image
General
Full URL
https://assets.ad4m.at/D120FC82A6338E0480DFA6D0EE3C332FAF53F1F426AB5EB92E25F6B2578929DB77DD383F21324E28DDBDC2DE27E7B490BDAFFB5AF4BD1557D4F5C1EE04DE5EA5
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=726385%2C543072%2C189095&b=2bEa6f642McDbxwtVHWHkt8t2wk8sWT7TgGHg%2CxEpTQfEwD3Sb4EQSPHdHztQtmMA6CJT6TKkHA%2CzmWfRf4jMkTqXJeCpHBHMtqtPJGKfJTwTQBHW&f=4rmHEf2xVYC26ZesGH9HdtzCM8ZQhZTpT76fK%2CYxeTrfzrEwc9e5DaVH9HetgC6VxYUAT1TdpHr%2C8RpaDf2P46CRgXktgHJHEtqCewZGsPTwTpJHk&c=728&d=90&e=&g=3c7d15364fd15b38b0bd5426270ab2a6%2F4129257182803659990&i=74692%2C108188%2C75077&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116816&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTeOYuzSvZZyBD7fUmLAP3Yyr2APE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Nk5mX0ZTXZZ1S2YFHwvnaUOXCwDkQf6X3KJ08ch8evWc0pJl80RjziLuLFrgvaLAP3H0HuTiG-MtQy4v162vJTK3vOzyTRTu-DnipllzVIHtWR88-7FNCYoZNleUVTcDPqVGSK-z64cTcRV7q0W5bHN7wb1rIXyv1QYIl2WbNq_pxV173jCxaYxbW0hxRsxiji7YH8mc5NTCcN-SdgIJA3DkDvJkN_fnfFiDCCTaK-Ybwx5TzJ9kGtGNUVpBTYaoRw51iQwPONIs-cB-EKW9I4xrAe_KdkxRhjrVhyo9I_8kQqtbfl-ZhaazLrJBma5_78BXJOq8hQuXPHdCML2FAWIpfH8LLULWF3UCDqCFcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliFrfjyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_TGGW2Or_djVvr6u4ETjZNWPAtbvJLXZF3VQJEI5uSI-_ygRbpa-qHOeodXfGGAE%2526sig%253DAOD64_3jLkm-UN7j-jonGkimIAIjU0790Q%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Agb5TLx385SwMUF6-r0kwTFLkVmELfIV0ovq6X2yRo5We8iLq_Ij141h5KY_uBVvTtKvgihE2FQDfBoJv_Wlf1XOlNbRht-icYE4Z9t4tE_XjWw5RK1UetbFbKfUk7DZbv4VHXdISbk4i5a_Dp5naoLIsM0gJ9F_vC2DmWxUOo0raGzRg%2526cry%253D1%2526dbm_d%253DAKAmf-CkY45fHHXYtHehsh2Sv1b43ZbZMhoLktA7XWwM5GbJpsr0h7ChFcuqohMrNStAiMururUK3Ibj-bWmj4gsGUohHiHsPuuyoPTvvUiY67jiwj0F16zHQZRVPetFwBzA3doLipyVxwXOpCJ4gz612BT5cbtZewcPcOfeJ8oul7Qw056eJaW7smG-SqKyuZkHEri_3z1VVWpwrDx1Dfz88DC3nuFyBHGyJ6L8svHFJOOkCErxjkfOovOn74tluFj8f043NxWS9EwlmnV9quCgVhGAx8AHcQgs8hf8xScmKxLA7YKTQ6K1k9vGGKWADfhvmGhp84A1dJeUyNq_beYCGACIalnJOS0H4jfiv_8vyXh9_JlA_6K9ZneB8X8XwsFCYxnkQ60y6EJL1xlkb__anumO2Y12VS6tlycjVn1--HwyHB9cbYQBYCoZnwJuFOKyS8RRsnsXMLAw9-EUdLSAPDYFYPyw16jpTM710zyEfby7KnprdRBd3TcuEY8arWKzcugD5rDV7sFadCXkGFY8yzCb0jU97g%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef689833844f1c100571bc1bcea6c1325e6f2e3da192343a49650d18b8781411

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1232318
cf-polished
qual=85, origFmt=jpeg, origSize=29796
alt-svc
h3=":443"; ma=86400
content-length
27334
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 Nov 2023 13:40:16 GMT
server
cloudflare
etag
"7afb4bb649751086a321270a1193a1c6"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OW5DwXa%2B8vf59xEAzN3PjPV1%2BjVG7azifKvoGQODq3S2IPp%2FO1kLXMB2Ya4oF420jJkktUiFF3ESMJoNWOVY4Fc7wsI4Hpd6QHFc34289%2FdIcjY4d%2Fs1xDj5lvlR0ktLg8qVnj1U5XPhPjBZ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
849d01407f3b6ae1-FRA
cshow.php
www.awin1.com/ Frame EE02
43 B
704 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2879223&v=23250&q=412832&r=412871&pv=1&pref3=oneidzmWfRf4jMkTqXJeCpHBHMtqtPJGKfJTwTQBHWoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=726385%2C543072%2C189095&b=2bEa6f642McDbxwtVHWHkt8t2wk8sWT7TgGHg%2CxEpTQfEwD3Sb4EQSPHdHztQtmMA6CJT6TKkHA%2CzmWfRf4jMkTqXJeCpHBHMtqtPJGKfJTwTQBHW&f=4rmHEf2xVYC26ZesGH9HdtzCM8ZQhZTpT76fK%2CYxeTrfzrEwc9e5DaVH9HetgC6VxYUAT1TdpHr%2C8RpaDf2P46CRgXktgHJHEtqCewZGsPTwTpJHk&c=728&d=90&e=&g=3c7d15364fd15b38b0bd5426270ab2a6%2F4129257182803659990&i=74692%2C108188%2C75077&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Awin_Reach02&r=1705981116816&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCTeOYuzSvZZyBD7fUmLAP3Yyr2APE_sLSaKeDiqTUC_suEAEgt-WEIWD1lc6B4ATIAQmpAvQ7k0BSRLI-qAMByAObBKoEkAJP0Nk5mX0ZTXZZ1S2YFHwvnaUOXCwDkQf6X3KJ08ch8evWc0pJl80RjziLuLFrgvaLAP3H0HuTiG-MtQy4v162vJTK3vOzyTRTu-DnipllzVIHtWR88-7FNCYoZNleUVTcDPqVGSK-z64cTcRV7q0W5bHN7wb1rIXyv1QYIl2WbNq_pxV173jCxaYxbW0hxRsxiji7YH8mc5NTCcN-SdgIJA3DkDvJkN_fnfFiDCCTaK-Ybwx5TzJ9kGtGNUVpBTYaoRw51iQwPONIs-cB-EKW9I4xrAe_KdkxRhjrVhyo9I_8kQqtbfl-ZhaazLrJBma5_78BXJOq8hQuXPHdCML2FAWIpfH8LLULWF3UCDqCFcAEsdGl1DjgBAOIBcHP-3iQBgGgBk2AB4GO8jeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYXzICigI6BIBAgEBIvf3BOliFrfjyyvKDA_IIDWJpZGRlci0yMDEzMzaACgSYCwHICwGADAGqDQJDSLAT28vrAtgTA4gUAdgUAdAVAfgWAYAXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSMgAvHhf_TGGW2Or_djVvr6u4ETjZNWPAtbvJLXZF3VQJEI5uSI-_ygRbpa-qHOeodXfGGAE%2526sig%253DAOD64_3jLkm-UN7j-jonGkimIAIjU0790Q%2526client%253Dca-pub-5722610347565274%2526dbm_c%253DAKAmf-Agb5TLx385SwMUF6-r0kwTFLkVmELfIV0ovq6X2yRo5We8iLq_Ij141h5KY_uBVvTtKvgihE2FQDfBoJv_Wlf1XOlNbRht-icYE4Z9t4tE_XjWw5RK1UetbFbKfUk7DZbv4VHXdISbk4i5a_Dp5naoLIsM0gJ9F_vC2DmWxUOo0raGzRg%2526cry%253D1%2526dbm_d%253DAKAmf-CkY45fHHXYtHehsh2Sv1b43ZbZMhoLktA7XWwM5GbJpsr0h7ChFcuqohMrNStAiMururUK3Ibj-bWmj4gsGUohHiHsPuuyoPTvvUiY67jiwj0F16zHQZRVPetFwBzA3doLipyVxwXOpCJ4gz612BT5cbtZewcPcOfeJ8oul7Qw056eJaW7smG-SqKyuZkHEri_3z1VVWpwrDx1Dfz88DC3nuFyBHGyJ6L8svHFJOOkCErxjkfOovOn74tluFj8f043NxWS9EwlmnV9quCgVhGAx8AHcQgs8hf8xScmKxLA7YKTQ6K1k9vGGKWADfhvmGhp84A1dJeUyNq_beYCGACIalnJOS0H4jfiv_8vyXh9_JlA_6K9ZneB8X8XwsFCYxnkQ60y6EJL1xlkb__anumO2Y12VS6tlycjVn1--HwyHB9cbYQBYCoZnwJuFOKyS8RRsnsXMLAw9-EUdLSAPDYFYPyw16jpTM710zyEfby7KnprdRBd3TcuEY8arWKzcugD5rDV7sFadCXkGFY8yzCb0jU97g%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:37 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
generic
match.adsrvr.org/track/cmf/ Frame 6B02
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Date
Tue, 23 Jan 2024 03:38:36 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
rum
dsum-sec.casalemedia.com/ Frame 6B02
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Za80vAAQiRnX7ABd
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Za80vAAQiRnX7ABd&_test=Za80vAAQiRnX7ABd
43 B
738 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Za80vAAQiRnX7ABd&_test=Za80vAAQiRnX7ABd
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmq%2Bq%2Bn%2Fax5VSuzqt%2FHLvliX4N2Lb5juF1FKdrKhCqHRU81SAuspBQonRDrcJaPQFuggfrIoaUF9HLhJQzAOdQCwhwJsarNnEAxZkg%2ByN%2FWpWeSf5vLWlSCnH1ltu8ZA8mXZS8uIQKfQww%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d01408a424d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-mxp6972-MXP
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
via
1.1 varnish
server
Varnish
x-timer
S1705981118.511678,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Za80vAAQiRnX7ABd&_test=Za80vAAQiRnX7ABd
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tp_out
d.adroll.com/cm/index/ Frame 6B02
42 B
180 B
Image
General
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:9109:5249:ec1e:4708 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
rum
dsum.casalemedia.com/ Frame 6B02
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=bd90b368-385c-40bf-b148-9adb8e6492c3&ssp=index&expires=30&user_group=5&bsw_param=75dfa792-243c-4814-8e47-a1f76ddeb89e
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=&gdpr_consent=&us_privacy=
43 B
725 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVjK4d2%2BEJq4i3406Z4eGqoOl3B%2B6rPKVhJoc%2Fu8EYryDiOEd6SXkx3gOfvzQjHKtXwTlRwCt7mFifl7V0zeYiv5%2Fanb6p4IkUfxRK46weAD0BLmtPjLAOPvSNKSdWHBmkoWMEBG"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d01426b474d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 23 Jan 2024 03:38:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Za80ux4LORIGoWQwyWak5QAACFIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6B02
43 B
601 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:a6fa:b563:be0e:7526 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
casale
match.adsrvr.org/track/cmf/ Frame 6B02
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
server
Kestrel
content-length
70
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 6B02
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&puid=
43 B
738 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&puid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VB0hsVWraWfewklNEshaG33VI5jMOvzaB6WZVYYdjG64di6q2Oq4Y%2BWRO%2BGn2afomRsBI7woE6V%2FkyYW1ddZEQ1kWv6nTBP4KgMT46rq0UxwPGr57%2F%2FEKy%2FMSCQoMI3HqhxnWavoBz6DnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d01411a844d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&puid=
Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
105
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 6B02
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=6e1ed3db-8814-47a4-af18-bd8cd70ecd54
43 B
732 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=6e1ed3db-8814-47a4-af18-bd8cd70ecd54
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5Rdkz3B1V42FYh1E5tCmZjJmjt734oAZjU4DSq6TIzq7yNYBTCXnpp7az5oliN8eJV1XzPbJVdBU%2BmYosDnvVLT7ouVn3ZXSjWC1m%2Bz4v9QEIm6jsHNsHCguo%2Bmi0VMIhlv9Vhv8Ym21A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d0140ca5f4d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=6e1ed3db-8814-47a4-af18-bd8cd70ecd54
date
Tue, 23 Jan 2024 03:38:37 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 6B02
43 B
152 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Za80ux4LORIGoWQwyWak5QAA%262130
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=182762&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
22
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
849d01408c3018ef-FRA
content-length
43
expires
Tue, 23 Jan 2024 07:38:37 GMT
13212738.js
s1.adform.net/Banners/Elements/Files/2135726/13212738/ Frame 31A6
3 KB
2 KB
Script
General
Full URL
https://s1.adform.net/Banners/Elements/Files/2135726/13212738/13212738.js?ADFassetID=13212738&bv=257
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c98d2570404e47d7bb871c5c001a7c898558b2f5d8276d697311eb06e37176b8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
content-encoding
gzip
last-modified
Tue, 18 Jul 2023 07:35:41 GMT
server
nginx
x-amz-request-id
tx00000c24a81c549f4a9b9-0065a0c9b7-3295f919-default
etag
W/"273f2dbd3e70cb6fa9816261bcf84311"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
collect
r.clarity.ms/
0
289 B
XHR
General
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://folkd.com
Date
Tue, 23 Jan 2024 03:38:39 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
/
track.adform.net/csimpr/ Frame 5646
35 B
626 B
Ping
General
Full URL
https://track.adform.net/csimpr/?bn=67903448&csi=hJPbSppwP7FBoAsLG_ckEBxKkUR7S28TWEIFAwzaYjYJDwKV3Zer3AZU1ud_ztNqkDz-wVmczeRiQulG2orHjCQf6BfgfukZEBQ5juPi97UDvP-67D9Y4w2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
prebid
id5-sync.com/api/config/
136 B
410 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
2aa25a19729df7b573f42c20a108d4ec213403df5ac193414f02f35887e7017c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/
63 B
417 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=2jqw284&fmt=json
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
60c4c179463b4ed2a5f1772cddb5fb10d469d44822e0e648dafcf19ab23e4b0e

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://folkd.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Thu, 22 Feb 2024 03:38:37 GMT
2000033.html
sync.serverbid.com/ss/ Frame 181E
5 KB
2 KB
Document
General
Full URL
https://sync.serverbid.com/ss/2000033.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:e00:1b:fdeb:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e6ee3a660e14eda56fc4ec4bc845220a52ce5cbb9c44c164e7e881a46b49bc9

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
6547
content-encoding
gzip
content-type
text/html
date
Tue, 23 Jan 2024 01:49:39 GMT
etag
W/"e3980f93156a3a26afc34d0acdc0bf4a"
last-modified
Fri, 19 Jan 2024 17:42:06 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
x-amz-cf-id
a7l1N4ae0HojjkA8-v4TVJZKZY3kyoGHAWHDzRPb9frT7fkpUtowgQ==
x-amz-cf-pop
FRA56-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
pbcas
ads.yieldmo.com/ Frame 167D
1 KB
1 KB
Document
General
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37df1457e06cbc382518473bf774d2bdec3b5099fb86154b7848f9153372a3bd

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Tue, 23 Jan 2024 03:38:37 GMT
pragma
no-cache
vary
accept-encoding
isyn
prebid.a-mo.net/ Frame 6B92
0
0
Document
General
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Tue, 23 Jan 2024 03:38:37 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
usync.html
eus.rubiconproject.com/ Frame 40A9
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Jan 2024 03:38:37 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A384
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=154859
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 23 Jan 2024 03:38:37 GMT
expires
Wed, 24 Jan 2024 22:39:36 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame A908
3 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
808
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
849d01409c3418ef-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 03:38:37 GMT
expires
Tue, 23 Jan 2024 07:38:37 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
sync.cootlogix.com/api/sync/iframe/ Frame 4CAA
960 B
2 KB
Document
General
Full URL
https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.241.159.82 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
75959325fb9d59d5d89397a5b59da2f31e1cc34941fc672955e7682c497aebfc

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, HEAD, OPTIONS, POST
access-control-allow-origin
*
content-length
960
content-type
text/html
date
Tue, 23 Jan 2024 03:38:37 GMT
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
pd
bloggernetwork-d.openx.net/w/1.0/ Frame 09D1
967 B
855 B
Document
General
Full URL
https://bloggernetwork-d.openx.net/w/1.0/pd
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
00002b0b6914252b281bc9e51ae7e1f7589cdc36b66adc531f9abc1e02cc26a4

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
543
content-type
text/html
date
Tue, 23 Jan 2024 03:38:37 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
checksync.php
contextual.media.net/ Frame 3543
23 KB
8 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUWWG7OK&prvid=77%2C59%2C2034%2C2033%2C3012%2C2075%2C2030%2C251%2C262%2C461%2C201%2C246%2C4%2C126%2C159%2C2026%2C203%2C10000%2C338%2C459%2C108%2C9%2C109%2C97&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: monu.delivery
URL: https://monu.delivery/sitesplit/d3/smartzones/0.4.3/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f630bbe4045a0ee7ea0085583c91297d553ba4827ad1782a992a5bb4cfbfa995
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
8356
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 03:38:37 GMT
expires
Thu, 25 Jan 2024 03:38:37 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
frg
folkd.com/
5 B
942 B
XHR
General
Full URL
https://folkd.com/frg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Express
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

X-Bubble-Fiber-ID
1705981117574x455296001501071000
X-Bubble-PL
1705981112188x305
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://folkd.com/
cache-control
no-cache
Referer
https://folkd.com/
X-Requested-With
XMLHttpRequest
x-coalias-route
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzA1OTgxMTEyfQ.xy60wtTT6YtbklZO7xi1ao-ADSzoGLFbV3dgixJQ0yM
X-Bubble-Breaking-Revision
5

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf
{"total":10.9,"percents":{"top":{"bubble_cpu":30.2,"block":63.8,"capacity_rl":0,"other_pause":0,"pre_fiber":5.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":47.9,"fiber_queue":17.5,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":7,"fiber_queue":8,"blocks":7},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":491891}}
strict-transport-security
max-age=63072000
x-bubble-appname
folkd0612
x-powered-by
Express
x-bubble-capacity-used
0.008 unit-seconds used
x-coalias-cache
MISS
server
Vercel
x-vercel-id
fra1::cp4sn-1705981117584-4f8d974acbe0
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNUZ8J674InTWKmAjR9RpMQrUah8YZfRvRH2A3RTeGsehVe%2FZdPRTCbLS5xBMWGup2kjwat5HDPaIvqNxl1DPQCuGZraVNiNxG%2Ff7%2Fl26x8OYZ34OWEaUiNjt67uoU3YWqNTb3mGTRxw%2FQBh4vrHg%2FT16dpfxr%2Fg9qOaGs%2BiT8WzbHOk4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
x-bubble-request-took
10
cache-control
no-cache
cf-ray
849d01410d20bb95-FRA
x-bubble-capacity-limit
0 ms slower
SPug
simage4.pubmatic.com/AdServer/ Frame CBB8
0
260 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
post_index_feed
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ Frame
0
0
Preflight
General
Full URL
https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=2&latestDate=1705981113256
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.186.193.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-data-source
Access-Control-Request-Method
GET
Origin
https://folkd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 03:38:37 GMT
expires
Sat, 25 Jan 2014 03:38:37 GMT
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains;
x-app
hit
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
post_index_feed
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/
38 KB
9 KB
XHR
General
Full URL
https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=2&latestDate=1705981113256
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.186.193.35.bc.googleusercontent.com
Software
/
Resource Hash
df62a85c145869ed317e169559c07aa331c92d799e3a000527a71bc1a28f99c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
X-Data-Source
live
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
Authorization
Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
x-query-cache
1
x-app
hit
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
deny
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
*
expires
Sat, 25 Jan 2014 03:38:37 GMT
449f5b35d42da36109fb9c0488f8191a.htm
min.tryiqos.ch/trck/ehtmlcontent/ Frame 0D13
6 KB
6 KB
Document
General
Full URL
https://min.tryiqos.ch/trck/ehtmlcontent/449f5b35d42da36109fb9c0488f8191a.htm?tp=onetag&subid=oneidK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaqoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0&contentonly=true&cachebuster=1705981116
Requested by
Host: min.tryiqos.ch
URL: https://min.tryiqos.ch/trck/ehtml/449f5b35d42da36109fb9c0488f8191a?tp=onetag&subid=oneidK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaqoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
147.135.143.112 Montpellier, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
1761aab2762f325b8a87c3b7c50d8abaaa7f90354c3ded696f0b66f25e7390af

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
content-length
5873
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 03:38:37 GMT
keep-alive
timeout=20
server
nginx
vary
Origin
x-iplb-instance
53982
x-iplb-request-id
95581B52:8652_93878F70:01BB_65AF34BD_850514:4213
x-min-lb
n1 n2
view
securepubads.g.doubleclick.net/pcs/ Frame 3C73
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssolUA45ddaWJtxZFxoIvbdV6Gpv1hYtkrbYSpzfBQym5gxWngOlzEIy6OeW9Fu10vtEZTK3lLxWkXEcoowsQt8-wbT1lRQpcPp94AywjJM4iKMRVr3yJHnR5M4MQHyma9cloT4xYEUsTqJJV06u4jTTdVqDhU7LYA-SsiEcdMSff0bB6-8BAIRhgc8qlqV75CBYE1hOIvz9F0TVjI2J-tAdNAyNGmiIPspLpXrJvkMrvKduQV8hnCBcJ3fcQJJldQNSri7vX_6iSm-3uV35-5tag52LLvl94qsHuEvJmedJgU6yVlRgZAoMtupqlQPP57a3XyA5YuLHuZ66mN9yBy4rUfKC0_hNga6hNV3RIMM-wQ0BR_eDPHyuQ&sai=AMfl-YSksxap2ScBdsbojDSr7ZHcdX1TaYZyuFXNX7GEg0TeXUMGd0mNiLd_KE6xgpSsXu-jhskstG4b3gZIGxpp0iHG6FN-mvrdmUoE4dtJvVn71PrWy8WE-tb2t0TOcAc&sig=Cg0ArKJSzKAETC3mQYwcEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 23 Jan 2024 03:38:37 GMT
usync.js
eus.rubiconproject.com/ Frame 40A9
40 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cd3bec578049163e4cd3e91e52d55040e999465b011fde978ca10b689317ac4c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 03:38:37 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Jan 2024 09:39:05 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=21580
Connection
keep-alive
Content-Length
10964
Expires
Tue, 23 Jan 2024 09:38:17 GMT
449f5b35d42da361c6190c55668dabcb.htm
mediaintelligence.de/trck/ehtmlcontent/ Frame 3D1C
6 KB
7 KB
Document
General
Full URL
https://mediaintelligence.de/trck/ehtmlcontent/449f5b35d42da361c6190c55668dabcb.htm?tp=onetag&subid=oneidRx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7oneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0&contentonly=true&cachebuster=1705981116
Requested by
Host: min.tryiqos.ch
URL: https://min.tryiqos.ch/trck/ehtml/449f5b35d42da361c6190c55668dabcb?tp=onetag&subid=oneidRx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7oneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.78.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ip116.ip-54-36-78.eu
Software
nginx /
Resource Hash
b9487c605b1e31ef688b8719c4bc940c5b29cbb78e21fad5428538f960074ba5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
content-length
6273
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 03:38:37 GMT
server
nginx
vary
Origin
x-min-lb
n1
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 31A6
Redirect Chain
  • https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js
  • https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
30 KB
14 KB
Script
General
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7a785e8b2ad30e6279397d656a61f70ad6341ee944c310df19593d8fabd79d9f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
content-encoding
gzip
last-modified
Tue, 21 Nov 2023 08:14:37 GMT
server
nginx
x-amz-request-id
tx00000df74e44f68a2232d-00655c671a-3295cc06-default
etag
W/"d66b8df08256b7e89279e9f83d1d7c5e"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800

Redirect headers

location
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F00
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BR1HEvDSvZfLzDaqE9u8Po4616AQAAAAAOAHgBAI&bg=!mJulm9TNAAa8BdJLnAU7ADQBe5WfOPuQIyB-Ukk31g8zj8lEITknbXaLCVDUv7i_uF1_X-VabZVoVtfsKoE_U_eoYk3-AgAAAMpSAAAAAmgBB5kDWMQOHA2ZQwUv75lEWfo-8XgpblYUiCkZ52hU7cIc27VYZS5cL866gLL0Og1nyrlJXLVrn1bmPwM8hSWoU_L4_uwfmC1rRRiAQV2c1ZKyrpCvhinEJwmPQ5CMW5RaBu63ZMknyXL7uac8ekguQg3dXQaPaM52qoz3E9JORq4Ke8TiMAk1E2HSlCjeyc0yIUsGgOfZsasHL130U-sNdIMfN16j_Wu865T9WEpPB2Irw4ofpakGc62zEHPetUzgJ7LHL0tnqE6ryVtCjvT_rYIobVY8OOHdN4LPRcjhZkhYQ7vxsge0LWNebZ81sugaxBY8EuAvB1j9_cvoVeeBNESmSNZEunWCMwEbWK_HQBatYI55uXbbCYsEOomtYc5GDr3J6xVLmxqD6IHQlhDa6jEwbTHMZphV1zKyPtvl3gFCs0FLDTAyMnyWcxtI8gwq0XnPpTPSTFn0lT-SjhRBvfYBCP8TUe4InhSd9gR3CCrlPzfPc-GvtOCFNOzwMR5pHOoXu897DKLALj864Wm-8snkCW3s84GNGCISIII7pjPxe5ghUQ0ehLF7QEZeZ0OAhpXc8DO4Iojga1aENPh7FkwV8IE3EX92pDUgdwf1Qz_XJtQ-NVFQYg0H3kiwJmPiZfOpova8kuiBCmXLWQSpTKVIxGuXT3ZgTGxakmbzPSQQVdej7yTQKAk3R6A2kST8ZSXvE9mf7CCsj-Vb02aeeUF2TToIuC_4j64RFjs0-1IUrF-C6DLBhD_HBeNA6MSFmJ_rz865ANB4ApUiejLTEzXGWjcmADR0mVX6hM7ouL4KPgthtsK6qEtASX3XLBx2CZFMw5JJghpM3whWuvCyXzwh5cMrmyKl3RnTr90uftBCLYeKE5r2czvvZCmYQjwYDcUCvMbIr_10hrElXXVfYaAddCAaHvKzuEWjgFUrZr10M4BxbwCZyM6sx9tUgXC5j8b4wYJ-r-KK87yLbH6sTiw6gYL-h8HkYnaWImGu4_YvegXFGdfjpioWvABhbcYuMiWj-ByS4_GpTAvDIg7fqRkxY_a_QxmGJz9O66hQ_pnudSGfdT9omlYd8pU039Q0OgRTfSJKHLYzlbNnwXsaqjmzXVPFjz_k7OTBdrfxK9_oGGYg3uA7pEDbsDk
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 167D
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&redir=true&gdpr=-1&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Lb6c4pBE2uV5c3Yp1j4IU744CLTx2FE-~A&gdpr=-1
0
128 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Lb6c4pBE2uV5c3Yp1j4IU744CLTx2FE-~A&gdpr=-1
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Lb6c4pBE2uV5c3Yp1j4IU744CLTx2FE-~A&gdpr=-1
date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.yieldmo.com/v000/ Frame 167D
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=
  • https://ads.yieldmo.com/v000/sync?userid=wdNRPUCkbr6Y&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
43 B
626 B
Image
General
Full URL
https://ads.yieldmo.com/v000/sync?userid=wdNRPUCkbr6Y&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://ads.yieldmo.com/v000/sync?userid=wdNRPUCkbr6Y&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-bqwhn
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 167D
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=VE3ZpppjjLp8ImazxDqb
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
ads.yieldmo.com/v000/ Frame 167D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEI2Y8hy9yiEaTwttRcfbX2U&google_cver=1
43 B
636 B
Image
General
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEI2Y8hy9yiEaTwttRcfbX2U&google_cver=1
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEI2Y8hy9yiEaTwttRcfbX2U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/ Frame 167D
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LRPT3VT0-1Y-G0V7
43 B
629 B
Image
General
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LRPT3VT0-1Y-G0V7
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
46.137.85.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-137-85-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LRPT3VT0-1Y-G0V7
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
bcdac959321a8cf7d38f9eb638bfa14f
Expires
0
register2.php
synchrobox.adswizz.com/ Frame 181E
589 B
1 KB
Script
General
Full URL
https://synchrobox.adswizz.com/register2.php
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.99.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-99-97.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
08c6ad8229e94df839eec40a580e3d7d6366e148abc0154f3905a1948437582d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET, HEAD, OPTIONS, POST, PUT
P3P
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Access-Control-Allow-Origin
*
content-type
text/javascript
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
Content-Length
589
SynchroClient2.js
cdn.adswizz.com/adswizz/js/ Frame 181E
9 KB
9 KB
Script
General
Full URL
https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-88.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 05:38:52 GMT
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Tue, 15 Sep 2020 06:28:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
79185
etag
"3a38a4c45e3aa46a58e390f0b0baebfd"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9187
x-amz-cf-id
lR7FGGKPCgHRpYqcIaOe7hXh9RFQsJooDGvsm_krvWzWF4zb0tlzxg==
13003660.js
s1.adform.net/Banners/Elements/Files/2135726/13003660/ Frame BA99
3 KB
2 KB
Script
General
Full URL
https://s1.adform.net/Banners/Elements/Files/2135726/13003660/13003660.js?ADFassetID=13003660&bv=257
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3d6dfc6f6fe9bcd20cdf22fae9ba75fa01e38598c57124f402f28867a5c93465

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
content-encoding
gzip
last-modified
Wed, 07 Jun 2023 14:17:29 GMT
server
nginx
x-amz-request-id
tx00000e256c99f56465f42-0065a84834-32959e94-default
etag
W/"1602e400fb2c42c9c1b49c1422d12dfc"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
sd
us-u.openx.net/w/1.0/ Frame 09D1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0&gdpr=0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=Za80vAAQiRnX7ABd
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Za80vAAQiRnX7ABd
Requested by
Host: bloggernetwork-d.openx.net
URL: https://bloggernetwork-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bloggernetwork-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-mxp6972-MXP
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
via
1.1 varnish
server
Varnish
x-timer
S1705981118.657761,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Za80vAAQiRnX7ABd
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
openx
tr.blismedia.com/v1/api/sync/ Frame 09D1
0
174 B
Image
General
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: bloggernetwork-d.openx.net
URL: https://bloggernetwork-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bloggernetwork-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sd
us-u.openx.net/w/1.0/ Frame 09D1
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBQ3gwN0xYbWtBQUJNaDFoWDNDdw&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAACx07LXmkAABMh1hX3Cw&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAACx07LXmkAABMh1hX3Cw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cox&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=4714513488865049119
  • https://bh.contextweb.com/bh/rtset?ev=AAACx07LXmkAABMh1hX3Cw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D4714513488865049119%26bee_sync_partners%3Dox%26bee_sync...
  • https://match.prod.bidr.io/cookie-sync?userid=4714513488865049119&bee_sync_partners=ox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAACx07LXmkAABMh1hX3Cw&pid=558502&d...
  • https://us-u.openx.net/w/1.0/sd?val=AAACx07LXmkAABMh1hX3Cw&id=537125688
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?val=AAACx07LXmkAABMh1hX3Cw&id=537125688
Requested by
Host: bloggernetwork-d.openx.net
URL: https://bloggernetwork-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bloggernetwork-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:38 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?val=AAACx07LXmkAABMh1hX3Cw&id=537125688
Date
Tue, 23 Jan 2024 03:38:38 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame 09D1
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=d574d2dd91918f5&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAI4nk_AITLTAMR-msDAAAAAAA&expiration=1706067517&nuid={OX_USER_ID}&is_secure=true
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAI4nk_AITLTAMR-msDAAAAAAA&expiration=1706067517&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: bloggernetwork-d.openx.net
URL: https://bloggernetwork-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bloggernetwork-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAI4nk_AITLTAMR-msDAAAAAAA&expiration=1706067517&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame 09D1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=268&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=tAfc8mllVrldEoksSbg9lJVYG1I
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537082476&val=tAfc8mllVrldEoksSbg9lJVYG1I
Requested by
Host: bloggernetwork-d.openx.net
URL: https://bloggernetwork-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bloggernetwork-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537082476&val=tAfc8mllVrldEoksSbg9lJVYG1I
Date
Tue, 23 Jan 2024 03:38:37 GMT
Connection
keep-alive
Content-Length
103
Content-Type
text/html; charset=utf-8
dds
rtb.openx.net/sync/ Frame 09D1
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=qCIceDEiy0YpftnpLUTgog==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: bloggernetwork-d.openx.net
URL: https://bloggernetwork-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bloggernetwork-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e3b3f000-0808-e021-fedd-83ab010a1751
pr-bh.ybp.yahoo.com/sync/openx/ Frame 09D1
43 B
601 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/e3b3f000-0808-e021-fedd-83ab010a1751?gdpr=0
Requested by
Host: bloggernetwork-d.openx.net
URL: https://bloggernetwork-d.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:a6fa:b563:be0e:7526 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bloggernetwork-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sd
us-u.openx.net/w/1.0/ Frame 09D1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CO...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: bloggernetwork-d.openx.net
URL: https://bloggernetwork-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bloggernetwork-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=0&gdpr_consent=&us_privacy=
Date
Tue, 23 Jan 2024 03:38:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame 09D1
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&pi=openx&gdpr=0
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073053&val=ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&pi=openx&gdpr=0
Requested by
Host: bloggernetwork-d.openx.net
URL: https://bloggernetwork-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bloggernetwork-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073053&val=ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&pi=openx&gdpr=0
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT, Tue, 23 Jan 2024 03:38:37 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 09D1
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=UOCr3VXhqIJL7P7aBePn2QCw_oNL7PONUO2v73Ts
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=UOCr3VXhqIJL7P7aBePn2QCw_oNL7PONUO2v73Ts
Requested by
Host: bloggernetwork-d.openx.net
URL: https://bloggernetwork-d.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://bloggernetwork-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=UOCr3VXhqIJL7P7aBePn2QCw_oNL7PONUO2v73Ts
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame A384
2 KB
3 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=23117315&p=156972&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
d2334800abed0581eb624918383a4672c5eb1632139f8f284bd29f9c4ac7db61

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 03:38:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatch
ssum-sec.casalemedia.com/ Frame AF11
2 KB
1 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ffolkd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
774f80a819fb44e6249888e072297e8f5841dd323985f9bd3eaab44523d07799

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
849d01417ac34d22-FRA
content-encoding
br
content-type
text/html
date
Tue, 23 Jan 2024 03:38:37 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSvzsD995%2FCEDSM%2B64dfBxB3UQIVzSv5Ka31MPYMbyN%2BvvdV9lHd2TaSaCrdtY%2B1t0kZFS2%2F0ycRDFCtTC1seOg9QVyOSvqPMB2C0DB5IBg32TJGYEWhBmykZaA6mJ2aBt8UzDutWecLaw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
61781337.png
s1.adform.net/Banners/61781337/ Frame 8CA3
72 KB
72 KB
Image
General
Full URL
https://s1.adform.net/Banners/61781337/61781337.png?bv=2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
fa1e7d9dce7700cb108f1075a3454dd6f99a72e59a5a4c659ed9c245624f4fb7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
last-modified
Tue, 26 Dec 2023 09:27:27 GMT
server
nginx
x-amz-request-id
tx000003ca1919b34376af0-00658a9e49-3295cc06-default
etag
"8d78d679725bcffd7c593e5c7f99da8c"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
73834
/
track.adform.net/csimpr/ Frame 8CA3
35 B
626 B
Ping
General
Full URL
https://track.adform.net/csimpr/?bn=67903448&csi=0UOaPE5WOtZ68KI3lXZEQlu_EJH6RUzeyDPhSo9uDc4JDwKV3Zer3AZU1ud_ztNqOJGBhUgQOJ0SVtV6dNlDzSQf6BfgfukZEBQ5juPi97UDvP-67D9Y4w2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
925 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753778
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btzSFR5DkGOuZhKB3rMJYLZdtvlcEcrUpKQ0zDEO30vu3Kcvuxur9stS%2BSCWiwV0NQop2EATyJHqGE64LOAPNSEXLYtkhClWWrTwvRxLU28%2BM6kb%2FKG2oDEe3rIMZdlXXmnlgD4xRweYEORESus%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d0141bd5f5d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
922 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753778
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRWbl4MUJ30OL%2Ffo7yFQJh5oZjo6jABXtaTrIcqsqL1H5ITBk14UOpHsserfL1nC5fqJzLmwOFnwODIufiNw3WaP0nMpQH2DiZht1qOUI%2B%2BpOBrsddyzHiQ9SLv81iqDf7k5ZY9KtDu5a245MU8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d0141bd605d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
923 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753778
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oq1UwfBOZ8eprut8rQxVxI3n1TYysjDIyKQfvpIv3XvdAlQcQ3zMij2VK5SzL2OYyS0uFVK99CZRyAzlCDgvcR6sYYglFqbyMtdydQjXagxmXS5t75qAXdWs1IkYRjk3x%2Fo9AAH3I%2BY5a0RZ7v0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d0141cd625d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
926 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753778
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZAHDT1sn5J6koxVYDGTd1lzXzmqEXJ2%2B%2BJ370J6iXah11YoXNxt02sErIVrvPPcj80QKhwVpi8VhyQMQP5jPxQy6op0bww1RyHYkEJd78zAjpGyc5mydGn%2Bnm4wXbH9%2BCSZHT6Yp%2FNw2q7d8b0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d0141dd8a5d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
927 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753778
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FIKhKoQ%2BtGZ1i7A8lewK%2FUrFqGfU0EBIDxdVL1S38BNSBiVyA6HwRnD2sgkj4paMhy0zJwSyBmUhc3FArm38aRed936%2F2%2BDDIO8UbFa8feaKFogln4r8njgJc%2Bc1K7w2h4Ro1RdSlK%2BsegDxTg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d0141dd8b5d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
923 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753778
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LWA0opnznvA%2FLV2yOKkAZcKikd2kT%2FsgZVKVe8rutbo7WLp4pfSv36WD7wT7UtyaIzISaa4GNXGkVH9zcbOPg4RAHi85vQhdFEv1WFjiRoACRJVwS7JRv%2B0jIkiYfDLi0QVXgO8dFezz3oYceE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d0141dd8d5d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
924 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753778
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tE6u78Kx1JG7%2FPPfWu23mQTNttLM663naZElCzTJrsZRiQBKy4YB2vrx81TgA49zrm7YaSEF%2FHCB1dZgexRjJFx8R01iPstVbPgbLEVOmBaI1vfN%2FLvQRkZ9PUwxQYNoxFIVA33oT4kqZcbPynY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d0141dd8e5d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
920 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753778
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YtsZ2b%2FOalykFT9778hRi6TBJBbbVz3ySwxbbtuiNv18BiMpz7zqMvK8nEdAVfWqJxxd7Jjyl6Ocv4eHW2DG5bHSsJFaHiP70CA1n5KW4WOR6qRIKK4J4cAn1iz2qB746jBRUSYiOtjXFor1iUw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d0141ed915d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
926 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753778
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1z2GZ5r55bV2i%2B05QreLrx81YxgxsZAjMP7R7nEG%2B3gk%2BmDJ%2F8Pq56YkEam7QoeoduArdpzLb2EukUTbdTxw%2FGfKReXrFLZIb6XIebDTlvDDPVMzp3BJVDYAis1lHZvMKasR81QhnQrdJVDk18%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d0141ed925d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
923 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753778
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTxAwxVVy3nrimEHCO9S%2B6Etrl88fCLONo69Kn5rU3Q5AJd5v8N%2B%2BtR1yaPlittfU2ANQDGuu18bmvLr3rcQGNRlb7ChVoBpiWBRfFSA582phVwTjHeF42zA%2FIIh9XpnEPE17KA06egMTOHy0Ts%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d0141ed955d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
929 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753778
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQglw2xMzxRFHJzDkQdDj3JRkZVcdAp94ai%2FSWwuNbIRQaeRVGX2ywR7IXJ%2BsOmreeEu%2FvBDCtp%2B%2BJXsYR2677ngCYmiMiDeLKDDvjbzy%2ByAYmUmBi9CGZVZJ93DVwuFdelWZgofMR0fcwGWQc0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d0141ed965d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
925 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753778
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWO0WDmqW79UbPVYSUynfwID1ZvN1BNWz4wiKYl0OiAu4FiEMbaG9LLOM6%2BLZINJrDB7bAveZKX4SwzAfMvTLzvqyONOBYvsiyF2vRaB%2Bcq6Q6P32QaEtP81Wttz9b5%2BxxT8B0doJfjLomHHqJY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d0141ed985d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
920 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753778
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8dReG20RPzmjA3gBNArUTExVfrPtfQteLCOe8U49SEVYc9ZqAS0cvEdDkgs40DvKULSaj2lczjb0zoolahYS98HwLYMxUTPy3lTDCxVQjU8r47X9r8qOMPrLK1ErwpkGT9IuaPr8NGC%2F23sH2k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d0141ed995d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
925 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753778
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3OlgEPNrd3Q3HNRP%2BpgHBXvamUda%2FzqR5NdacaUUahfk2NLczKNNxxJZAzFM1q%2FvUeXHWBOs3L240cON39jSB7z2baLn7t%2BvNhxd6gyhfaMlWhCgwXFPKphHIck8zdly2pXyTUTifmTtvO3UWfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d0141ed9a5d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
925 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753778
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGgIB2yqI9ENrrRYeOkSgDniZpWAJOa4GpN9chPn%2BA3gCy%2F79galiL7S82GfYiUyM1SZ8g56%2BmfPIbjHxT26zM6uRDd198Ejk2UwrcNyT4UH7pBGm1hLcLeRZPwO8GoEEeFuGz%2BiCkT2yeK5DYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d0141ed9c5d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
928 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753778
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ts%2FxEQKBWiA%2BO3tF261uCDqqRBz%2FiP%2FeGm%2Fu62R7oMUjTcz37EwSnfxzDJNiQEY%2FXf3ocgjs1XvF4Q3ZxG2nhvFZwvdSDJiaoK%2FB7St749ba38W2WwkVVMi5aOFASqoWbde32fWdPxn7QbRWy8E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d0141ed9e5d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
928 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753778
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3791r%2FWT691LlWTUixFswjHGDItW3qplo2vbsQGYui2%2BEd6zaK3SiLplmwMzuMV%2FWrotBN%2FONI2vb4Qyd3m3u6f5QcXMjFuvMwMnSn3vXXC7cHU3YFSX23fqjR%2Bf0%2F0tuEoFrI5OWeDeCF2%2Fb4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d0141ed9f5d49-FRA
tag.svg
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/
404 B
929 B
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg
Requested by
Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4753778
x-jsd-version
2.0.18
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230113-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVymrHIy1ASeURoAzr141fDxweG7R%2BXefH%2F6F6cW0psYsnIRotanF104cxPukn7R%2FUBVnIGWAII8yJeb%2FuRWw6AHkr5uF6C9Y69xAIlSG%2BdDKUwsEAYWxqbOkpZjLoeybQqlBKavIe%2BJjw8YL%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
849d0141eda05d49-FRA
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BD07
16 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=154859
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 23 Jan 2024 03:38:37 GMT
expires
Wed, 24 Jan 2024 22:39:36 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 698B
2 KB
864 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=6c68086c0c61793&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
rid
match.adsrvr.org/track/ Frame 181E
63 B
424 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
60c4c179463b4ed2a5f1772cddb5fb10d469d44822e0e648dafcf19ab23e4b0e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Thu, 22 Feb 2024 03:38:37 GMT
usersync
x.serverbid.com/ Frame 181E
Redirect Chain
  • https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5974%26spui%3D%26dpui%3D%5BUID%5D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5974&spui=&dpui=ed94d654-0e7c-4c62-aeed-999d2e7d20d0
35 B
99 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5974&spui=&dpui=ed94d654-0e7c-4c62-aeed-999d2e7d20d0
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:38 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5974&spui=&dpui=ed94d654-0e7c-4c62-aeed-999d2e7d20d0
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
pixel
ap.lijit.com/ Frame 181E
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 23 Jan 2024 03:38:37 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
usersync
x.serverbid.com/ Frame 181E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562763&ev=1&rurl=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5548%26spui%3D%26dpui%3D%25%25VGUID%25%25
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=wdNRPUCkbr6Y&ev=1&pid=562763
35 B
99 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=wdNRPUCkbr6Y&ev=1&pid=562763
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5548&spui=&dpui=wdNRPUCkbr6Y&ev=1&pid=562763
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6658dc8946-bqwhn
expires
-1
usersync
x.serverbid.com/ Frame 181E
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%...
  • https://x.serverbid.com/usersync?gpp=&gpp_sid=&ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Za80ux4LORIGoWQwyWak5QAA%262130
35 B
99 B
Image
General
Full URL
https://x.serverbid.com/usersync?gpp=&gpp_sid=&ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Za80ux4LORIGoWQwyWak5QAA%262130
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcRvH7SkDIqDtCzkj0MXPhKv%2FcgwrirOg9mMpQi7glUfWXIRrxlKN8SIffGLy3fVVeHl4TBCVbQkbGByjJpKqaVUK%2FZSCVcePGwOpsS1Ev5Vg0Rh69841RkYVdyVmCS2U6oC9EtGnjsZ8g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://x.serverbid.com/usersync?gpp=&gpp_sid=&ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=Za80ux4LORIGoWQwyWak5QAA%262130
cache-control
no-cache
cf-ray
849d0141fb084d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
usersync
x.serverbid.com/ Frame 181E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=2380373011570053850
35 B
150 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=2380373011570053850
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
an-x-request-uuid
3fca62fe-d3f4-4995-a690-75bac686f61e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=2380373011570053850
x-proxy-origin
149.88.27.82; 149.88.27.82; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
x.serverbid.com/ Frame 181E
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6294%26spui%3D%26dpui%3D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=
35 B
99 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6294&spui=&dpui=
date
Tue, 23 Jan 2024 03:38:36 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
usersync
x.serverbid.com/ Frame 181E
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=4308fdf6-0a57-4885-b68b-9ed3b6b771a1
35 B
99 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=4308fdf6-0a57-4885-b68b-9ed3b6b771a1
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:38 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-124
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5444&spui=&dpui=4308fdf6-0a57-4885-b68b-9ed3b6b771a1
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
usersync
x.serverbid.com/ Frame 181E
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D6985%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6985&spui=&dpui=VE3ZpppjjLp8ImazxDqb&gdpr=&gdpr_consent=&us_privacy=
35 B
99 B
Image
General
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6985&spui=&dpui=VE3ZpppjjLp8ImazxDqb&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=6985&spui=&dpui=VE3ZpppjjLp8ImazxDqb&gdpr=&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
/
track.adform.net/Serving/Event/ Frame DE85
35 B
626 B
Ping
General
Full URL
https://track.adform.net/Serving/Event/?bn=67903450&event=178&time=2&baid=59331493&name=Viewable%20impressions&imprid=7908554443344637209&icid=7283273328877549246&eData=fyXQi5YakQALXngWetg6K6lE__Wz8u8NYaJU2uM20NkvCYERCDUsvzBg_1qh8MVrNrHQcW6aRJWBnOjx1ZxuKG4xpdxfSbTv0&rtbdata=W6kvuXQNu86EBnfD9JcxEfjYF229bpUjHubuMhubs0C3xMsNeaE_7YsMS1QbwXumzXPyNOGIAmqYdJkohl9Dl2Z8D7pzFqnXZP4orUHzt_MntkI1FSYiFF__U9FnlqaRKWcHZh-DE2Jp7Vto4vKAkzW0_-F-7GIsR5xeG1R90QYbDD0kU7EUclL9E4BYs1QFXShoco9Eve955yZIP-8ZplXI6hKUTkBTvo2uv1JH9j_sNBY9OFe3B2D0WqQsz4K7k0-z-cOV_gJ4J2NRz8UbEmT0lQkXAT8x0&rtbwp=Za80uQAAAADnlrKcPX5u7ETUO0QXaT2BHJK4lw&rnd=459501480
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame DE85
35 B
626 B
Ping
General
Full URL
https://track.adform.net/serving/unload/?version=15&unload=7283273328877549246@@67903450,7908554443344637209,100|1079|0|0|0|0|0|0|0||101|1|||||1|0|0|91KNwdprm2OoMC9hkrxj6fAIvDFw60doWEk-ZQdVsWbRO4FquEGOJuO94vyO_CUDhHdG2ihdh6to4kOyoBiwbg2|||11||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
a.gsitrix.com/view/ Frame 0D13
58 KB
59 KB
Script
General
Full URL
https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=418192&ca=25&p=&av=2&pu=50003&as=0&uv=&id=
Requested by
Host: min.tryiqos.ch
URL: https://min.tryiqos.ch/trck/ehtmlcontent/449f5b35d42da36109fb9c0488f8191a.htm?tp=onetag&subid=oneidK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaqoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0&contentonly=true&cachebuster=1705981116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
/
Resource Hash
12bc579e58c584fa5863ca90534c96acf7a1f63e7ae6862177d9621e8d5937ab

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://min.tryiqos.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
access-control-allow-methods
*
p3p
CP="NOI DEVa TAIa OUR BUS UNI"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Sat, 13 Jun 1992 00:00:00 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 0D13
9 KB
4 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=23723680&cmp=25&sid=50003&plc=418192&adsrv=0&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.src
Requested by
Host: min.tryiqos.ch
URL: https://min.tryiqos.ch/trck/ehtmlcontent/449f5b35d42da36109fb9c0488f8191a.htm?tp=onetag&subid=oneidK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaqoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0&contentonly=true&cachebuster=1705981116
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff18 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software
UploadServer /
Resource Hash
286fe9b776af1c387c1ba6b0b934dc34717badca35e5516470f9e8710f12b319

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://min.tryiqos.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 03:38:37 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Jan 2024 15:27:53 GMT
Server
UploadServer
ETag
"e8dbbd3a60eb602c62061f74885751fd"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3640
Expires
Tue, 23 Jan 2024 03:53:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FCC8
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BHoDLvDSvZaeiE4Sv7_UPz-WzgA4AAAAAOAHgBAI&bg=!Tk2lTQLNAAa8BdJLnAU7ADQBe5WfOFT5PrT0k59jIdEfv1wFAqjgfCSdxG0R-Z68M3MqKDYz9VGCzCtRwjilihbOT894AgAAAydSAAAAAmgBB5kDVW12XLxWlJYSs2e9ui9rFTO0UA13JaKTXjWys5ZPDuCUQkJkr7Ks3YWfjs38rzFtkf710yCk_OyqR_WydY9zhjBFy_PDHFerWFq3DSGGcoGMM0xrZ3o89mM5diZGS2yu_IRnrOb1ka3w4K-WnIYWCW73vSA1XHi5wVsY07L2VXNJLurPAMEOJK_8h3y_ijYiofl0pD33SAIjvbXONAT6UKvnW9XaddOvM-PTN8AIKGfFcpL_m6W9b-JnC4pU0oWfa-78gPme5-3-FTlN5gigDGwUWIabm2CjUNk9ej0VbDqEe1u4R3FQiRp22MqFX2_ek32-xH84USGEeXifDgNwW_NGX5RY4uYtNcPzb9WX3LgM78A25KdY-cY4byiCTkI5CcVVLSBVOd7223YNq1rM-0OcDilc1shfK3gzJSrEucoVBMZShgcF-0xrUTBefwLwuv4-D2Yr8P8cMZ1BphNnv5Rib07OqdEyyi5hAOuo_OSZiBSnKWzxEeHpaU9FZYJorHEM5kEXZsPV3SK23J6qTre4ltRA9sjPc5GEpjnkSgtHxGjoa_Q-3WHe2jINC-jTW8T_L4wc-43mxNP77-KrDyFo1cUhegQLtKliQnpyJMXo8CQoz5PJScYHIHBOxnU6D3_EebjWqdgExhsoPkZbbI4wzcT5Kx53hoAuQ1LRQKCnz31i37A_ouyZbvXaNodizaJidHKa7eMICkYpJs_qQ2ez5AzEvv5xF8RPSNJ1zAEhRgr2WU6Mtw68M7unF8q96OrKPonNFDpG1-Xt-88FOSJoBfmarKQdIEDv_PjcJkvXkgIb_hJRGtqtCJ4DPPhxWZA6xG8TqSVx18ZpZH5YrOmL-578wFo5-uXBsB4ZlmQJY6Mxfp69QZa4yjc1ULQe41Fb95IXnD43ta6QvixSo6NYZGTNfzgfO8MDW2JfKn721QtxskZ1rK1vLaIF1abYkDIMJr0R4m4GeM8yRxcb6S_OcmtTxgUFyEFqKid9JSJ-K3jJxFl-MJ7SMQ21ngyow9VXZsRr48MuRcYO0WmcDgP9U_C6ZaKDLaSMLqeo5Fivsb1WstVpjby7LsGthSQ7XlnaLfZlbCzCnpYspwfNY3nGaFz2i1RPI5-X0uGP2A0BTA8sp28
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BDB0
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlO0a9v8ClgRWsTlwqFIB9YRPUMgbVDUcipQQOoZWi961N7NsiwBMjuySQcwMZtW984KFRzXn5VbCk8ssvgaqbTpAn55FxyV6CGmFu6nGlB2q531QVwscjoH8azShpuamJWG9uGJ3tUcpINlyMi0TRIxApDXurC_J8TWtJUBV251eorHH61CRym1N7it-DyXyn8gag97n_GFZWUdKN-DTENSw_Gph9Ji1kosbYaFS-dRVWdsU5I6CgdskcjJ7qXkhzqXAsYt21ffdnGyfH8H0ML_6STs-u03iXKVmP5OgVK8SnJrnATROEWmpkO6GU0JRjjM4EuDkrMYeQnRaHcYoJdCYyw7LL4p8Zb18ngpx_ZqGQpbCC-HQSdw&sai=AMfl-YSAEgIWlF3CpaQ53pUb7h9tsfnMKJWzd5rn4GEtcmhbgp-0-I8-7Z7za8cAnZFKMew9Yee4u7LvxSQp9mVz7doWRT0dBe8El8ygtjjqIESm4aKBPiOPn5VVeFQ0EHA&sig=Cg0ArKJSzNrZVV8ZxOrkEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 23 Jan 2024 03:38:37 GMT
v1
lb.eu-1-id5-sync.com/lb/
33 B
268 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
f73bcc33a51b42fc44cf95764174e3302e3a940ec3eb1429b733c9ef5d36b87a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
live_intent_sync
x.dlx.addthis.com/e/ Frame AF11
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=Za80ux4LORIGoWQwyWak5QAA%262130&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=2ba2ab41-70c6-45d7-8951-9ef87add91a7
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=2ba2ab41-70c6-45d7-8951-9ef87add91a7&rd=Y
43 B
595 B
Image
General
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=2ba2ab41-70c6-45d7-8951-9ef87add91a7&rd=Y
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ffolkd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-169-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Tue, 23 Jan 2024 03:38:38 GMT
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:38 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=2ba2ab41-70c6-45d7-8951-9ef87add91a7&rd=Y
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:38 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Tue, 23 Jan 2024 03:38:38 GMT
Za80ux4LORIGoWQwyWak5QAACFIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame AF11
43 B
601 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ffolkd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:a6fa:b563:be0e:7526 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Za80ux4LORIGoWQwyWak5QAACFIAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame AF11
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB
43 B
601 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ffolkd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3605:a6fa:b563:be0e:7526 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Za80ux4LORIGoWQwyWak5QAACFIAAAIB
date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dcm
s.amazon-adsystem.com/ Frame AF11
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ffolkd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PD1ZHNGP8W8B3CXMNG7W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum.casalemedia.com/ Frame AF11
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=ee08e069-df66-4c1b-b47f-9a3a60ad4043&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=&gdpr_consent=&us_privacy=
43 B
726 B
Image
General
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ffolkd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9Plt%2FLmIai8mP9uIqHTdAT1MDVQJNK9IrHG9AJNToTtdOZPEePWKIqKApDEX32bGgPx5TR7LTgjbmFtlqIT4r4MJN98YT7IvoyqaEt%2B4KvDaAt3jkDbqX6wlQ%2BJ%2BC6WkVQbsWmf"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
849d0143bbe94d22-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=&gdpr_consent=&us_privacy=
Date
Tue, 23 Jan 2024 03:38:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
casale
match.adsrvr.org/track/cmf/ Frame AF11
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ffolkd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
server
Kestrel
content-length
70
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame AF11
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=Za80ux4LORIGoWQwyWak5QAACFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ffolkd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:37 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1705981117701021-578
tp_out
d.adroll.com/cm/index/ Frame AF11
42 B
180 B
Image
General
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ffolkd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:9109:5249:ec1e:4708 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
htw-pixel.gif
cdn.indexww.com/ht/ Frame AF11
43 B
148 B
Image
General
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Za80ux4LORIGoWQwyWak5QAA%262130
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ffolkd.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
62358
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
849d01429d0318ef-FRA
content-length
43
expires
Wed, 24 Jan 2024 03:38:37 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 3D1C
2 KB
1 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=23723680&cmp=25-as-pub&plc=414281&sid=50003&dvregion=0&unit=300x250
Requested by
Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/449f5b35d42da361c6190c55668dabcb.htm?tp=onetag&subid=oneidRx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7oneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0&contentonly=true&cachebuster=1705981116
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff18 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software
UploadServer /
Resource Hash
e55c01e3ca797dbf8af251c9d68755f6039f7792afe6866e46269e4036697d3d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mediaintelligence.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 03:38:37 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17 Dec 2023 15:12:34 GMT
Server
UploadServer
ETag
"a8006a511aee2e57196f5e8bee81dde8"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
932
Expires
Wed, 24 Jan 2024 03:38:37 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 3D1C
9 KB
4 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=23723680&cmp=25&sid=50003&plc=414281&adsrv=0&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.src
Requested by
Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/449f5b35d42da361c6190c55668dabcb.htm?tp=onetag&subid=oneidRx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7oneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0&contentonly=true&cachebuster=1705981116
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff18 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software
UploadServer /
Resource Hash
286fe9b776af1c387c1ba6b0b934dc34717badca35e5516470f9e8710f12b319

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mediaintelligence.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 03:38:37 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Jan 2024 15:27:53 GMT
Server
UploadServer
ETag
"e8dbbd3a60eb602c62061f74885751fd"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3640
Expires
Tue, 23 Jan 2024 03:53:37 GMT
/
a.gsitrix.com/view/ Frame 3D1C
58 KB
58 KB
Script
General
Full URL
https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=414281&ca=25&p=&av=2&pu=50003&as=0&uv=&id=
Requested by
Host: mediaintelligence.de
URL: https://mediaintelligence.de/trck/ehtmlcontent/449f5b35d42da361c6190c55668dabcb.htm?tp=onetag&subid=oneidRx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7oneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0&contentonly=true&cachebuster=1705981116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
/
Resource Hash
e87d989cd9e9d666b235b23b2702294432c4f858ff0589f90c65d6b891e8a855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mediaintelligence.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
access-control-allow-methods
*
p3p
CP="NOI DEVa TAIa OUR BUS UNI"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Sat, 13 Jun 1992 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4F93
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfdbEJGF2QThK7XovkyroC79HIeUQbK8pedcgbTL8poOMAIbQsqY2OkpHJ0ARpEs9-M9FRF7iRmi-1RSovot0SZ4C0-gvaoGTNteyXFy7pVnK_mOZHv5dB4qMeDON8LWi1J-LMqK-XThsXeMrhGforrRsF4aMRtgw27cXSe3GMotZ_9qwYUFOrqDRYHj018t72j1i3MwB6gvi96I35WsfFzdVk_SrwyTRFjtoQ-c_UDQgsTlQ5eRilj06Hs8lCkLT6PnvN8GMx7gairXEB2ZyOgo4V_ND0V8Kt-SveP7YILAfrpTGs2_bj1nY0-ashVB8wkA33D6B2w_H1TmuV-H6L96VKmjwe7CJJaTs3A6CfTI1lZMdPNArKVQ&sai=AMfl-YSC8DIRaWVn5CFe9pOIwqdyPZCIjMNcxhWPfim1DdJAjbY6Gm86E9IxnuVFjC6EFkVZHMiW5DNRMVcBndIAJHyUSjDSOfe9sWJ7j8SKHRpuYeeXqMXcmrCf4Kf794o&sig=Cg0ArKJSzMgN9ktZ7XUKEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 23 Jan 2024 03:38:37 GMT
index.html
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/UIC_Berkant_Okt_Update/UIC_Berkant_300x250_DE/ Frame DF42
3 KB
1 KB
Document
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/UIC_Berkant_Okt_Update/UIC_Berkant_300x250_DE/index.html?clicktag=https%3A%2F%2Fmin.tryiqos.ch%2Ftrck%2Feclick%2F449f5b35d42da36109fb9c0488f8191a%3Fsubid%3DoneidK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaqoneid__dbm_Awin_Reach02
Requested by
Host: min.tryiqos.ch
URL: https://min.tryiqos.ch/trck/ehtmlcontent/449f5b35d42da36109fb9c0488f8191a.htm?tp=onetag&subid=oneidK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaqoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0&contentonly=true&cachebuster=1705981116
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
f2ae169bf1922df4d3549ce410627b89562c3dac72cdc3a7dec4a12689ce19d7

Request headers

Referer
https://min.tryiqos.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-headers
Range
access-control-allow-origin
*
access-control-expose-headers
Content-Length
access-control-max-age
3600
content-encoding
br
content-length
1133
content-type
text/html
date
Tue, 23 Jan 2024 03:25:40 GMT
etag
W/"6523a66b-b91"
last-modified
Mon, 09 Oct 2023 07:06:19 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
x-cdn-pop-ip
137.74.120.0/27
x-grace
full
x-request-id
786960681
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A4D
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BWCdNvDSvZdjGFuGM7_UPj4y42AMAAAAAOAHgBAI&bg=!2dql2pXNAAa8BdJLnAU7ADQBe5WfOBGOB0LWEXj_F_QgIFEtv2J-AkJEPCeY9dxNYJQFKm2h-ehOyTylxOoWv40m9STVAgAAAy5SAAAAAmgBB5kDVLtNGBzb2GzPXPZWswLh0O6Dh9FCHmS_z1qLL8bN0C2-gT65GAXc-P7lwVwitBguTYWIGTpe8r6PBTXGXzb_zpw3CZ_Dg_SdRn5h5Pb_woGV-_ZBcsNa2ySBLrUr7Gjv8cs2QCrO34xQAjbPeMxdS0h09pl2FKw1AkudwJY7R5sm2sM8wRou49Mjyz-SdX0Pt7CHP7NX_LcStWz351YHr4DHGlPGTDd8EineSk814QWC0jA7KOnYscMFSiud9jRSZXnOuDWWrVd1Qg2nsl06U-YIxeU304C9Rc_DIsGhJ6qzp9wSerwtMow6jEwt-hDJRrJdkmV7q12KX3jMAIXTBhYiwNNCYACxHTcSJZXkbnekF6l3UfLee6bIW5StHaKUCK5R3nqkFrlzaJuOyFYtNvNALucZ-BGp7BRJjG5xBVPl-hOJhHuXj7KuCvxJkLIJIgp3fWUeY4bq_BHfX-1YeCSQXJ4wBZmALdz8ieQ32byhiaFDtLxhcqbZVHv_INb8b1x6qdjswNm0SAZpRuDsbY8IA3XTGQXdCDk7FZzOFzcllvMs3WcCearlPlaOYxFZccwmSwykh6cvDG-VApbAynuCG5r2DL11KE6Q3Va7_shNhJt8GgY1qBu6UuUYQrj_6vJcE8c5GeyvAAHlOd1jMR5-Ga_ze6-3KfE2N2jufssm4s5e-x1nVfOCJ6BhdjhslsXGtKEfVf4zzK8h05MBAbK5yC_sfo99jjixL7UspF0kwLXDemznUtOCKVLk82sDORoNjmE6eDKItv7QRbfQhWrfcQDNXOOxjli01YS30OneMQ_aXhToFZMzBGikexnf-lJxP7sYFUwUg3v6_ms4SQ7yOEy5EUGSAeQ0EO9QG7w-4MU3697_z5DsuZIZcdt8N1GOomd623d-APM-BsmY6pU44sw9i44SZsE4bp1NTbzLXNa5mYXxV8DsOX2Fn3iROhBDjzqe3SeX-04W8_oNPMwEwPvljxfVmavcX6WYuCdHEFLsAR-0tM0Ke6i1aPAZLBrglvA233KH1DgukWD72G2vvDeDjy4y6iKW8IAeTLQtWDgJg60IzLmFXKXmiVkWf9jwl-TJCmTEruoc1xXs70DYlwIagTKqlobpOqcn_PUse9Hjfw
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame BA99
Redirect Chain
  • https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js
  • https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
30 KB
14 KB
Script
General
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7a785e8b2ad30e6279397d656a61f70ad6341ee944c310df19593d8fabd79d9f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
content-encoding
gzip
last-modified
Tue, 21 Nov 2023 08:14:37 GMT
server
nginx
x-amz-request-id
tx00000df74e44f68a2232d-00655c671a-3295cc06-default
etag
W/"d66b8df08256b7e89279e9f83d1d7c5e"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800

Redirect headers

location
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
content-type
text/html
match
c1.adform.net/serving/cookie/ Frame 53D9
35 B
591 B
Document
General
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 23 Jan 2024 03:38:37 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
sync
sync-pm.ads.yieldmo.com/ Frame 5AC5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2380373011570053850&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&pi=pubmatic&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D7BC00642-7252-4DDF-B9FE-EF913FD24BAB%26gdpr%3D0%26gdpr_consent%3...
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
43 B
645 B
Document
General
Full URL
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.71.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-71-202.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-length
43
content-type
image/gif;charset=utf-8
date
Tue, 23 Jan 2024 03:38:38 GMT
pragma
no-cache

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 23 Jan 2024 03:38:36 GMT
location
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
sync
sync-pm.ads.yieldmo.com/ Frame 42DB
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7327133105123162272&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D7BC00642-7252-4DDF-B9FE-EF913FD24BAB%26gdpr%3D0%26gdpr_consent%3...
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
43 B
646 B
Document
General
Full URL
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.71.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-71-202.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-length
43
content-type
image/gif;charset=utf-8
date
Tue, 23 Jan 2024 03:38:38 GMT
pragma
no-cache

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 23 Jan 2024 03:38:37 GMT
location
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 717D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=12759afa-0c2a-4f6f-9f4c-d3bd3772b705&ssp=pubmatic&gdpr=0
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:cc2aa801-4ca5-4833-8ef2-1f58b6885a72&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0
Document
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Tue, 23 Jan 2024 03:38:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 23 Jan 2024 03:38:36 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
sync
sync-pm.ads.yieldmo.com/ Frame 801E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tAfc8mllVrldEoksSbg9lJVYG1I&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D7BC00642-7252-4DDF-B9FE-EF913FD24BAB%26gdpr%3D0%26gdpr_consent%3...
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
43 B
645 B
Document
General
Full URL
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.71.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-71-202.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-length
43
content-type
image/gif;charset=utf-8
date
Tue, 23 Jan 2024 03:38:38 GMT
pragma
no-cache

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 23 Jan 2024 03:38:37 GMT
location
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame E65D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAACx07LXmkAABMh1hX3Cw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dsas%252Cpm%26be...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=1&ev=AAACx07LXmkAABMh1hX3Cw&pid=558502&do...
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAACx07LXmkAABMh1hX3Cw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=pm&bee_sync_hop_count=2&userid=4714513488865049119&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAACx07LXmkAABMh1hX3Cw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3205897004932985690&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:cc2aa801-4ca5-4833-8ef2-1f58b6885a72&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0
Document
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 23 Jan 2024 03:38:36 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 7577
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9064062763748439557
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5d408aec03351902&is_secure=true&networkId=17100&version=1&nuid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI53KJ4TNZxwNK3Bo7AAAAAAA&expiration=1706067518&nuid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&...
42 B
298 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI53KJ4TNZxwNK3Bo7AAAAAAA&expiration=1706067518&nuid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 23 Jan 2024 03:38:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Tue, 23 Jan 2024 03:38:38 GMT
expires
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI53KJ4TNZxwNK3Bo7AAAAAAA&expiration=1706067518&nuid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&is_secure=true&gdpr_consent=&gdpr=0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 6F17
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433832264167376
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&pi=pubmatic&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=d0913bc5210176c&is_secure=true&networkId=17100&version=1&nuid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAH7PsphgEUSwMUz6FWAAAAAAA&expiration=1706067518&nuid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:cc2aa801-4ca5-4833-8ef2-1f58b6885a72&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0
Document
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Tue, 23 Jan 2024 03:38:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 23 Jan 2024 03:38:37 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
sync
sync-pm.ads.yieldmo.com/ Frame AC8D
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdb73d62c9631481b952ab4182d9b5058
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D7BC00642-7252-4DDF-B9FE-EF913FD24BAB%26gdpr%3D0%26gdpr_consent%3...
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
43 B
645 B
Document
General
Full URL
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.71.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-71-202.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-length
43
content-type
image/gif;charset=utf-8
date
Tue, 23 Jan 2024 03:38:38 GMT
pragma
no-cache

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 23 Jan 2024 03:38:37 GMT
location
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
mw
mwzeom.zeotap.com/ Frame A384
95 B
439 B
Image
General
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3262 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
849d01430d011e4b-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame A384
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B
Image
General
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
HTTP/1.1
Server
77.243.51.122 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:40 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:40 GMT
frontend-id
9
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame A384
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame A384
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Lb6c4pBE2uV5c3Yp1j4IU744CLTx2FE-~A&gdpr=0
0
48 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Lb6c4pBE2uV5c3Yp1j4IU744CLTx2FE-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Lb6c4pBE2uV5c3Yp1j4IU744CLTx2FE-~A&gdpr=0
date
Tue, 23 Jan 2024 03:38:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ImgSync
image8.pubmatic.com/AdServer/ Frame A384
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&pi=pubmatic&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&pi=pubmatic&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
106 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Tue, 23 Jan 2024 03:38:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame A384
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&pi=pubmatic&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
40 B
Image
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Tue, 23 Jan 2024 03:38:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
sync-pm.ads.yieldmo.com/ Frame A384
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6642307efb0d176c&is_secure=true&networkId=17100&version=1&nuid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIUjvC2ZXOhwNKMzEYAAAAAAA&expiration=1706067517&nuid=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D7BC00642-7252-4DDF-B9FE-EF913FD24BAB%26gdpr%3D0%26gdpr_consent%3...
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
43 B
645 B
Image
General
Full URL
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Server
54.154.71.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-71-202.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:38 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=7BC00642-7252-4DDF-B9FE-EF913FD24BAB&gdpr=0&gdpr_consent=
date
Tue, 23 Jan 2024 03:38:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
6474c072a1465dfb33f167e6
c.bannerflow.net/a/ Frame 31A6
73 KB
24 KB
Script
General
Full URL
https://c.bannerflow.net/a/6474c072a1465dfb33f167e6?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2f428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com%2f
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e31763b17bd5c4ffe1ddace651407190acbc12fc9b1c5fc6dabce0adda645f2d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 23 Jan 2024 03:38:37 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
849d0142de549b95-FRA
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
view
securepubads.g.doubleclick.net/pcs/ Frame EF46
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGdDgOSMTMQ1gR4Xi02JZYoH5l77xQKfP4vN70mL5sJwazu129DHXTma1jKnvO6BDzJ3GHzPE8hoYNSd5iDsC5EQLEDnzufLmBZUrPfR6gC8PXeA8dTTh4g9Ad2n7aK4znMrpBriGyXiWMhuH8-sew1XTprSaZbli02IyardsLCEISbB_26ucM_rzFwlVllh5EOQwP7xBW-HGfjX1MJWnBZrbbRgcJ3CL-vhn8Oe9JnUywTKq13UgSzpI-J955CnIfHWJ8dpEfMQxmrfZ6EEX2sAAMOYpGzHrsG-FVTzINn_MgZDmHzbpakIyX0Ts3OWcrKmefM6Lgyr9VK989O0lO6819HQXxMI1hsK72bZhqnfVGRW5uHKeUMw&sai=AMfl-YS1xXX3r9OMO-q9A7y8aY1urGPHZmFdIt22_YjGHZLAAPUSRtAlL4vQmNzeJF70oElO8BtoaeW93JtuxRv7bJa4OuQJCoA9mn--k16GGzQmsq51y5tDzyEey1Hy5gU&sig=Cg0ArKJSzD2v7iZspQMiEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 23 Jan 2024 03:38:37 GMT
dvbs_src_internal125.js
cdn.doubleverify.com/ Frame 3D1C
60 KB
20 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvbs_src_internal125.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=23723680&cmp=25-as-pub&plc=414281&sid=50003&dvregion=0&unit=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff18 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software
UploadServer /
Resource Hash
a7e081ac2862a2c9fe794a716293c201eb0cc90623edfe349438c3af8f58ca6a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mediaintelligence.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 03:38:37 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17 Dec 2023 15:12:36 GMT
Server
UploadServer
ETag
"8188d451e0a669939fa9ed400c00d127"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19695
Expires
Wed, 22 Jan 2025 03:38:37 GMT
1013.json
id5-sync.com/g/v2/
251 B
525 B
Fetch
General
Full URL
https://id5-sync.com/g/v2/1013.json
Requested by
Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
778cda59d4bf374327b73a7033b5a8e2184b00ca79badb671bfdfe5702e08586
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://folkd.com
date
Tue, 23 Jan 2024 03:38:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
usync.html
eus.rubiconproject.com/ Frame 990D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=vidazoo&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
281 B
555 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
Requested by
Host: sync.cootlogix.com
URL: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.cootlogix.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Jan 2024 03:38:37 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 23 Jan 2024 03:38:37 GMT
location
https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
server
AkamaiGHost
ibs:dpid=175765&dpuuid=63ff35f40d98771db0ffa5acb0950ce0
dpm.demdex.net/ Frame 181E
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=63ff35f40d98771db0ffa5acb0950ce0
42 B
717 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=63ff35f40d98771db0ffa5acb0950ce0
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000033.html
Protocol
H2
Server
52.49.110.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-110-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-082fe620b.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Tue, 23 Jan 2024 03:38:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
XV1ozNzaSzs=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Tue, 23 Jan 2024 03:38:37 GMT
via
1.1 b6a955345e4fcc7881bd0a9815e8286e.cloudfront.net (CloudFront)
x-clacks-overhead
GNU Terry Pratchett
x-adswizz-request-id
cbb246eb-4e5b-4436-9fbf-da50e7a73fce
x-amz-cf-pop
FRA56-P9
x-cache
Miss from cloudfront
location
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=63ff35f40d98771db0ffa5acb0950ce0
x-amz-cf-id
qxVCpaTJexFs0cC2TUJN3gYl_aN-fu_ts1ZX1mWvyGIoBBuoIgGpZA==
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame DF42
236 KB
63 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/UIC_Berkant_Okt_Update/UIC_Berkant_300x250_DE/index.html?clicktag=https%3A%2F%2Fmin.tryiqos.ch%2Ftrck%2Feclick%2F449f5b35d42da36109fb9c0488f8191a%3Fsubid%3DoneidK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaqoneid__dbm_Awin_Reach02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Jan 2024 03:38:37 GMT
index.js
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/UIC_Berkant_Okt_Update/UIC_Berkant_300x250_DE/ Frame DF42
233 KB
36 KB
Script
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/UIC_Berkant_Okt_Update/UIC_Berkant_300x250_DE/index.js
Requested by
Host: data.mediaintelligence.de
URL: https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/UIC_Berkant_Okt_Update/UIC_Berkant_300x250_DE/index.html?clicktag=https%3A%2F%2Fmin.tryiqos.ch%2Ftrck%2Feclick%2F449f5b35d42da36109fb9c0488f8191a%3Fsubid%3DoneidK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaqoneid__dbm_Awin_Reach02
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
78c8ebe2c081e12621fe91b41ec808f75baa6f6539bfa70d1da74c68949b8efa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/UIC_Berkant_Okt_Update/UIC_Berkant_300x250_DE/index.html?clicktag=https%3A%2F%2Fmin.tryiqos.ch%2Ftrck%2Feclick%2F449f5b35d42da36109fb9c0488f8191a%3Fsubid%3DoneidK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaqoneid__dbm_Awin_Reach02
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:34:24 GMT
content-encoding
br
last-modified
Mon, 09 Oct 2023 07:06:19 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
etag
"6523a66b-3a53c"
access-control-max-age
3600
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length
x-cdn-pop
sbg
accept-ranges
bytes
access-control-allow-headers
Range
content-length
36782
x-request-id
524983346
afr.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 8B70
6 KB
2 KB
Document
General
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Requested by
Host: cdn.adswizz.com
URL: https://cdn.adswizz.com/adswizz/js/SynchroClient2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
/
Resource Hash
4043527f155c11dfc119f5aa843b25741bc423a8d9469b65d70eb9296043a3d3

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-charset
utf-8
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Tue, 23 Jan 2024 03:38:37 GMT
p3p
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
vary
Accept-Encoding
via
1.1 b6a955345e4fcc7881bd0a9815e8286e.cloudfront.net (CloudFront)
x-adswizz-banner-status-code
0
x-adswizz-request-id
bcd78643-592b-4e03-b202-0b568f577e6f
x-amz-cf-id
vEes86pjrb8IxgB72m9cz3dHZhHtKgNIJubdCROZtXMEpJYobVnDlw==
x-amz-cf-pop
FRA56-P9
x-cache
Miss from cloudfront
x-clacks-overhead
GNU Terry Pratchett
dv-measurements5275.js
cdn.doubleverify.com/ Frame 83E0
417 KB
99 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements5275.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff18 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software
UploadServer /
Resource Hash
1de4ab26b147f56d8be8ca51ad9169399b113cab7356cd70aeca850a61937fae

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://min.tryiqos.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 03:38:37 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Jan 2024 12:18:50 GMT
Server
UploadServer
ETag
"044ea75cfed6e317b51050b1417a134e"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
101408
Expires
Wed, 22 Jan 2025 03:38:37 GMT
verify.js
rtb0.doubleverify.com/ Frame 3D1C
443 B
580 B
Script
General
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_684464496169&jsTagObjCallback=__tagObject_callback_684464496169&num=6&ctx=23723680&cmp=25-as-pub&plc=414281&sid=50003&advid=&adsrv=&unit=300x250&isdvvid=&uid=684464496169&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&brid=3&brver=89&bridua=3&dup=null&srcurlD=4&ssl=1&refD=4&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=26&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=172&eparams=DC4FC%3Dl9EEADTbpTauTau%3E65%3A2%3A%3FE6%3D%3D%3A86%3F46%5D56TauEC4%3CTau69E%3E%3D4%40%3FE6%3FETaucch7d3bd5ca52be%604e%60h_4ddeeg52343%5D9E%3ETbuEATbs%40%3F6E28TaeDF3%3A5Tbs%40%3F6%3A5%23I%60%2587aA6fr%3CB8*4%3CwHwbE%22E%2B%2By%3E4H%25K%25*Bwf%40%3F6%3A50053%3E0pH%3A%3F0%236249_aTae85AC04%40%3FD6%3FETbsTae85ACTbs_Tae85AC0A5Tbs_Tae4%40%3FE6%3FE%40%3F%3DJTbsECF6Tae424963FDE6CTbs%60f_dhg%60%60%60eU2%3F4r92%3A%3Fl9EEADTbpTauTau7%40%3D%3C5%5D4%40%3ETar9EEADTbpTauTaucag4ac777f7d3fbh67c4_%60a6f75fbfb5%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTaucag4ac777f7d3fbh67c4_%60a6f75fbfb5%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau2D%5D25c%3E%5D2ETar9EEADTbpTauTau%3E65%3A2%3A%3FE6%3D%3D%3A86%3F46%5D56&dvp_exetime=30.70&callbackName=__verify_callback_684464496169
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal125.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
8668702ca9c30d629858b6da28f9f23d4d65b9901e08ba66946b274ba591c436

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mediaintelligence.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:38 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
01/22/2024 03:38:38
usync.js
eus.rubiconproject.com/ Frame 990D
40 KB
11 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cd3bec578049163e4cd3e91e52d55040e999465b011fde978ca10b689317ac4c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 03:38:37 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Jan 2024 09:39:05 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=21580
Connection
keep-alive
Content-Length
10964
Expires
Tue, 23 Jan 2024 09:38:17 GMT
dt
dt.adsafeprotected.com/ Frame DE85
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=8095&asId=734c5183-433c-0410-aefa-573050149c45&tv=%7Bc:25LI1j,pingTime:0,time:2410,type:pf,im:%7Bpci:%7Btdr:1760%7D%7D,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:253%7D,%7Bpiv:100,vs:i,r:,t:2410%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:2410,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:253,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2173~0,0~100%5D,as:%5B2173~300.600%5D%7D%7D,%7Bsl:i,t:2410,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2173~0,0~100%5D,as:%5B2173~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:265,fm:u29AU4D+11%7C12%7C13%7C14111%7C14112%7C141131%7C141132%7C141133%7C141134%7C141135%7C14114%7C14115%7C14116%7C14117%7C1412%7C1413%7C1414%7C1415%7C15%7C16%7C171*.8095%7C1711%7C1811%7C1911%7C1a%7C1b%7C1c%7C1d,idMap:171*,rmeas:1,rend:1,renddet:IMG.qs,siq:254,sis:390%7D&br=c
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:e315:15fa:9bb4:390c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:38 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
64809109b614435d92f827c1
c.bannerflow.net/a/ Frame BA99
73 KB
24 KB
Script
General
Full URL
https://c.bannerflow.net/a/64809109b614435d92f827c1?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2f428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com%2f
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c376bcc8c95fa807daa0d92f87d1dbb2e47ea5582397d66aee8bdbe20490222d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 23 Jan 2024 03:38:38 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
849d01436e859b95-FRA
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
preload.jpg
c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/published/4931098/7395430/ Frame 31A6
16 KB
16 KB
Image
General
Full URL
https://c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/published/4931098/7395430/preload.jpg
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5681fdd600e64a571f62ad76bddbaaeb5eaed08a7cf1a49c5e68c37692467d95

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 Jan 2024 03:38:37 GMT
cf-cache-status
HIT
content-md5
HjPHKnj2JYenGHUPUasC7Q==
age
7131812
content-length
16412
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Thu, 14 Sep 2023 09:50:50 GMT
server
cloudflare
etag
"0x8DBB508140A300D"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
c8e39399-201e-005a-6fd0-0c8bc1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
accept-ranges
bytes
cf-ray
849d01436e8a9b95-FRA
visit.js
tps.doubleverify.com/ Frame 83E0
718 B
750 B
Script
General
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=79&ttfrms=14&brid=3&brver=89.0.4389.72&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3E%3A%3F%5DECJ%3AB%40D%5D49TauEC4%3CTau69E%3E%3D4%40%3FE6%3FETaucch7d3bd5ca52be%60_h73h4_cgg7g%60h%602%5D9E%3ETbuEATbs%40%3F6E28TaeDF3%3A5Tbs%40%3F6%3A5z%60br%237%23dIa73%23zb4dw%7Cw%3CE!Edd6sug%25p%25gv2B%40%3F6%3A50053%3E0pH%3A%3F0%236249_aTae85AC04%40%3FD6%3FETbsTae85ACTbs_Tae85AC0A5Tbs_Tae4%40%3FE6%3FE%40%3F%3DJTbsECF6Tae424963FDE6CTbs%60f_dhg%60%60%60eU2%3F4r92%3A%3Fl9EEADTbpTauTau7%40%3D%3C5%5D4%40%3ETar9EEADTbpTauTaucag4ac777f7d3fbh67c4_%60a6f75fbfb5%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTaucag4ac777f7d3fbh67c4_%60a6f75fbfb5%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau2D%5D25c%3E%5D2ETar9EEADTbpTauTau%3E%3A%3F%5DECJ%3AB%40D%5D49&srcurlD=4&aUrlD=0&ssl=https:&dfs=160&ddur=101&uid=1705981118019701&jsCallback=dvCallback_1705981118019371&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5275&tgjsver=5275&lvvn=28&m1=13&refD=4&referrer=https%3A%2F%2Fmin.tryiqos.ch%2Ftrck%2Fehtmlcontent%2F449f5b35d42da36109fb9c0488f8191a.htm%3Ftp%3Donetag%26subid%3DoneidK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaqoneid__dbm_Awin_Reach02%26gdpr_consent%3D%26gdpr%3D0%26gdpr_pd%3D0%26contentonly%3Dtrue%26cachebuster%3D1705981116&fcifrms=26&brh=2&dvp_epl=734&noc=4&nav_pltfrm=Win32&ctx=23723680&cmp=25&sid=50003&plc=418192&adsrv=0&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=796911324.2828939&ee_dp_sukv=796911324.2828939&dvp_tukv=4801690.489077702&ee_dp_tukv=4801690.489077702&dvp_tuid=684249680079&jurtd=2191464953
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5275.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
09d504a3c8079958601741cd2d93308fd15eac55184dafa7886d1e9f160e8335

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://min.tryiqos.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:38 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
01/22/2024 03:38:38
khaos.json
token.rubiconproject.com/ Frame 990D
7 B
778 B
XHR
General
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LRPT3VT0-1Y-G0V7
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
ef823186f233724f4775c0c4b9549d14
Expires
0
swfobject-2.2.min.js
delivery-cdn-cf.adswizz.com/adswizz/js/ Frame 8B70
9 KB
9 KB
Script
General
Full URL
https://delivery-cdn-cf.adswizz.com/adswizz/js/swfobject-2.2.min.js
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-88.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 00:37:50 GMT
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2015 12:24:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
10849
etag
"e6a40488a5f5774d02c06d0787ef01d8"
x-cache
Hit from cloudfront
content-type
application/x-javascript
accept-ranges
bytes
content-length
9211
x-amz-cf-id
RL12wNwxJhFeowCnjq329YbIslcwvAdYLKte88qd79oSa_eG4vPVqA==
lg.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 8B70
43 B
348 B
Image
General
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/lg.php?adData=targeted-publisher-info%3A2%3Bsynchroscript%5Ebilling%3Asynchroscript_A12%3B14%3BUSD%3B0.00000000%3Bfalse%5EtraceId%3Ae4d03476-b9a0-11ee-8488-0af8de5cd12d%5EAS%2Fi%3Asynchroscript%3Bad_id%3A14%3Bzone_id%3A9%3Bview_key%3A1705981117986%3Bduration%3A0%3Baf%3A0.00000000%3Btf%3A0.00000000%3Bnp%3A0.00000000%3Bgp%3A0.00000000%3Bc%3AUSD%3Bbaf%3A0.00000000%3Bbtf%3A0.00000000%3Bbnp%3A0.00000000%3Bbgp%3A0.00000000%3Bbc%3AUSD%3Bat%3A1%3Bo_id%3A0%3Bc_id%3A4%5Epchain%3A52ded3ee71b94c84%3Asynchroscript&loc=&referer=https%3A%2F%2Fsync.serverbid.com%2F&listenerId=63ff35f40d98771db0ffa5acb0950ce0&sessionId=3df4c563e38eb27adde4179a0455e6a&ip=%3A%3Affff%3A149.88.27.82&user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&aw_0_req.gdpr=false&cbs=7052818&aw_0_req.gdpr=false&aw_0_azn.pname=%5B%22Sync+Publisher%22%5D
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
via
1.1 b6a955345e4fcc7881bd0a9815e8286e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
content-length
43
x-amz-cf-id
iMy8kFRrAAkxpyT0xX9e9bo7T1sB_FPqhe5BQLrdnOTC50VFiWucHw==
/
c.bannerflow.net/tr/v2/pixel/ Frame 31A6
0
33 B
Ping
General
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6474c072a1465dfb33f167e6?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2f428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
849d01441ebc9b95-FRA
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
cookie
sync.cootlogix.com/api/ Frame 990D
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=vidazoo&khaos=LRPT3VT0-1Y-G0V7
  • https://sync.cootlogix.com/api/cookie?partnerId=rubicon&userId=LRPT3VT0-1Y-G0V7
43 B
496 B
Image
General
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=rubicon&userId=LRPT3VT0-1Y-G0V7
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=vidazoo&endpoint=us-east
Protocol
H2
Server
192.241.159.82 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.cootlogix.com/api/cookie?partnerId=rubicon&userId=LRPT3VT0-1Y-G0V7
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ef743da9b7e7268fce5cacf31fd0f0c
Expires
0
index_atlas_P_1.png
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/UIC_Berkant_Okt_Update/UIC_Berkant_300x250_DE/images/ Frame DF42
21 KB
21 KB
Image
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/UIC_Berkant_Okt_Update/UIC_Berkant_300x250_DE/images/index_atlas_P_1.png
Requested by
Host: min.tryiqos.ch
URL: https://min.tryiqos.ch/trck/ehtmlcontent/449f5b35d42da36109fb9c0488f8191a.htm?tp=onetag&subid=oneidK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaqoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0&contentonly=true&cachebuster=1705981116
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
c387a224147908b2c32356bac948199878f42cd6413965d1abf266978605189a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/UIC_Berkant_Okt_Update/UIC_Berkant_300x250_DE/index.html?clicktag=https%3A%2F%2Fmin.tryiqos.ch%2Ftrck%2Feclick%2F449f5b35d42da36109fb9c0488f8191a%3Fsubid%3DoneidK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaqoneid__dbm_Awin_Reach02
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:47:33 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
21066
x-request-id
242189597
last-modified
Mon, 09 Oct 2023 07:06:23 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"6523a66f-524a"
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Thu, 01 Feb 2024 09:47:33 GMT
preload.jpg
c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/published/5041735/7233098/ Frame BA99
17 KB
17 KB
Image
General
Full URL
https://c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/published/5041735/7233098/preload.jpg
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3167f736560284d97a1e3cda600b00c3ada2f5aaae9322e84db77b00406aadc0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
HIT
content-md5
0hST4vzZ6Rl3wTqziQHZ3g==
age
4386529
content-length
17513
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Wed, 30 Aug 2023 07:33:22 GMT
server
cloudflare
etag
"0x8DBA92B63A17A61"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
b3993b79-201e-0065-7ec8-257b97000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
accept-ranges
bytes
cf-ray
849d01442ec39b95-FRA
ajs.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 8B70
62 B
543 B
Script
General
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/ajs.php?zoneid=8&withtext=1&isDisableLogImpression=1&listenerId=63ff35f40d98771db0ffa5acb0950ce0&cb=53962842281&charset=windows-1252&loc=https%3A//synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php%3Fzoneid%3D9%26aw_0_req.gdpr%3Dfalse&referer=https%3A//sync.serverbid.com/
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
/
Resource Hash
561f0617a91b096621ac6333edc08b37354ce40503454c5764554a9f33479321

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
via
1.1 b6a955345e4fcc7881bd0a9815e8286e.cloudfront.net (CloudFront)
x-clacks-overhead
GNU Terry Pratchett
accept-charset
utf-8
x-adswizz-request-id
e78e9f54-46e2-4785-8460-b74fb17d2d28
x-amz-cf-pop
FRA56-P9
x-cache
Miss from cloudfront
p3p
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
access-control-allow-origin
*
content-type
application/x-javascript
content-length
62
x-amz-cf-id
K9lwZHIkCy2X0fAitRT5st6s5pUNwd6M6-ckbTuMvJk3HcyokWM0fw==
index_atlas_NP_1.jpg
data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/UIC_Berkant_Okt_Update/UIC_Berkant_300x250_DE/images/ Frame DF42
24 KB
25 KB
Image
General
Full URL
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/UIC_Berkant_Okt_Update/UIC_Berkant_300x250_DE/images/index_atlas_NP_1.jpg
Requested by
Host: min.tryiqos.ch
URL: https://min.tryiqos.ch/trck/ehtmlcontent/449f5b35d42da36109fb9c0488f8191a.htm?tp=onetag&subid=oneidK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaqoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0&contentonly=true&cachebuster=1705981116
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.200.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
65b25f24667e48a877baeb0703c4dbf397b14ead350d0d31daae49e7612a88ba

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://data.mediaintelligence.de/min/Phillip_Morris_CH_48924_50298/2023/UIC_Berkant_Okt_Update/UIC_Berkant_300x250_DE/index.html?clicktag=https%3A%2F%2Fmin.tryiqos.ch%2Ftrck%2Feclick%2F449f5b35d42da36109fb9c0488f8191a%3Fsubid%3DoneidK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaqoneid__dbm_Awin_Reach02
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:47:33 GMT
x-cacheable
Matched cache
x-cdn-pop
sbg
content-length
24962
x-request-id
242189598
last-modified
Mon, 09 Oct 2023 07:06:23 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"6523a66f-6182"
access-control-max-age
3600
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=2592000
accept-ranges
bytes
access-control-allow-headers
Range
expires
Thu, 01 Feb 2024 09:47:33 GMT
/
c.bannerflow.net/tr/v2/pixel/ Frame BA99
0
33 B
Ping
General
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/64809109b614435d92f827c1?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2f428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
849d01445ed79b95-FRA
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
bsevent.gif
rtbc-ew1.doubleverify.com/ Frame 3D1C
0
301 B
Ping
General
Full URL
https://rtbc-ew1.doubleverify.com/bsevent.gif?flvr=0&impid=c098000bd67e4305bf687d557b8cf05a&vfdur=175&cbust=1705981118168869
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal125.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mediaintelligence.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://mediaintelligence.de
Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:38 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2024-01-22T03:38:38
dv-measurements5275.js
cdn.doubleverify.com/ Frame 1102
417 KB
99 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements5275.js
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff18 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software
UploadServer /
Resource Hash
1de4ab26b147f56d8be8ca51ad9169399b113cab7356cd70aeca850a61937fae

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mediaintelligence.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Jan 2024 03:38:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Jan 2024 12:18:50 GMT
Server
UploadServer
ETag
"044ea75cfed6e317b51050b1417a134e"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
no-transform, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
101408
Expires
Wed, 22 Jan 2025 03:38:38 GMT
ajs.php
synchroscript.deliveryengine.adswizz.com/www/delivery/ Frame 8B70
62 B
544 B
Script
General
Full URL
https://synchroscript.deliveryengine.adswizz.com/www/delivery/ajs.php?zoneid=8&withtext=1&cb=67800392971&charset=windows-1252&loc=https%3A//synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php%3Fzoneid%3D9%26aw_0_req.gdpr%3Dfalse&referer=https%3A//sync.serverbid.com/
Requested by
Host: synchroscript.deliveryengine.adswizz.com
URL: https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-103.fra56.r.cloudfront.net
Software
/
Resource Hash
b159ecc236252d7d25331d47c209c7bcd4e54adeb375a8881e88c91a2efe467b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://synchroscript.deliveryengine.adswizz.com/www/delivery/afr.php?zoneid=9&aw_0_req.gdpr=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
via
1.1 b6a955345e4fcc7881bd0a9815e8286e.cloudfront.net (CloudFront)
x-clacks-overhead
GNU Terry Pratchett
accept-charset
utf-8
x-adswizz-request-id
0c444281-8c19-42e0-860d-6e59c488c802
x-amz-cf-pop
FRA56-P9
x-cache
Miss from cloudfront
p3p
policyref="synchroscript.adswizz.com/docs/adswizz_adserver.htm", CP="CUR OUR NAV INT IND"
access-control-allow-origin
*
content-type
application/x-javascript
content-length
62
x-amz-cf-id
aikaulht6dGNM9woq2R1YZW0jxvgne4dh4kXbQKRDk0823Co3FWKNg==
view
securepubads.g.doubleclick.net/pcs/ Frame 7C9A
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTNws81PXqZ9NyFfz6k_4smrJRoTN_aiW-UuucJUSkSZy2S2ri8OSAHf7n5IeY4lmZpwmp56GuwASmLR0X4wXybcpii_tl8yUXR3lqmtmHmnG2aZwZXkL9i9wScBw1tucMAFfY_-MsPX8GBSLhMs8Ya24Ohdi1fkUoa6K4HTkEzp0QL4ProVE5V_IsAdboAketWADLLOylpF2URNJf4d-RS-31KLnyyChr3nlSjfI6PkEr_fhkcUU-cx8_IkSKmHEFRQEnHmu3xMkbnvAc4cLf7rT2h0j-69nj4Hn1_hj59uFr7zHV8qUFNfluxiui9EPQ_qlXFnD2275Uy0-eCpIB2SGqZxSbv7h8X1uSi7U7xsXa4JaFlYUmI94&sai=AMfl-YQH7J41i9qKNDCTZol_YiGi_sPFy58pG_DRwSl-PlT3igISqCajxyJyN0-mv2ciTOPnxwGgkH122zq4akLcL4y9KdGDc2IEkFFx1aMgPrSRhdLabY-PtBD4kN2xgp8&sig=Cg0ArKJSzCgziIcogXlhEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 23 Jan 2024 03:38:38 GMT
visit.js
tps.doubleverify.com/ Frame 1102
718 B
751 B
Script
General
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=48&ttfrms=4&brid=3&brver=89.0.4389.72&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3E65%3A2%3A%3FE6%3D%3D%3A86%3F46%5D56TauEC4%3CTau69E%3E%3D4%40%3FE6%3FETaucch7d3bd5ca52be%604e%60h_4ddeeg52343%5D9E%3ETbuEATbs%40%3F6E28TaeDF3%3A5Tbs%40%3F6%3A5%23I%60%2587aA6fr%3CB8*4%3CwHwbE%22E%2B%2By%3E4H%25K%25*Bwf%40%3F6%3A50053%3E0pH%3A%3F0%236249_aTae85AC04%40%3FD6%3FETbsTae85ACTbs_Tae85AC0A5Tbs_Tae4%40%3FE6%3FE%40%3F%3DJTbsECF6Tae424963FDE6CTbs%60f_dhg%60%60%60eU2%3F4r92%3A%3Fl9EEADTbpTauTau7%40%3D%3C5%5D4%40%3ETar9EEADTbpTauTaucag4ac777f7d3fbh67c4_%60a6f75fbfb5%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTaucag4ac777f7d3fbh67c4_%60a6f75fbfb5%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau2D%5D25c%3E%5D2ETar9EEADTbpTauTau%3E65%3A2%3A%3FE6%3D%3D%3A86%3F46%5D56&srcurlD=4&aUrlD=0&ssl=https:&dfs=146&ddur=79&uid=1705981118224484&jsCallback=dvCallback_1705981118224897&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=0&winw=0&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5275&tgjsver=5275&lvvn=28&m1=13&refD=4&referrer=https%3A%2F%2Fmediaintelligence.de%2Ftrck%2Fehtmlcontent%2F449f5b35d42da361c6190c55668dabcb.htm%3Ftp%3Donetag%26subid%3DoneidRx1Tgf2pe7CkqgYckHwH3tQtZZJmcwTzTYqH7oneid__dbm_Awin_Reach02%26gdpr_consent%3D%26gdpr%3D0%26gdpr_pd%3D0%26contentonly%3Dtrue%26cachebuster%3D1705981116&fcifrms=26&brh=2&dvp_epl=758&noc=4&nav_pltfrm=Win32&ctx=23723680&cmp=25&sid=50003&plc=414281&adsrv=0&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=758981212.398433&ee_dp_sukv=758981212.398433&dvp_tukv=415815530.86244684&ee_dp_tukv=415815530.86244684&dvp_tuid=1624219625095&jurtd=95232291
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5275.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
8bcac8d081dd5a705d9f51acc519536f65ef3c5761e7140132e97fbc5e90ab58

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mediaintelligence.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:38 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
01/22/2024 03:38:38
document.000000062AF832.js
c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/published/5041993/7395980/ Frame E0BD
11 KB
2 KB
Script
General
Full URL
https://c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/published/5041993/7395980/document.000000062AF832.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6480988eb614435d92f82800?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2f428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e75a7b677ff22f2387eeaead5e53f08c223fb487f1001776870c515815f9062

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 Jan 2024 03:38:38 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
yL+P7YRKxmg4TB8uQMqOlw==
age
845288
cf-polished
origSize=12496
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Thu, 14 Sep 2023 10:13:16 GMT
server
cloudflare
etag
W/"0x8DBB50B367962D4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b3f93049-801e-0043-22fd-45338f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
849d01457fd99b95-FRA
animated-creative.b105a4e6577fb08357fd.js
c.bannerflow.net/scripts/ Frame E0BD
156 KB
53 KB
Script
General
Full URL
https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6480988eb614435d92f82800?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2f428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c1a71b0825d5c2a91d238da77ede821f8df46b20974aa774f5bc03aefe6a45

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 Jan 2024 03:38:38 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
lEV9j3pUvMgu01szZkbLog==
age
4738406
cf-polished
origSize=159577
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Thu, 31 Aug 2023 09:36:51 GMT
server
cloudflare
etag
W/"0x8DBAA05CE239A64"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d6af5344-301e-000b-7095-222eb8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
849d01457fda9b95-FRA
PugMaster
image6.pubmatic.com/AdServer/ Frame CBB8
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49033928&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
70d8d351338dbd0e13c2305d578d19d14d1cc639cc7819c707d9ce931b499ce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 23 Jan 2024 03:38:37 GMT
content-length
1589
content-type
text/html; charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame DE1C
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfuk50I_IVsdgFQU4-9tgi8LYCvYmNOq6w-gYjT4jf_q_AKX2n5W7l7kv5F1TC5OAGe-7mej7qxCUOLQQ2pmlhXJ9UEtK6UXBailaCpdfavcmsceflEkdy6GKb32K2dqTB5Ov5AZm1fZsSqEYiLz2KnZ0324MoV5PC16fQ6WOrmBJ2-ad3-UtYIn1up0HTVbmFAESVGcmCKyjSpKzWAx_La_-4niRRzKbU3j4WS9fTKMhMA7pI-VQmp9DB8qjuZ4__NH86VVrjGj1LV8bgDNOTovtkCVIrXeNHhBrih7hQl1LVeXr1HjsKvcAv1f0lCXwWXbQMphUn2c8WOscZYrD2Vws8lulJoEbAE0g09HFscWO_BZdQ6vUx3Q&sai=AMfl-YT03fRSrx-_8KLx6h7VvLH2aG8pUUNZgVxy6Qxmj5zd4xBNoxJADmF7VdqrPxx7326beVsI028pCue5dX-OdfKlf52QY9YUcIwLFv698RKU8RNKj-hvgn1JxE22Jj4&sig=Cg0ArKJSzLHmvhLJDnM5EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 23 Jan 2024 03:38:38 GMT
dt
dt.adsafeprotected.com/ Frame DE85
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=8095&asId=734c5183-433c-0410-aefa-573050149c45&tv=%7Bc:25LI6P,time:2752,type:e,im:%7BpLoad:2616%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:342,o:2410,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:253,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2173~0,0~100%5D,as:%5B2173~300.600%5D%7D%7D,%7Bsl:i,t:2410,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B342~100%5D,as:%5B342~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:206,fm:u29AU4D+11%7C12%7C13%7C14111%7C14112%7C141131%7C141132%7C141133%7C141134%7C141135%7C14114%7C14115%7C14116%7C14117%7C1412%7C1413%7C1414%7C1415%7C15%7C16%7C171*.8095%7C1711%7C1811%7C1911%7C1a%7C1b%7C1c%7C1d,idMap:171*,rmeas:1,rend:1,renddet:IMG.qs,siq:254,sis:390%7D&br=c
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:e315:15fa:9bb4:390c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:38 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
document.000000EE9BF6CD.js
c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/published/5041735/7233098/ Frame BA99
11 KB
2 KB
Script
General
Full URL
https://c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/published/5041735/7233098/document.000000EE9BF6CD.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/64809109b614435d92f827c1?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2f428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cde28e24a7f302540490018c3f1687f4b6af79543b69fd162c98970a0ec29ac7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 Jan 2024 03:38:38 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
c/3BCYi9aKpXCet+Ru8T5A==
age
4836602
cf-polished
origSize=12527
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 30 Aug 2023 07:33:24 GMT
server
cloudflare
etag
W/"0x8DBA92B6515D2A4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7cbfa67c-601e-0029-2fb0-21eba7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
849d014588009b95-FRA
animated-creative.9e2d8da8aaa138e11851.js
c.bannerflow.net/scripts/ Frame BA99
156 KB
53 KB
Script
General
Full URL
https://c.bannerflow.net/scripts/animated-creative.9e2d8da8aaa138e11851.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/64809109b614435d92f827c1?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2f428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58d7578937c83a09aa87ada0c719ef38325c2ee49a3360652ed4ef6a63e31e92

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 Jan 2024 03:38:38 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
Y3J2vB9CN61MG6BcSm1/Vw==
age
4836413
cf-polished
origSize=159585
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Fri, 18 Aug 2023 11:29:30 GMT
server
cloudflare
etag
W/"0x8DB9FDE634989BC"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
24261a4c-f01e-0066-42b0-219af3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
849d014588019b95-FRA
view
securepubads.g.doubleclick.net/pcs/ Frame 8423
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRdAmjQul46WJ4rqhznJN5HL9G-zUaImMg6548PHjQvDaWCCKhycL-4rQ2Rpn8XJdWCa7BpTzyAdHnNfFMP6gm-60N10AQns0o9DW2P-meGwtEtq_5owXEn35OCtqrct2wif9qkb0St80cOj4J9mHl8bKw31945yZiPRIqjTa7IizK824ikz5cxuoTWiqWnOdO_EOpOzyzlZX87cHzxSVTQMqm40yIHtoaU40KJyF-odwFp68tw_z5d-NnNANs_a2peJokZ6JMe9vKohBEtLXyX5HyphoGBaMHcKsP24usopvAuc0izseB2S4nUHw61V9d4fWAr3pd1MsXVkjoxu_0SYqIh63US8jjLaWkmfoe5tSaTL7iYhkzpA&sai=AMfl-YSKx3pU219Ixxcjg1s8pfZXA-Axi22JalQbF30rxKF1eb1l9tfQCNLDTEAnSYWqfaenBxHbZ4Z1PEcjQJQauWUYApJTnY-i9JROWWlsFw46_1gFZ81i3AvkYUzRgi8&sig=Cg0ArKJSzJZs-d7B7VlqEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 23 Jan 2024 03:38:38 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 4DF6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2380373011570053850&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0
Document
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 23 Jan 2024 03:38:37 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 5FEA
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7327133105123162272&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0
Document
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 23 Jan 2024 03:38:37 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame BA0F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_a18b21af-1d19-4cda-95ff-827ff27ef05d&bsw_param=75dfa792-243c-4814-8e47-a1f76ddeb89e&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0
Document
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Tue, 23 Jan 2024 03:38:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 23 Jan 2024 03:38:37 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 6A8B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tAfc8mllVrldEoksSbg9lJVYG1I&gdpr=0&gdpr_consent=
42 B
97 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tAfc8mllVrldEoksSbg9lJVYG1I&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 23 Jan 2024 03:38:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 23 Jan 2024 03:38:38 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tAfc8mllVrldEoksSbg9lJVYG1I&gdpr=0&gdpr_consent=
ImgSync
image8.pubmatic.com/AdServer/ Frame 6D70
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAACx07LXmkAABMh1hX3Cw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0
Document
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Tue, 23 Jan 2024 03:38:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 23 Jan 2024 03:38:38 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 0946
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9064062763748439557
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0
Document
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Tue, 23 Jan 2024 03:38:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 23 Jan 2024 03:38:38 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 6801
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433832264167376
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0
Document
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 23 Jan 2024 03:38:38 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame E00D
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdb73d62c9631481b952ab4182d9b5058
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0
Document
General
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

date
Tue, 23 Jan 2024 03:38:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 23 Jan 2024 03:38:37 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 962C
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 03:38:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 23 Jan 2024 03:38:38 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
usersync
usersync.gumgum.com/ Frame 3576
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=7BC00642-7252-4DDF-B9FE-EF913FD24BAB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.247.233.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-233-198.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Tue, 23 Jan 2024 03:38:38 GMT
Expires
0
Pragma
no-cache
Pug
simage2.pubmatic.com/AdServer/ Frame CBB8
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:cc2aa801-4ca5-4833-8ef2-1f58b6885a72&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:cc2aa801-4ca5-4833-8ef2-1f58b6885a72&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: folkd.com
URL: https://folkd.com/
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 23 Jan 2024 03:38:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:cc2aa801-4ca5-4833-8ef2-1f58b6885a72&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 23 Jan 2024 03:38:38 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
cookie
sync.cootlogix.com/api/ Frame 4CAA
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fcookie%3FpartnerId%3Dgrid%26userId%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D?gdpr=0&gdpr_consent=&...
  • https://sync.cootlogix.com/api/cookie?partnerId=grid&userId=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=0&gdpr_consent=&us_privacy=
43 B
496 B
Image
General
Full URL
https://sync.cootlogix.com/api/cookie?partnerId=grid&userId=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: sync.cootlogix.com
URL: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
192.241.159.82 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://sync.cootlogix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
access-control-allow-methods
GET, HEAD, OPTIONS, POST
content-type
image/avif
access-control-allow-origin
*
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length
43

Redirect headers

Location
https://sync.cootlogix.com/api/cookie?partnerId=grid&userId=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=0&gdpr_consent=&us_privacy=
Date
Tue, 23 Jan 2024 03:38:38 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
truncated
/ Frame E0BD
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
5807da41-9797-4940-a688-dc619cc52d5b
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/ Frame 4CD5
668 B
0
Script
General
Full URL
blob:https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/5807da41-9797-4940-a688-dc619cc52d5b
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
668
Content-Type
font
c.bannerflow.net/fs/api/v2/ Frame E0BD
6 KB
6 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e55163690c3a51d28cd4986%2Fa7f3c79f-6e75-4b61-b7ae-54a23c682f4e.woff&t=%20%2B.18Baegilnoprstuvw%7C
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4950a360ec2df3f4a3275b0f84e2bb7b411d993874f4e83e17c4a848f8f3d219

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2023 01:15:15 GMT
server
cloudflare
age
4242203
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=a7f3c79f-6e75-4b61-b7ae-54a23c682f4e-subset.woff
cf-ray
849d0146a8562bb8-FRA
expires
Wed, 04 Dec 2024 01:15:15 GMT
truncated
/ Frame BA99
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
6e27bd4d-d685-4492-a2fe-ef722eaf8306
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/ Frame 729E
668 B
0
Script
General
Full URL
blob:https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/6e27bd4d-d685-4492-a2fe-ef722eaf8306
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.9e2d8da8aaa138e11851.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
668
Content-Type
font
c.bannerflow.net/fs/api/v2/ Frame BA99
6 KB
6 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e55163690c3a51d28cd4986%2Ffec4b1c4-7cd9-4321-ad22-80365d190a23.woff&t=%20%2B18Baegilnoprstuvw%7C
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2be0076967a01c8ed6dee3285b73515f1e89d067927e237943ef8055492c6bc4

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2023 01:24:47 GMT
server
cloudflare
age
4241631
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=fec4b1c4-7cd9-4321-ad22-80365d190a23-subset.woff
cf-ray
849d0146a8572bb8-FRA
expires
Wed, 04 Dec 2024 01:24:47 GMT
video.a0d47cfa40cc7916c338.js
c.bannerflow.net/scripts/ Frame 31A6
10 KB
4 KB
Script
General
Full URL
https://c.bannerflow.net/scripts/video.a0d47cfa40cc7916c338.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6474c072a1465dfb33f167e6?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2f428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8403899e4eecd1bcd1ac753e8aad240ffc60f9b9d38b922f61934cee496a3e91

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 Jan 2024 03:38:38 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
c0n5XibThNKTwxepnADaSQ==
age
6125531
cf-polished
origSize=10570
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Fri, 18 Aug 2023 11:29:30 GMT
server
cloudflare
etag
W/"0x8DB9FDE6356A7FD"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d3a55e90-301e-001b-7ff7-15ebd0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
849d0146b8649b95-FRA
document.0000000C865052.js
c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/published/4931098/7395430/ Frame 31A6
16 KB
3 KB
Script
General
Full URL
https://c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/published/4931098/7395430/document.0000000C865052.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6474c072a1465dfb33f167e6?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2f428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43563ab5ef5c1e6050e852cd8382994a83f1603f7f6c95363cf1d450c296ba99

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 Jan 2024 03:38:38 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
3Bb+Z+4YKx8JHiyWgCVJww==
age
4666607
cf-polished
origSize=18086
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Thu, 14 Sep 2023 09:50:52 GMT
server
cloudflare
etag
W/"0x8DBB508150AE7EF"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0139db38-701e-0047-733c-23be88000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
849d0146b8669b95-FRA
animated-creative.b105a4e6577fb08357fd.js
c.bannerflow.net/scripts/ Frame 31A6
156 KB
53 KB
Script
General
Full URL
https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/6474c072a1465dfb33f167e6?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2f428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c1a71b0825d5c2a91d238da77ede821f8df46b20974aa774f5bc03aefe6a45

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 Jan 2024 03:38:38 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
lEV9j3pUvMgu01szZkbLog==
age
4738406
cf-polished
origSize=159577
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Thu, 31 Aug 2023 09:36:51 GMT
server
cloudflare
etag
W/"0x8DBAA05CE239A64"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d6af5344-301e-000b-7095-222eb8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
849d0146b8679b95-FRA
font
c.bannerflow.net/fs/api/v2/ Frame BA99
3 KB
3 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e55163690c3a51d28cd4986%2F0e4550a5-b612-44e0-a5e0-84c7ccfbd43f.woff&t=%20EJNTWZ
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b762f381a52cb44d27b1c836333547a4d866472f0d4b0a765da5be19bcda6d30

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2023 00:15:39 GMT
server
cloudflare
age
4245779
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=0e4550a5-b612-44e0-a5e0-84c7ccfbd43f-subset.woff
cf-ray
849d0146d8692bb8-FRA
expires
Wed, 04 Dec 2024 00:15:39 GMT
font
c.bannerflow.net/fs/api/v2/ Frame E0BD
3 KB
3 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e55163690c3a51d28cd4986%2F0e4550a5-b612-44e0-a5e0-84c7ccfbd43f.woff&t=%20EIJLNPSTZ
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb53e5ef9b8c3f1fb6b33895bc87504dc215a5307a9c48706563f75b24da8bc8

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2023 00:09:49 GMT
server
cloudflare
age
4246129
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=0e4550a5-b612-44e0-a5e0-84c7ccfbd43f-subset.woff
cf-ray
849d0146e86b2bb8-FRA
expires
Wed, 04 Dec 2024 00:09:49 GMT
mmt.gif
imps.monu.delivery/
37 B
63 B
Image
General
Full URL
https://imps.monu.delivery/mmt.gif?s=ad49ae27-d15b-4257-8401-f34bde665c73&a=p.l&u=5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 01:36:24 GMT
age
1303334
x-guploader-uploadid
ABPtcPqhOr5a-cRpGs9TACsIJPS6Xy7I6-14TJg1xFUku65kMDBaHJwDCtZW-hDWSYEhPhT_OBdhB1onQRlHad3ANdCPW5Q03lEO
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Tue, 07 Jan 2025 01:36:24 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=299AE613F0784A61B4BED3AE400DF202&RedC=c.clarity.ms&MXFR=124B546F0EAE60222A1040600AAE6E04
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=299AE613F0784A61B4BED3AE400DF202&MUID=38785A06DFA0652D07F74E09DE0C64ED
42 B
442 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=299AE613F0784A61B4BED3AE400DF202&MUID=38785A06DFA0652D07F74E09DE0C64ED
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:38 GMT
last-modified
Wed, 10 Jan 2024 21:11:32 GMT
server
Microsoft-IIS/10.0
etag
"d765ee95944da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:38 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6F8BCE899B4F4656A830AEADDDE77A50 Ref B: FRA31EDGE0108 Ref C: 2024-01-23T03:38:38Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=299AE613F0784A61B4BED3AE400DF202&MUID=38785A06DFA0652D07F74E09DE0C64ED
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401180101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ce30d513c6b00904dbdfb7179f5b7e6b28978087444a3e1b52b0d6f596fb40b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12299
x-xss-protection
0
font
c.bannerflow.net/fs/api/v2/ Frame BA99
6 KB
6 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e55163690c3a51d28cd4986%2Fe08944b7-36a2-4020-a8ca-b77ea636c8e8.woff&t=%0A%20%25015CFHWbeiklmnosuz
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75412df45ad9712385647c7c225ed22d2d34ebfc3f33f8e8a3d98cf93568a1f4

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
HIT
last-modified
Sat, 13 Jan 2024 06:05:47 GMT
server
cloudflare
age
855171
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=e08944b7-36a2-4020-a8ca-b77ea636c8e8-subset.woff
cf-ray
849d014708812bb8-FRA
expires
Sun, 12 Jan 2025 06:05:47 GMT
font
c.bannerflow.net/fs/api/v2/ Frame E0BD
5 KB
5 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e55163690c3a51d28cd4986%2Fe08944b7-36a2-4020-a8ca-b77ea636c8e8.woff&t=%0A%20%25%2B0125CFHSbisuz%C2%A0
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0936158982202f279e4b6004098c59eb61419fda6e25613e80f566d8172df15c

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
HIT
last-modified
Sat, 06 Jan 2024 02:55:44 GMT
server
cloudflare
age
1471374
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=e08944b7-36a2-4020-a8ca-b77ea636c8e8-subset.woff
cf-ray
849d014708822bb8-FRA
expires
Sun, 05 Jan 2025 02:55:44 GMT
font
c.bannerflow.net/fs/api/v2/ Frame BA99
3 KB
3 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e55163690c3a51d28cd4986%2F3f73567c-489a-489d-99c1-aaebffaa3f03.woff&t=%20%25015CFH
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7034155d3cfd461b523a287d5ec4afb67d5a3904b34c0dd98d9ab52ef02f5c6b

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2023 00:21:15 GMT
server
cloudflare
age
4245443
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=3f73567c-489a-489d-99c1-aaebffaa3f03-subset.woff
cf-ray
849d0147389b2bb8-FRA
expires
Wed, 04 Dec 2024 00:21:15 GMT
font
c.bannerflow.net/fs/api/v2/ Frame E0BD
1 KB
1 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e55163690c3a51d28cd4986%2F3f73567c-489a-489d-99c1-aaebffaa3f03.woff&t=%0A
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e432a20aad47702cea9a13b047e1b86b04d0374f9b41157af7916498c93cd498

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2023 10:40:22 GMT
server
cloudflare
age
4208296
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=3f73567c-489a-489d-99c1-aaebffaa3f03-subset.woff
cf-ray
849d0147389f2bb8-FRA
expires
Wed, 04 Dec 2024 10:40:22 GMT
optimize
c.bannerflow.net/io/api/image/ Frame 3150
3 KB
3 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsoft2bet%2F63e10827ee6588a96cb203e2%2Fimages%2F99778680-4e27-4687-a836-22e7b38772e6.png&w=728&h=90&q=85&f=webp&rt=cover&x1=0&y1=512&x2=3164&y2=903
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa7ccbe33d2d4f6baf2d49e9bd66ca2ff1543fa59881379b06e3fbc9aaf6d91

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
HIT
last-modified
Mon, 22 Jan 2024 22:33:48 GMT
api-supported-versions
2.0
server
cloudflare
age
18290
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
849d014768b49b95-FRA
content-length
3376
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame 3150
7 KB
8 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsoft2bet%2F63e10827ee6588a96cb203e2%2Fimages%2F636ad744-405b-4b0d-b7ea-afce30438df2.png&w=220&h=122&q=85&f=webp&rt=cover&x1=0&y1=13&x2=1015&y2=576
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7257293d730b2ec1ab33b00a4ef7d4d5808982f17387efceec22c9a85624388f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
HIT
last-modified
Mon, 22 Jan 2024 05:45:12 GMT
api-supported-versions
2.0
server
cloudflare
age
78806
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
849d014768b59b95-FRA
content-length
7534
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame 3150
4 KB
4 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsoft2bet%2F63e10827ee6588a96cb203e2%2Fimages%2F09291d06-dcf8-4ae0-b158-1f92bc0025ca.png&w=192&h=89&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0d8e333ef3fc5f777c1dcabab5ec4780dbb61995ceafc2330c6a77a2bea693

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
HIT
last-modified
Mon, 22 Jan 2024 05:45:12 GMT
api-supported-versions
2.0
server
cloudflare
age
78806
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
849d014768b69b95-FRA
content-length
4054
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
718978cb-1bbe-46c8-84f6-ca71404c593b.svg
c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/images/ Frame 3150
5 KB
2 KB
Image
General
Full URL
https://c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/images/718978cb-1bbe-46c8-84f6-ca71404c593b.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e425bf4d1c295fd075a6ebf444bfaeab7080a8339e4a7e47e62aee628b804481

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 Jan 2024 03:38:38 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
Db0Tk7SBHMHJjRljvElfKA==
age
1119
x-ms-lease-status
unlocked
last-modified
Mon, 06 Feb 2023 14:10:12 GMT
server
cloudflare
etag
W/"0x8DB084BDCB079C6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
1b4d3350-901e-0012-63d8-2eae03000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
849d014768b79b95-FRA
718978cb-1bbe-46c8-84f6-ca71404c593b.svg
c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/images/ Frame C3C3
5 KB
2 KB
Image
General
Full URL
https://c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/images/718978cb-1bbe-46c8-84f6-ca71404c593b.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e425bf4d1c295fd075a6ebf444bfaeab7080a8339e4a7e47e62aee628b804481

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 Jan 2024 03:38:38 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
Db0Tk7SBHMHJjRljvElfKA==
age
1119
x-ms-lease-status
unlocked
last-modified
Mon, 06 Feb 2023 14:10:12 GMT
server
cloudflare
etag
W/"0x8DB084BDCB079C6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
1b4d3350-901e-0012-63d8-2eae03000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
849d014778bb9b95-FRA
optimize
c.bannerflow.net/io/api/image/ Frame C3C3
5 KB
5 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsoft2bet%2F63e10827ee6588a96cb203e2%2Fimages%2F99778680-4e27-4687-a836-22e7b38772e6.png&w=300&h=600&q=85&f=webp&rt=cover&x1=1375&y1=0&x2=2083&y2=1416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4edaf9f06bb71a5ce5a1daa73d3606e0506d86d3d2b847b6bb333a92b848fca

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
HIT
last-modified
Mon, 22 Jan 2024 08:50:01 GMT
api-supported-versions
2.0
server
cloudflare
age
67717
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
849d014788bc9b95-FRA
content-length
5200
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame C3C3
35 KB
35 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsoft2bet%2F63e10827ee6588a96cb203e2%2Fimages%2Fceebb2e6-55a1-4847-9230-1690115833cc.png&w=321&h=282&q=85&f=webp&rt=cover&x1=166&y1=0&x2=1392&y2=1077
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edd1217d26d4d7d337f8c8063b66e04daf73759097e1dc2be5921840b3ee84b7

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
HIT
last-modified
Mon, 22 Jan 2024 17:34:31 GMT
api-supported-versions
2.0
server
cloudflare
age
36247
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
849d014788be9b95-FRA
content-length
35514
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame C3C3
65 KB
65 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsoft2bet%2F63e10827ee6588a96cb203e2%2Fimages%2Fdb108e80-6970-43ef-9435-8c6e55f63825.png&w=300&h=600&q=85&f=webp&rt=cover&x1=582&y1=0&x2=1124&y2=1084
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df9f9cfb272c731cdf1d1512b5b895a6e6251ba980de3e5a22324ea112d529a8

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
HIT
last-modified
Mon, 22 Jan 2024 08:50:44 GMT
api-supported-versions
2.0
server
cloudflare
age
67674
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
849d014788bf9b95-FRA
content-length
66344
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Jan 2024 03:38:38 GMT
truncated
/ Frame 31A6
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
e3e79e37-4a44-474d-a74c-4b418274bdf2
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/ Frame DDD2
668 B
0
Script
General
Full URL
blob:https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/e3e79e37-4a44-474d-a74c-4b418274bdf2
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
668
Content-Type
font
c.bannerflow.net/fs/api/v2/ Frame 31A6
6 KB
6 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e55163690c3a51d28cd4986%2Fa7f3c79f-6e75-4b61-b7ae-54a23c682f4e.woff&t=%20%2B18Baegilnoprstuvw%7C
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35595ffe49947fe70d49915c759eacd2084d96335f6903aed8567fcf4a5a9321

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
HIT
last-modified
Fri, 08 Dec 2023 11:19:19 GMT
server
cloudflare
age
3946759
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=a7f3c79f-6e75-4b61-b7ae-54a23c682f4e-subset.woff
cf-ray
849d0147a8c72bb8-FRA
expires
Sat, 07 Dec 2024 11:19:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5D19
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
62931
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Jan 2024 10:09:47 GMT
expires
Tue, 21 Jan 2025 10:09:47 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 963A
829 B
948 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4811255bf4b6f8efa88b7b0609189c60d5d1e8e3e996ee0a107df8d8401cee1c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-So_ap3YzqTXDMZ2lBNMjVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://folkd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-So_ap3YzqTXDMZ2lBNMjVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 03:38:38 GMT
expires
Tue, 23 Jan 2024 03:38:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
font
c.bannerflow.net/fs/api/v2/ Frame 31A6
3 KB
3 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e55163690c3a51d28cd4986%2F0e4550a5-b612-44e0-a5e0-84c7ccfbd43f.woff&t=%20EJNTWZ
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b762f381a52cb44d27b1c836333547a4d866472f0d4b0a765da5be19bcda6d30

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2023 00:15:39 GMT
server
cloudflare
age
4245779
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=0e4550a5-b612-44e0-a5e0-84c7ccfbd43f-subset.woff
cf-ray
849d0147e8dc2bb8-FRA
expires
Wed, 04 Dec 2024 00:15:39 GMT
font
c.bannerflow.net/fs/api/v2/ Frame 31A6
8 KB
8 KB
Font
General
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F5e55163690c3a51d28cd4986%2Fe08944b7-36a2-4020-a8ca-b77ea636c8e8.woff&t=%0A%20%25-015BCEFHLSWabegiklnoprstuvz%C2%A0
Requested by
Host: 428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
URL: https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b05917fc94ad80f762de7a9032b1b8ec4b4a0c85a0e85a3ebf2b46961832080

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
Origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2023 04:49:09 GMT
server
cloudflare
age
4229369
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=e08944b7-36a2-4020-a8ca-b77ea636c8e8-subset.woff
cf-ray
849d014808e82bb8-FRA
expires
Wed, 04 Dec 2024 04:49:09 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 5D19
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 10:08:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
63006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Jan 2025 10:08:32 GMT
optimize
c.bannerflow.net/io/api/image/ Frame 0ABA
3 KB
3 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsoft2bet%2F63e10827ee6588a96cb203e2%2Fimages%2F99778680-4e27-4687-a836-22e7b38772e6.png&w=728&h=90&q=85&f=webp&rt=cover&x1=0&y1=512&x2=3164&y2=903
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa7ccbe33d2d4f6baf2d49e9bd66ca2ff1543fa59881379b06e3fbc9aaf6d91

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
HIT
last-modified
Mon, 22 Jan 2024 22:33:48 GMT
api-supported-versions
2.0
server
cloudflare
age
18290
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
849d014859159b95-FRA
content-length
3376
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
718978cb-1bbe-46c8-84f6-ca71404c593b.svg
c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/images/ Frame 0ABA
5 KB
2 KB
Image
General
Full URL
https://c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/images/718978cb-1bbe-46c8-84f6-ca71404c593b.svg
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.b105a4e6577fb08357fd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e425bf4d1c295fd075a6ebf444bfaeab7080a8339e4a7e47e62aee628b804481

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 Jan 2024 03:38:38 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
Db0Tk7SBHMHJjRljvElfKA==
age
1119
x-ms-lease-status
unlocked
last-modified
Mon, 06 Feb 2023 14:10:12 GMT
server
cloudflare
etag
W/"0x8DB084BDCB079C6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
1b4d3350-901e-0012-63d8-2eae03000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
849d014859189b95-FRA
optimize
c.bannerflow.net/io/api/image/ Frame 0ABA
11 KB
11 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsoft2bet%2F63e10827ee6588a96cb203e2%2Fimages%2F87c53cc3-c6ee-4dcb-8dd7-c6a38a5091aa.png&w=406&h=286&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ff08560f14f7f0870d28f0ab67261cd4eb22a267b26dd7612734bc8b2e92bc2

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
HIT
last-modified
Tue, 23 Jan 2024 02:40:30 GMT
api-supported-versions
2.0
server
cloudflare
age
3488
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
849d0148591a9b95-FRA
content-length
11456
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame 0ABA
24 KB
24 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsoft2bet%2F63e10827ee6588a96cb203e2%2Fimages%2F965776cc-50f2-4049-87a2-42d6b90aafc0.png&w=495&h=402&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1fc09ab10d5d51017d62ad3ed8c21d24b774100f033dde2f3162a2ce7ddc671

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
HIT
last-modified
Mon, 22 Jan 2024 03:59:07 GMT
api-supported-versions
2.0
server
cloudflare
age
85171
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
849d0148591b9b95-FRA
content-length
24524
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame 0ABA
3 KB
3 KB
Image
General
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fsoft2bet%2F63e10827ee6588a96cb203e2%2Fimages%2F09291d06-dcf8-4ae0-b158-1f92bc0025ca.png&w=179&h=54&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f769320c043fcac039c1b87ae5104b22b4b419b02c61c71e85d1425f8093fedf

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
HIT
last-modified
Tue, 23 Jan 2024 00:24:58 GMT
api-supported-versions
2.0
server
cloudflare
age
11620
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
849d0148591c9b95-FRA
content-length
3070
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
aa4ee62946324ba4817b47761337afec_main-banner-bg-1.mp4
c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/videos/ Frame 0ABA
169 KB
169 KB
Media
General
Full URL
https://c.bannerflow.net/accounts/soft2bet/63e10827ee6588a96cb203e2/videos/aa4ee62946324ba4817b47761337afec_main-banner-bg-1.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ec4093f0b63f24ebd5718ef66e318e7b9e4232b9c51e24a833d3de754e3e4f1

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 23 Jan 2024 03:38:38 GMT
cf-cache-status
HIT
content-md5
V2myp6u/ZcEdxOQ+QhcjMQ==
age
6427
Content-Range
bytes 0-172779/172780
Content-Length
172780
x-ms-lease-status
unlocked
last-modified
Wed, 24 May 2023 13:18:44 GMT
server
cloudflare
etag
"0x8DB5C59663DC41F"
vary
Accept-Encoding
content-type
video/mp4
access-control-allow-origin
*
x-ms-request-id
0f350e88-e01e-0027-7733-27c217000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2011-08-18
cf-ray
849d014879269b95-FRA
sodar
pagead2.googlesyndication.com/pagead/ Frame 963A
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401180101&jk=3801837833584460&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 5D19
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?XXTvdA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C20C
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1672410928112&version=m202309260101&ct=77&x=13&cor=13360751143494547000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DC66
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7811168493908&version=m202309260101&ct=77&x=13&cor=14407094710569122000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C74
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7064555535844&version=m202309260101&ct=77&x=13&cor=16293252838205310000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ax.php
a.gsitrix.com/js/ Frame 0D13
0
0
Fetch
General
Full URL
https://a.gsitrix.com/js/ax.php
Requested by
Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=418192&ca=25&p=&av=2&pu=50003&as=0&uv=&id=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://min.tryiqos.ch/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://min.tryiqos.ch
date
Tue, 23 Jan 2024 03:38:39 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
0
access-control-allow-methods
*
dt
dt.adsafeprotected.com/ Frame DE85
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=8095&asId=734c5183-433c-0410-aefa-573050149c45&tv=%7Bc:25LIhr,pingTime:1,time:3410,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:253%7D,%7Bpiv:100,vs:i,r:,t:2410%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1000,o:2410,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:253,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2173~0,0~100%5D,as:%5B2173~300.600%5D%7D%7D,%7Bsl:i,t:2410,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:196,fm:u29AU4D+11%7C12%7C13%7C14111%7C14112%7C141131%7C141132%7C141133%7C141134%7C141135%7C14114%7C14115%7C14116%7C14117%7C1412%7C1413%7C1414%7C1415%7C15%7C16%7C171*.8095%7C1711%7C1811%7C1911%7C1a%7C1b%7C1c%7C1d,idMap:171*,rmeas:1,rend:1,renddet:IMG.qs,siq:254,sis:390%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:e315:15fa:9bb4:390c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:39 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame DE85
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=8095&asId=734c5183-433c-0410-aefa-573050149c45&tv=%7Bc:25LIhs,pingTime:1,time:3411,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:253%7D,%7Bpiv:100,vs:i,r:,t:2410%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1001,o:2410,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:253,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2173~0,0~100%5D,as:%5B2173~300.600%5D%7D%7D,%7Bsl:i,t:2410,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:196,fm:u29AU4D+11%7C12%7C13%7C14111%7C14112%7C141131%7C141132%7C141133%7C141134%7C141135%7C14114%7C14115%7C14116%7C14117%7C1412%7C1413%7C1414%7C1415%7C15%7C16%7C171*.8095%7C1711%7C1811%7C1911%7C1a%7C1b%7C1c%7C1d,idMap:171*,rmeas:1,rend:1,renddet:IMG.qs,siq:254,sis:390,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:e315:15fa:9bb4:390c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:39 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame DE85
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=8095&asId=734c5183-433c-0410-aefa-573050149c45&tv=%7Bc:25LIhs,pingTime:1,time:3411,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:253%7D,%7Bpiv:100,vs:i,r:,t:2410%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1001,o:2410,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:253,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2173~0,0~100%5D,as:%5B2173~300.600%5D%7D%7D,%7Bsl:i,t:2410,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:196,fm:u29AU4D+11%7C12%7C13%7C14111%7C14112%7C141131%7C141132%7C141133%7C141134%7C141135%7C14114%7C14115%7C14116%7C14117%7C1412%7C1413%7C1414%7C1415%7C15%7C16%7C171*.8095%7C1711%7C1811%7C1911%7C1a%7C1b%7C1c%7C1d,idMap:171*,rmeas:1,rend:1,renddet:IMG.qs,siq:254,sis:390,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:e315:15fa:9bb4:390c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:39 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ax.php
a.gsitrix.com/js/ Frame 3D1C
0
0
Fetch
General
Full URL
https://a.gsitrix.com/js/ax.php
Requested by
Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=414281&ca=25&p=&av=2&pu=50003&as=0&uv=&id=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediaintelligence.de/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://mediaintelligence.de
date
Tue, 23 Jan 2024 03:38:39 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
0
access-control-allow-methods
*
activeview
pagead2.googlesyndication.com/pcs/ Frame 7C9A
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjQVLPQiyLpsmFdnjaZfFy-QLth9N9pW_sEipjodKxUs_uR8nWgg6QM_g98iGmfMmcR0ik--0rNKh_U1EnGUHS_2wvkzcH9WCDyJdKiEI1iG6Fi3LDoTrhAXuCwLd5OLMwTrx_dOMlr0QKJ6TuUCMlrAUX&sig=Cg0ArKJSzGUcyup57zOBEAE&id=lidar2&mcvt=1000&p=164,1140,764,1440&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1824908011&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705981114661&rpt=3523&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0776
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4574284053670&version=m202309260101&ct=77&x=13&cor=8979418068587765000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0776
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstn9Kq5gbnbwByH49x9Gp41pYLNYP1XilFLjGdMz65Y7q5TXPh0ffXShDAokOZLN5E9JFrqg10N-dabDzLVcXWJPcFJsauOjoRZp4wOApyPSeCh123HskQTyZmGJCg&sig=Cg0ArKJSzC8XOJwg8SOyEAE&id=lidar2&mcvt=1020&p=0,0,90,728&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20240117&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=2232634997&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705981115644&rpt=2550&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AC9E
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1557010678775&version=m202309260101&ct=77&x=13&cor=11442618358939790000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:39 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401180101&jk=3801837833584460&bg=!vL-lv_DNAAa8BdJLnAU7ADQBe5WfOCTDcUfV0L4880H3gU2k_Hius_DisTdi5Zd3QtxJ3Zb_7hGipNm7seVZoOmER_KZAgAAAF9SAAAAA2gBBwoAWW1xdxm2EMETbPTYghc68N0BVfkeRF8yLRGzWMLSSL8fMniVovDhfTqlGo8NEeKxr2ljCawhyyAMqamQHskkDcmAw1Tryol1IG7YT-Ci84Ra4o08hWWrGDHXmQKp5RIfYCPX4qUD3AzPr5a96M7Ja9O9oSlDSD1tJwIG_Hv778mIm6d9M7RMNcZtp5pLMRAhiU3m2YEEZWhM3RP06Y8L8TNaYv12TTO1iEODmxNoGEGtM7Ljaj6nBCqTUzY2Yp-MR2vpQ8qcVpaQrxMdFJMLEswPbGnww47XOO9nqQfB4N4mj1mYMPIJ9vmLoze5fyPXMIhQrCYmNXH5ElO4rCz5IDveMBW0h7p-vVU1qrDqaSHjRzMOCxRdXiTZrdAt4OodMuncgSmHdTwhTUfzLQI40aTSQbkvC5X8BFIijO26Rj2GjNtoNlxOtgHhimM0H33XBmdVxWqjRPs93r3zDGxlCCA1iBSoTfIfV33e0VnzJbQeFaiWyO_nqZUWhnimYqQSDEulO1CLCb8NBbpiKeBPB-vb5KKvZPCRiqYw3Yu3eP1IhtpvHdyypkv6F4VBXsQI1LDrilR8soMHRD931GMOTtIRD9dcv4nryL1WrpFfKafLlaKXl1Mv-R4utJZHbBBmUcRhLLDF3PcNzdMaoWyITf8bQ_vdgO3t-dEpjZ26WUqHPReBN2rUo04kgvD-71DL4Q5kDtFZRuYdYI7D5YV6thjcru1RjWuwmRYmKHfSIRvrEuTtDZYXh-3p1thafTMK3dFROlrMdTpPUIuQ4PgO1S_ZqeT8sZRKAxOxtwHGyEaCdxbAEOaj4uwt52tT2RfYJ9XY8urQhbijD1wJg2c-5x-VWCGzL8yth6aoY7XdfzMcVGZTD2aC6ndpuL0EemR0ypnOf_L6-aN4RcB1_e1p303ZspaPLIikGzHv75svnmLQ-E22CFcMCsxu1NjGLcRRic298PSXZvhm9S1ZepwQb4rB6Q4gCWBCjtF4b8Tc5LeumIPNtCL2gTwVYU989JZuF8-mlWV7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://folkd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-7BR5TDFFPC&gtm=45je41h0v9135293448&_p=1705981112747&gcd=11l1l1l1l1&dma=0&cid=1374325086.1705981113&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1705981112&sct=1&seg=0&dl=https%3A%2F%2Ffolkd.com%2F&dt=Bookmarks%20are%20%E2%9D%A4%EF%B8%8F%F0%9F%9A%80%F0%9F%92%AF!&_s=2&tfd=7236
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7BR5TDFFPC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://folkd.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame A384
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156972&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame CBB8
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
track.adform.net/serving/unload/ Frame DE85
35 B
626 B
Ping
General
Full URL
https://track.adform.net/serving/unload/?version=15&unload=7283273328877549246@@67903450,7908554443344637209,100|4161|0|0|0|0|0|0|0||390|1|||||1|0|0|91KNwdprm2OoMC9hkrxj6fAIvDFw60doWEk-ZQdVsWbRO4FquEGOJuO94vyO_CUDhHdG2ihdh6to4kOyoBiwbg2|||01||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
PugMaster
image6.pubmatic.com/AdServer/ Frame A384
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=81616488&p=156972&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
2e3d658ff059ad0c287b5e14a5b80a96c010305fa29eadef264730019d31f361

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 23 Jan 2024 03:38:39 GMT
content-length
1802
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 7E3D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2380373011570053850&gdpr=0&gdpr_consent=
42 B
421 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2380373011570053850&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 23 Jan 2024 03:38:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
d0d65727-8528-448c-bde0-eede9095038d
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 03:38:40 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2380373011570053850&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
149.88.27.82; 149.88.27.82; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 53DB
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7327133105123162272&gdpr=0&gdpr_consent=
42 B
320 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7327133105123162272&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 23 Jan 2024 03:38:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Tue, 23 Jan 2024 03:38:40 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7327133105123162272&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame C7F9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433832264167376&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
245 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 03:38:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 03:38:40 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=75dfa792-243c-4814-8e47-a1f76ddeb89e&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame DB94
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tAfc8mllVrldEoksSbg9lJVYG1I&gdpr=0&gdpr_consent=
42 B
296 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tAfc8mllVrldEoksSbg9lJVYG1I&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 23 Jan 2024 03:38:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 23 Jan 2024 03:38:40 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=tAfc8mllVrldEoksSbg9lJVYG1I&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 456D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAACx07LXmkAABMh1hX3Cw&gdpr=0&gdpr_consent=
42 B
200 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAACx07LXmkAABMh1hX3Cw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 23 Jan 2024 03:38:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 23 Jan 2024 03:38:40 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAACx07LXmkAABMh1hX3Cw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 4AB9
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9064062763748439557
42 B
342 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9064062763748439557
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 23 Jan 2024 03:38:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9064062763748439557
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 7901
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433832264167376
42 B
195 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433832264167376
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 23 Jan 2024 03:38:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 23 Jan 2024 03:38:40 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433832264167376
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
image2.pubmatic.com/AdServer/ Frame F36C
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdb73d62c9631481b952ab4182d9b5058
42 B
359 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdb73d62c9631481b952ab4182d9b5058
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 23 Jan 2024 03:38:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 03:38:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUdb73d62c9631481b952ab4182d9b5058
pragma
no-cache
server
Tengine
Pug
simage2.pubmatic.com/AdServer/ Frame 7932
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 03:38:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 23 Jan 2024 03:38:40 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 213E
85 B
396 B
Document
General
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 23 Jan 2024 03:38:40 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6972-MXP
x-timer
S1705981121.878430,VS0,VE98
bridge
cm.adgrx.com/ Frame F2E2
43 B
282 B
Document
General
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.181 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Tue, 23 Jan 2024 03:38:40 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-8
Pug
image2.pubmatic.com/AdServer/ Frame D87F
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=8e04288e8c117de2/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=1b820cc9a3dab29a3de22b1110b64b33&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0E2y59DCSnaWXSSnSjbbTQnX&gdpr=0&gdpr_consent=
42 B
282 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0E2y59DCSnaWXSSnSjbbTQnX&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 23 Jan 2024 03:38:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=0E2y59DCSnaWXSSnSjbbTQnX&gdpr=0&gdpr_consent=
PugMaster
image6.pubmatic.com/AdServer/ Frame BD07
1 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=87326671&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
89ed24333afffa10aa495a82a6734ecf2f8d3dee072708e685d7ac4380146347

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 23 Jan 2024 03:38:40 GMT
content-length
1254
content-type
text/html; charset=UTF-8
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame A23D
0
0

cookiesync
core.iprom.net/ Frame DC61
43 B
276 B
Document
General
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 23 Jan 2024 03:38:41 GMT
Vary
Accept-Encoding
X-adserver-worker
molok-bf5392258109@version_1.582
X-core-time
0ms
X-server-arch
v2
cm
ipac.ctnsnet.com/int/ Frame B997
43 B
304 B
Document
General
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 23 Jan 2024 03:38:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
i.match
s.tribalfusion.com/z/ Frame E818
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
426 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
849d015748828fdd-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 23 Jan 2024 03:38:41 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
849d0156080b8fdd-FRA
content-type
text/html
date
Tue, 23 Jan 2024 03:38:41 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
5583
pubmatic
ad.mrtnsvr.com/sync/ Frame CF97
0
0

pub
matching.truffle.bid/sync/ Frame DF52
0
0
Document
General
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 23 Jan 2024 03:38:40 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame E8CF
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:16455E92FD404CD9B119B145B419BAA5&gdpr=0&gdpr_consent=
1 B
53 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:16455E92FD404CD9B119B145B419BAA5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 03:38:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Tue, 23 Jan 2024 03:38:40 GMT
expires
Mon, 22 Jan 2024 03:38:40 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:16455E92FD404CD9B119B145B419BAA5&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame FB60
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1705981121005
  • https://ad.turn.com/r/cs?pid=45&rndcb=4699507715
  • https://sync.1rx.io/usersync/turn/3205897004932985690?dspret=1&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-7a68961c-d19d-4a2e-9a6e-42f6f3718bd4-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7a68961c-d19d-4a2e-9a6e-42f6f3718bd4-003
42 B
254 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7a68961c-d19d-4a2e-9a6e-42f6f3718bd4-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 23 Jan 2024 03:38:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-type
text/html
date
Tue, 23 Jan 2024 03:38:41 GMT
etag
RX7a68961cd19d4a2e9a6e42f6f3718bd4003
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-7a68961c-d19d-4a2e-9a6e-42f6f3718bd4-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
usersync
x.serverbid.com/ Frame 8B2F
0
0
Document
General
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=7BC00642-7252-4DDF-B9FE-EF913FD24BAB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ads.pubmatic.com
access-control-max-age
10080
date
Tue, 23 Jan 2024 03:38:40 GMT
collect
r.clarity.ms/
0
289 B
XHR
General
Full URL
https://r.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://folkd.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://folkd.com
Date
Tue, 23 Jan 2024 03:38:41 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
event.png
tpsc-ew1.doubleverify.com/ Frame 83E0
0
295 B
Ping
General
Full URL
https://tpsc-ew1.doubleverify.com/event.png?impid=2c78c7d839804212bbf43ea63aeb3591&flavor=0&gdpr=&gdpr_consent=&ee_dp_omvk=doubleverify.com-omid&ee_dp_isom=1&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_csc=1&ee_dp_cspf=1&vdur=151&eoid=21&te_strt=1&te_init=7&te_sup=0&te_exec=0&msrjs=5275&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=101&tetms=4&msltms=53&vltms=151&sei=289&vetms=20&tuviims=93&tuviems=264&engms=1&engisel=1&ee_dp_ddtes=1&dvp_dtcov=4&sim=3&msrcanlm=264&msrcannum=2&ee_dp_tmads=2285&ismms=30&isumms=30&nvr=2&isgmmims=30&isgmv4mims=30&elmtp=4&isbxdms=2230&b0=2394&dvp_vsosnmr=3&lftb=2394&sftb=2394&naral=256&vct=512&vphgt=1200&vpwdth=1600&chgt=0&cwdth=0&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=30&dvp_dpr=1&vstsz=756&ee_dp_cvcmeeid=1&metp=1&meeid=1&dvp_itg=HEAD%3A1%2CBODY%3A1%2CIFRAME%3A16%2CSCRIPT%3A3%2CDIV%3A2%2C&ttfurm=3184
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5275.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://min.tryiqos.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://min.tryiqos.ch
Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:41 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2024-01-22T03:38:41
event.png
tpsc-ew1.doubleverify.com/ Frame 1102
0
301 B
Ping
General
Full URL
https://tpsc-ew1.doubleverify.com/event.png?impid=ab32b99bee4d435d81cfe955d9f1b024&flavor=0&gdpr=&gdpr_consent=&ee_dp_omvk=doubleverify.com-omid&ee_dp_isom=1&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_csc=1&ee_dp_cspf=1&vdur=42&eoid=21&te_strt=1&te_init=7&te_sup=0&te_exec=0&msrjs=5275&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=79&tetms=4&msltms=30&vltms=42&sei=289&vetms=46&tuviims=52&tuviems=140&engms=1&engisel=1&ee_dp_ddtes=1&dvp_dtcov=4&sim=3&msrcanlm=264&msrcannum=2&ee_dp_tmads=2198&ismms=15&isumms=15&nvr=2&isgmmims=15&isgmv4mims=15&elmtp=4&isbxdms=2115&b0=2233&dvp_vsosnmr=3&lftb=2233&sftb=2233&naral=256&vct=512&vphgt=1200&vpwdth=1600&chgt=0&cwdth=0&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=15&dvp_dpr=1&vstsz=757&ee_dp_cvcmeeid=1&metp=1&meeid=1&dvp_itg=HEAD%3A1%2CBODY%3A1%2CSTYLE%3A1%2CSCRIPT%3A7%2CDIV%3A3%2CIFRAME%3A15%2C&ttfurm=3099
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5275.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
5.44.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mediaintelligence.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://mediaintelligence.de
Pragma
no-cache
Date
Tue, 23 Jan 2024 03:38:41 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true, true
Connection
keep-alive
Expires
2024-01-22T03:38:41
/
track.adform.net/serving/unload/ Frame DEEE
35 B
626 B
Ping
General
Full URL
https://track.adform.net/serving/unload/?version=15&unload=7283273328877549246@@67903448,7038109118538567409,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|Aq_-tJYpCVWoMC9hkrxj6fAIvDFw60doWEk-ZQdVsWZXI5HcFxCoYeO94vyO_CUDhHdG2ihdh6to4kOyoBiwbg2|||11||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 66E3
35 B
626 B
Ping
General
Full URL
https://track.adform.net/serving/unload/?version=15&unload=7283273328877549246@@67903448,247590661946345831,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|Aq_-tJYpCVWoMC9hkrxj6fAIvDFw60doWEk-ZQdVsWaOb_i9F_oMdOO94vyO_CUDhHdG2ihdh6to4kOyoBiwbg2|||11||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 1CF0
35 B
626 B
Ping
General
Full URL
https://track.adform.net/serving/unload/?version=15&unload=7283273328877549246@@67903448,6618431844886327278,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|Aq_-tJYpCVWoMC9hkrxj6fAIvDFw60doWEk-ZQdVsWYu4MTTRbaEXeO94vyO_CUDhHdG2ihdh6to4kOyoBiwbg2|||11||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
ax.php
a.gsitrix.com/js/ Frame 3D1C
0
0
Fetch
General
Full URL
https://a.gsitrix.com/js/ax.php
Requested by
Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=414281&ca=25&p=&av=2&pu=50003&as=0&uv=&id=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediaintelligence.de/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://mediaintelligence.de
date
Tue, 23 Jan 2024 03:38:42 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
0
access-control-allow-methods
*
/
track.adform.net/serving/unload/ Frame 5646
35 B
626 B
Ping
General
Full URL
https://track.adform.net/serving/unload/?version=15&unload=7283273328877549246@@67903448,5006799816590422084,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|Aq_-tJYpCVWoMC9hkrxj6fAIvDFw60doWEk-ZQdVsWYnsLg4NYGZouO94vyO_CUDhHdG2ihdh6to4kOyoBiwbg2|||11||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 8CA3
35 B
626 B
Ping
General
Full URL
https://track.adform.net/serving/unload/?version=15&unload=7283273328877549246@@67903448,3989707478740043080,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|Aq_-tJYpCVWoMC9hkrxj6fAIvDFw60doWEk-ZQdVsWYTiSPm8x5x8uO94vyO_CUDhHdG2ihdh6to4kOyoBiwbg2|||11||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
SPug
simage4.pubmatic.com/AdServer/ Frame A384
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156972&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:41 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame BD07
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156319&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 03:38:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ax.php
a.gsitrix.com/js/ Frame 0D13
0
0
Fetch
General
Full URL
https://a.gsitrix.com/js/ax.php
Requested by
Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=418192&ca=25&p=&av=2&pu=50003&as=0&uv=&id=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://min.tryiqos.ch/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://min.tryiqos.ch
date
Tue, 23 Jan 2024 03:38:42 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
0
access-control-allow-methods
*
dt
dt.adsafeprotected.com/ Frame DE85
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=8095&asId=734c5183-433c-0410-aefa-573050149c45&tv=%7Bc:25LJk7,pingTime:5,time:7420,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:253%7D,%7Bpiv:100,vs:i,r:,t:2410%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5010,o:2410,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:253,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2173~0,0~100%5D,as:%5B2173~300.600%5D%7D%7D,%7Bsl:i,t:2410,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5010~100%5D,as:%5B5010~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:198,fm:u29AU4D+11%7C12%7C13%7C14111%7C14112%7C141131%7C141132%7C141133%7C141134%7C141135%7C14114%7C14115%7C14116%7C14117%7C1412%7C1413%7C1414%7C1415%7C15%7C16%7C171*.8095%7C1711%7C1811%7C1911%7C1a%7C1b%7C1c%7C1d,idMap:171*,rmeas:1,rend:1,renddet:IMG.qs,siq:254,sis:390%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:e315:15fa:9bb4:390c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 03:38:43 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
PugMaster
image6.pubmatic.com/AdServer/ Frame BD07
47 B
167 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=97755742&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 23 Jan 2024 03:38:43 GMT
content-length
47
content-type
text/html; charset=UTF-8
usersync
x.serverbid.com/ Frame AD9B
0
0
Document
General
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=7BC00642-7252-4DDF-B9FE-EF913FD24BAB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&p=156319&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ads.pubmatic.com
access-control-max-age
10080
date
Tue, 23 Jan 2024 03:38:43 GMT
ax.php
a.gsitrix.com/js/ Frame 3D1C
0
0
Fetch
General
Full URL
https://a.gsitrix.com/js/ax.php
Requested by
Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=414281&ca=25&p=&av=2&pu=50003&as=0&uv=&id=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediaintelligence.de/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://mediaintelligence.de
date
Tue, 23 Jan 2024 03:38:45 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
0
access-control-allow-methods
*
ax.php
a.gsitrix.com/js/ Frame 0D13
0
0
Fetch
General
Full URL
https://a.gsitrix.com/js/ax.php
Requested by
Host: a.gsitrix.com
URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=418192&ca=25&p=&av=2&pu=50003&as=0&uv=&id=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.195.93.95 Frankfurt am Main, Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://min.tryiqos.ch/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://min.tryiqos.ch
date
Tue, 23 Jan 2024 03:38:46 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
0
access-control-allow-methods
*

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.avct.cloud
URL
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex
Domain
ads.avct.cloud
URL
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

402 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 undefined| coalias_debug undefined| e undefined| t undefined| r undefined| o undefined| a undefined| n object| script string| target_url_hostname string| REQUEST_HOSTNAME_ORIGINAL string| route_jwt function| xhr_coalias_open string| basePath function| addBasePathToRelativeUrls string| bubble_session_uid object| headers_source_maps object| load_error_log object| _bubble_page_load_data object| webfont object| WebFont function| FontFaceObserver string| gm_key boolean| glrl_key_status string| bubble_page_load_id string| bubble_plp_token string| _p string| bubble_page_name function| $ function| jQuery string| bubble_bundle_name object| Base64 object| BrowserDetect function| highlight_dom_changes function| local_storage_fallback object| u function| appquery function| google_web_fonts_active_cb function| fontface_webfonts_loaded_cb function| setImmediate function| clearImmediate object| element_performance_counts function| kill_notifier_socket function| restore_notifier_socket number| server_time_offset object| client_db object| safe_require object| testing function| authenticate_as object| document_ready_key function| display_page function| switch_page object| preloaded object| _bubble_watcher_cache number| bubble_version object| __code__ object| optional_modules object| plugins object| bubble_run_derived object| app object| b object| d object| translation_data object| language_data string| application_language function| Lib function| everything_ready function| wait_for_everything object| iziToast function| XanoBaseStorage function| XanoClient function| XanoCookieStorage function| XanoLocalStorage function| XanoObjectStorage function| XanoSessionStorage function| gtag object| dataLayer function| clarity boolean| google_web_fonts_active object| fontface_loaded boolean| all_fontface_loaded object| google_tag_manager object| google_tag_data object| googletag object| gaGlobal object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| $MMT string| c object| adpushup number| render_end_timestamp function| bubble_fn_nav function| bubble_fn_cookieSet function| xDomainCookie string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| apstag object| adpTags object| recaptcha function| confiantWrap object| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet object| ifvisible object| _aps object| _qevents boolean| apstagLOADED object| apscustom object| _apPbJsChunk string| nobidVersion object| nobid object| lotame_sync_16576 object| cnvr_launcher_options boolean| creativeVendorLibraryLoaded function| quantserve function| __qc object| ezt object| _qoptions object| confiant object| ggeac object| google_js_reporting_queue object| plObj function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| conversant object| ID5 object| __id5_instances object| __bt object| __bt_intrnl object| __bt_tag_d object| __bt_tag_am undefined| google_measure_js_timing object| google_reactive_ads_global_state number| google_unique_id function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| __uid2SecureSignalProvider object| __uid2 object| regeneratorRuntime object| ox_esp object| publink_options object| signal_decrypted object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_149 object| Criteo object| Criteo_identitytag_149 object| coreid object| adSizes object| GoogleGcLKhOms object| google_image_requests

247 Cookies

Domain/Path Name / Value
.ad4m.at/cookie-frame.html Name: userId
Value: 0j4IuPenGUNBlHR1AMSIQ2YwzzmeTy5Q
i.liadm.com/s Name: _li_ss
Value: CjIKBQgKEIUXCgYI3QEQhRcKBgiiARCFFwoJCP____8HEI8XCgYIiwEQhRcKBgjSARCFFw
i6.liadm.com/s Name: _li_ss
Value: CgA
folkd.com/ Name: folkd0612_live_u2main
Value: 1705981112136x156708927148520930
folkd.com/ Name: folkd0612_live_u2main.sig
Value: Ek6U5v__tyv8F3M9c6M4qHHD6vI
folkd.com/ Name: folkd0612_u1main
Value: 1705981112123x952670350543354500
.folkd.com/ Name: _ga
Value: GA1.1.1374325086.1705981113
www.clarity.ms/ Name: CLID
Value: 08c5447e6bf24b1c9b28163ebd08bf4f.20240123.20250122
folkd.com/ Name: __AP_SESSION__
Value: 459c87fb-b744-4aa1-8214-d14e46f272d1
.folkd.com/ Name: _clck
Value: vt1795%7C2%7Cfin%7C0%7C1483
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
prebid.a-mo.net/ Name: _Amc_b
Value: 0
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.rubiconproject.com/ Name: khaos
Value: LRPT3VT0-1Y-G0V7
.quantserve.com/ Name: mc
Value: 65af34b9-94ac6-bfe48-99668
.folkd.com/ Name: __qca
Value: P0-846339850-1705981113552
folkd.com/ Name: session
Value: ad49ae27-d15b-4257-8401-f34bde665c73
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 1b820cc9a3dab29a3de22b1110b64b33
.folkd.com/ Name: _cc_id
Value: 1b820cc9a3dab29a3de22b1110b64b33
.folkd.com/ Name: panoramaId_expiry
Value: 1706067513738
.serverbid.com/ Name: CONSUMABLEID
Value: 70e232e856e344e2a232e856e364e28c
.criteo.com/ Name: uid
Value: b21fdd53-cccd-492b-89e2-4d982eb8c9bb
.folkd.com/ Name: __gads
Value: ID=d73a653a13f2f49f:T=1705981113:RT=1705981113:S=ALNI_Mb1JF_cD5eBfkgoBO3S1ziePAa9sA
.folkd.com/ Name: __gpi
Value: UID=00000d47b8500e9b:T=1705981113:RT=1705981113:S=ALNI_MbfupWRtW_bgqrzZWS6Cr1ei-ta8w
.folkd.com/ Name: _clsk
Value: qhjwuv%7C1705981113937%7C1%7C1%7Cr.clarity.ms%2Fcollect
.cootlogix.com/ Name: vdz_sync
Value: 2dda6325-0f23-d45c-cad8-9b0c169990a8
.openx.net/ Name: i
Value: a4d8a91d-3123-4d9f-95dc-5db69a7ae9e5|1705981113
.folkd.com/ Name: cto_bundle
Value: S4IhkV95RDc2ZEZjQzRRSmdYTGY1Z3ZQOFRrTDY5d0V0ZXolMkJ6dUFOTkU3NEc4JTJCU2FnWnpsZUFkSEZzYU5vWExJcFBWdTZKbjBhSE5UcE9FcTRGQ3l5b3pWUHdUTVZpUGZyVkdCWWQlMkY0TElmJTJCbG50cnBoN2V1QzNDdERCUm1hY2ZvTFF5aG9IUHRxSU9nZTVUdFdPbUk3SWdCUSUzRCUzRA
.amazon-adsystem.com/ Name: ad-id
Value: AzeCBylYoUl3qSd2a4ktfx4
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUkI0sKOCJ9SDkxXVWUN7xTcd5Gvx3d3BNmm4AsjhF18rvEyh_UB9dJjcfmy9gY
.folkd.com/ Name: __eoi
Value: ID=d583b5ec4e3a5c9c:T=1705981113:RT=1705981113:S=AA-AfjZMvcohb3uIGzb4FJhEix2b
.smaato.net/ Name: SCM
Value: 64df7eaaaa
.smaato.net/ Name: SCMaps
Value: 64df7eaaaa
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 7283273328877549246
.adnxs.com/ Name: XANDR_PANID
Value: 2Y2wfiY-UOrp9jy_7uHVbFBN3PxxVUIXy9ubvDxKYIAA27ygQQeb8UctcqcMmF5VyCH8LRmzGaVXgY61Dzxff01M2C-3icrIkuu-S-SyvJM.
.adnxs.com/ Name: uuid2
Value: 2380373011570053850
.bidr.io/ Name: bito
Value: AAACx07LXmkAABMh1hX3Cw
.bidr.io/ Name: bitoIsSecure
Value: ok
.omnitagjs.com/ Name: ayl_visitor
Value: cda9ad6ae9d89adbee8b213567150311
.gumgum.com/ Name: vst
Value: e_d269bb32-04bd-499f-9321-dcde753d913c
.bidswitch.net/ Name: tuuid
Value: 75dfa792-243c-4814-8e47-a1f76ddeb89e
.bidswitch.net/ Name: c
Value: 1705981115
.bidswitch.net/ Name: tuuid_lu
Value: 1705981115
.smartadserver.com/ Name: pid
Value: 4714513488865049119
.creativecdn.com/ Name: u
Value: tHoORzcY6WhkRp6Ckjf3
.creativecdn.com/ Name: g
Value: tHoORzcY6WhkRp6Ckjf3_1705981115124
.mymodernlaw.com/ Name: __cf_bm
Value: ybYe1wZuECRbz.3zT2eQj7r61vvnBLkNTZW0OZ_3F5w-1705981115-1-Ad18QLJSlLXGG9LVMSW/SteYMDbqrPf3CJ5R1/ECQO8+ROvAA2pw+AfsLyDW65m1F9A6w7rilJeQNc+s69PcVEk=
.contextweb.com/ Name: V
Value: wdNRPUCkbr6Y
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 23bcaa4602be3f76
.yahoo.com/ Name: A3
Value: d=AQABBLs0r2UCECEVFr3_s-6yFrt6PYeSKTAFEgEBAQGGsGW5ZQAAAAAA_eMAAA&S=AQAAAlUnjIascwfOuztVLUbmCd0
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 7BC00642-7252-4DDF-B9FE-EF913FD24BAB
pool.admedo.com/ Name: tuuid
Value: 98bb7d0c-135b-4588-94ce-d9c554ced3ab
pool.admedo.com/ Name: c
Value: 1705981115
pool.admedo.com/ Name: tuuid_lu
Value: 1705981115
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
pixel-eu.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.weborama.fr/ Name: AFFICHE_W
Value: d9S23HkFXYF340
.simpli.fi/ Name: suid
Value: 16455E92FD404CD9B119B145B419BAA5
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-0xYvLtYXLHHIGnophhVjKoNGenDIGnd-0xtxOLQS&KRTB&19420-0xYvLtYXLHHIGnophhVjKoNGenDIGnd-0xtxOLQS&KRTB&22979-0xYvLtYXLHHIGnophhVjKoNGenDIGnd-0xtxOLQS&KRTB&23462-0xYvLtYXLHHIGnophhVjKoNGenDIGnd-0xtxOLQS
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEK3WkY1n4K7ewVg1dO4NeN0&KRTB&23025-CAESEK3WkY1n4K7ewVg1dO4NeN0&KRTB&23386-CAESEK3WkY1n4K7ewVg1dO4NeN0
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7283273328877549246&KRTB&23263-7283273328877549246&KRTB&23481-7283273328877549246
.audrte.com/ Name: arcki2
Value: 2m9fUbs-91GT5K1NvkuB0o2kQ!20220908!1705981115426!ip#149.88.27.82
.audrte.com/ Name: arcki2_pubmatic
Value: 7BC00642-7252-4DDF-B9FE-EF913FD24BAB!20220908!1705981115426
.primis.tech/ Name: csuuid
Value: 65af34bb6d835
.adnxs.com/ Name: anj
Value: dTM7k!M4/YCxrEQF']wIg2In?if+/`!]tbP6j2F-.aDabByFnKcfGRUe(O@i8mDakkE1VsB``@P7dwcw*qF1`*b`W@(vu?h
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxSUFQzVlQwLTFZLUcwVjciLCJleHBpcmVzIjoiMjAyNC0wNC0yMlQwMzozODozNVoifX0sImJpcnRoZGF5IjoiMjAyNC0wMS0yM1QwMzozODozNVoifQ==
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-b407dcf2-6965-56b9-5d12-892c49b83d94.CGEvcroUnjXpHidCChYhoUqO0V%2BC3t8NKs%2FD1iIhmXk
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-b407dcf2-6965-56b9-5d12-892c49b83d94.CGEvcroUnjXpHidCChYhoUqO0V%2BC3t8NKs%2FD1iIhmXk
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AtAfc8mllVrldEoksSbg9lJVYG1I.yOpsUEehHPVFrbbSTaDA9owX2pJgkpe7vRj9jLZMWtY
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AtAfc8mllVrldEoksSbg9lJVYG1I.yOpsUEehHPVFrbbSTaDA9owX2pJgkpe7vRj9jLZMWtY
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGNJaeU-K4j1P5qrWxeT1lA5h1PLOeDl7Bgj_kOpGDTNEHwYBCC76bytBjABOgTwi70wQgQz81PU.b%2FsQxaw9GRuroxKLAIXjAZjTkxHgW1aLNV2Rf8O1ZZ0
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGNJaeU-K4j1P5qrWxeT1lA5h1PLOeDl7Bgj_kOpGDTNEHwYBCC76bytBjABOgTwi70wQgQz81PU.b%2FsQxaw9GRuroxKLAIXjAZjTkxHgW1aLNV2Rf8O1ZZ0
.adform.net/ Name: receive-cookie-deprecation
Value: 1
.adform.net/ Name: TPC
Value: 1705981115472
.prebid.a-mo.net/ Name: __amc
Value: 8_1705981113_1705981115
.yieldmo.com/ Name: yieldmo_id
Value: VE3ZpppjjLp8ImazxDqb%7C1705968000000%7C3457139263527918972%7C3361241939151101975
.audrte.com/ Name: arcki2_ddp2
Value: 2m9fUbs-91GT5K1NvkuB0o2kQ!20220908!1705981115515
.linkedin.com/ Name: bcookie
Value: "v=2&51af5189-f668-4ae9-8dee-4b1837a8fba3"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDU5ODExMTU7MjswMjEuSZ7LFMNIb4HxKEAxE8vBRDjGdYrU5bo85Epg077aCw==
.linkedin.com/ Name: lidc
Value: "b=TGST00:s=T:r=T:a=T:p=T:g=3301:u=1:x=1:i=1705981115:t=1706067515:v=2:sig=AQGHMbAg2ZpVIby9Mbye5wDF4-bPC0B6"
.ipredictive.com/ Name: cu
Value: ae402316-816b-45b5-988c-f85dbb27b1e3|1705981115521
.casalemedia.com/ Name: CMID
Value: Za80ux4LORIGoWQwyWak5QAA
.casalemedia.com/ Name: CMPS
Value: 2130
.casalemedia.com/ Name: CMPRO
Value: 2130
.audrte.com/ Name: arcki2_adform
Value: 7283273328877549246!20220908!1705981115609
.mathtag.com/ Name: uuid
Value: 453465af-34bc-4f00-bef5-1fd5677e3338
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:453465af-34bc-4f00-bef5-1fd5677e3338
.csync.loopme.me/ Name: viewer_token
Value: 8e0620f2-9a44-4c16-9a13-166deda98989
ads.smartstream.tv/ Name: DID
Value: 26cbba6903e31548c981986723006a25
ads.smartstream.tv/ Name: idt
Value: 100
ads.smartstream.tv/ Name: permanent
Value: 1
.brand-display.com/ Name: _knxq_
Value: 04874115-f805-1d4a-7878075c.1705981115.0.1705981115.1705981115
.socdm.com/ Name: SOC
Value: Za80u8Co8YwAAEQbjwAAAAAA
.sxp.smartclip.net/ Name: uuid
Value: 9386ccb2-bc34-af65-4b92-36817af2d0ef
.sxp.smartclip.net/ Name: dspuuid
Value: 10.CAESEOilPGYPjrFuf7Qr44ZNEno
.sxp.smartclip.net/ Name: psyn
Value: 19745.10
.doubleclick.net/ Name: ar_debug
Value: 1
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjIyMzE0Mzc2NxPiM9R1L_Ly9Q0J89N1tigCACkZO-slAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwNjIyMzE0Mzc2NxPiM9R1L_Ly9Q0J89N1tigCACkZO-slAAAA
.folkd.com/ Name: _ga_7BR5TDFFPC
Value: GS1.1.1705981112.1.0.1705981116.0.0.0
.ads.stickyadstv.com/ Name: UID
Value: f2ee90439dfd5be156428cd0f6d5d
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_e3df6b41-b9a0-11ee-b2f5-1297b61989fd
.turn.com/ Name: uid
Value: 3205897004932985690
.lkqd.net/ Name: lkqdidts
Value: 1705981116
.lkqd.net/ Name: sr59
Value: 1||1705981116
.lkqd.net/ Name: lkqdid
Value: a1fvC2sZgEo
.sitescout.com/ Name: ssi
Value: 8cc005be-8d9a-40d3-ad75-798e2acb9e12#1705981116578
.company-target.com/ Name: tuuid
Value: 5d09b1c6-e8e0-4e1e-a1af-31b2250f8040
.company-target.com/ Name: tuuid_lu
Value: 1705981116|ix:0
.adotmob.com/ Name: uid
Value: 0a1222040069c49e5f8fef34
.adotmob.com/ Name: uuid
Value: 0a1222040069c49e5f8fef34
.adotmob.com/ Name: partners
Value: IX%3A1705981116608
.w55c.net/ Name: matchcasale
Value: 5
.liadm.com/ Name: lidid
Value: 2ba2ab41-70c6-45d7-8951-9ef87add91a7
.w55c.net/ Name: wfivefivec
Value: xHi4vbQT1Rs7Cs5
.fwmrm.net/ Name: _uid
Value: umv1236_7327145198368286646
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: umv1236_7327145198368286646
.ads.stickyadstv.com/ Name: MRM_UID
Value: umv1236_7327145198368286646
.tapad.com/ Name: TapAd_TS
Value: 1705981116778
.tapad.com/ Name: TapAd_DID
Value: dcfa2d79-0c0e-4178-8aa3-02fc169834d8
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.acuityplatform.com/ Name: auid
Value: 880155358026
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAOPqNdXNlck1hdGNoaW5nSWTQkWxhc3REcm9wVGltZU1pbGxpcyUBRk0MYA6emGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUZNDGAOno90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEBmagl9gtLBlKWMWxeSsK0c
.tryiqos.ch/ Name: trs
Value: 65af34bcc149b61a941df8e3
.awin1.com/ Name: awpv12112
Value: 412871|1705981116|e42dd960-b9a0-11ee-9c4b-223173d2bc6e
.awin1.com/ Name: awpv11467
Value: 412871|1705981116|e42fd530-b9a0-11ee-b3cc-2233d0695e79
.mediago.io/ Name: __mguid_
Value: f34e96997f25fae42w6knu00lrpt3ydq
.demdex.net/ Name: demdex
Value: 79121329414708447233532979706419781430
www.conrad.ch/ Name: CEAffHA
Value: AW
.www.conrad.ch/ Name: __cf_bm
Value: TqljLbjbzWW9iqt.bdts8CtrenigPQtjzwxRp9.TNno-1705981116-1-AYZA+wWKIkDfq7Nr85XClrHngomzy5boGJcI08ROsk763udU1oz+FyHdu4Ss7rHLQY9st2eC3c6Y4zmskZ5TO3k=
.awin1.com/ Name: awpv68826
Value: 412871|1705981116|e4349020-b9a0-11ee-9c4b-223173d2bc6e
.awin1.com/ Name: awpv11965
Value: 412871|1705981116|e4346910-b9a0-11ee-a4ff-226608db104b
.awin1.com/ Name: awpv11482
Value: 412871|1705981116|e4397220-b9a0-11ee-b3cc-2233d0695e79
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Za80vAAQiRnX7ABd
.rezync.com/ Name: zync-uuid
Value: 9a07b014-ad2e-49a3-addd-dea1cb9e67f9:1705981116.816523
live.rezync.com/ Name: sd-session-id
Value: .eJwNyk0OgyAQQOG7zFoahoHh5zIGZZqQVtqIbmq8e9m9L3kXzF_Zt9ykHZCO_ZQJ1ncd6pAu6PW3yQsSONTeEgUyhi2yJ89wT9Cl9_ppcy3jiVn7RaNVuRhRNmYaVYoqknFdorB_xoReuxgQkR8B2RmC-w-nXCZN.Za80vQ.ThO4UbvljXTTpAdKArTcurBMNDM
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-PkwJlRhE2oPh7uXQdRsnSmjRCrivFmNgchweEaWI~A
www.conrad.ch/ Name: HTLP_timestamp
Value: 1705981117520
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4HAJAc5uwEkKsXJ3vyuyJ3dNSL_cYoclpU1py5U-TM3Pg9DFBOA3EW7Df948RYU6AAAA
.dpm.demdex.net/ Name: dpm
Value: 79121329414708447233532979706419781430
.awin1.com/ Name: awpv18851
Value: 412871|1705981117|e48d1060-b9a0-11ee-b3cc-2233d0695e79
.ads.yieldmo.com/ Name: re_sync
Value: pp%3D1185549%7Crc%3D1185549%7Cc%3D1185549%7Ct%3D1185549%7Cpub%3D1185549
.awin1.com/ Name: awpv13668
Value: 412871|1705981117|e48fa870-b9a0-11ee-a4ff-226608db104b
.awin1.com/ Name: awpv30011
Value: 412871|1705981117|e48fa870-b9a0-11ee-b3cc-2233d0695e79
.rlcdn.com/ Name: rlas3
Value: dfW7Z3wA0QbzSkcBNzCk0yI+ZU5jVAgDkYw+AxQP8ls=
.awin1.com/ Name: awpv23466
Value: 412871|1705981117|e48fcf80-b9a0-11ee-9c4b-223173d2bc6e
.awin1.com/ Name: awpv32603
Value: 412871|1705981117|e48c2600-b9a0-11ee-9c4b-223173d2bc6e
ums-tr.eterna.de/ Name: _uid
Value: uid=wb5ybk2r2ce0ga2wxoittcdj&date=2024-01-23T04:38:37
ums-tr.eterna.de/ Name: _umt216609
Value: val=MDAxfDAxMXwwMjIwMjQtMDEtMjNUMDQlM2EzOCUzYTM3fDAzMjE2NjA5fDA0MHwwNXwxNTIxfDE2N3wyNTI4NTkxMDcxNzU2Ng==
.openx.net/ Name: pd
Value: v2|1705981114.3|iyvQvNgun0.j8gqwksLiSmOgesfnswL
.awin1.com/ Name: awpv23250
Value: 412871|1705981117|e493a010-b9a0-11ee-9c4b-223173d2bc6e
.awin1.com/ Name: AWSESS
Value: 412832:2879223
.tryiqos.ch/ Name: emid
Value: 65af34bdc149b61a941df8e9
.creative-serving.com/ Name: tuuid
Value: bd90b368-385c-40bf-b148-9adb8e6492c3
.creative-serving.com/ Name: c
Value: 1705981117
.creative-serving.com/ Name: tuuid_lu
Value: 1705981117
.pubmatic.com/ Name: DPSync3
Value: 1707177600%3A235_227_226_219_197_201_245_241
.mediaintelligence.de/ Name: emid
Value: 65af34bdc149b61a941df8ea
.mediaintelligence.de/ Name: trs
Value: 65af34bdc149b61a941df8eb
.blismedia.com/ Name: b
Value: 65AF34BD1D55F40EBAD7718DBLIS
folkd.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-01-23T03%3A38%3A37%22%7D
folkd.com/ Name: pbjs-unifiedid_cst
Value: zix7LPQsHA%3D%3D
.analytics.yahoo.com/ Name: IDSYNC
Value: "18vk~2gc3:19e0~2gc3:175w~2gc3:18z8~2gc3"
.quantserve.com/ Name: d
Value: EM8BGAH8KvijCJiTCuu4EA
.creativecdn.com/ Name: ts
Value: 1705981117
.rlcdn.com/ Name: pxrc
Value: CL3pvK0GEgYIwuoBEAASBgjbwh4QAA==
.ads.yieldmo.com/ Name: ptrpp
Value: wdNRPUCkbr6Y
.ads.yieldmo.com/ Name: ptrc
Value: CAESEI2Y8hy9yiEaTwttRcfbX2U
.ads.yieldmo.com/ Name: ptrrc
Value: LRPT3VT0-1Y-G0V7
.adswizz.com/ Name: OAID
Value: 63ff35f40d98771db0ffa5acb0950ce0
.cootlogix.com/ Name: vdzj1_40c406b3
Value: oo515JLZhpa7OOa8fEbZMW4qCQIVWSo9EhpcHkBvLH9vWxUHASt4VQxXJlJqe3s%2BCxVWVCttTRpQdlBrKHxjXkdQBnd7VAAFdFtrfi1vXUVDamNtAlcTKxZ4cHx2ShcFRz1tW0NELBEfH25gDhENRCpjQ18CNRB4cG5qSlxDUCs%2FE3sJKxE%2FJDh4UlJDG206EmgULBQ7KTV4UlJDSmNtEl0VNgs1JG5gSkBSBS18Vw5VaFdjenV3C0FTVWJ%2FBVtfaFJpK305XxZVBSp3WRpKZwE1JCI%2FCwQIWCEGBRpcZ1RoKH4%2FURFUDyl5A15RJlVvKS07DUUEA21jQ1EVDAQoKyE%2FSkoVRToqHA%3D%3D
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: Za80ux4LORIGoWQwyWak5QAACFIAAAIB
.rqtrk.eu/ Name: browser_id
Value: 1:f932b878-ac38-4d02-aaa4-07634da1368e
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2380373011570053850&KRTB&23339-2380373011570053850
.pubmatic.com/ Name: KRTBCOOKIE_632
Value: 23041-ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&KRTB&23047-ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&KRTB&23234-ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M&KRTB&23361-ViR4k8DCOJSMDgKL7vewv7Jq9TxtaDotmO51rVynh7M
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c&KRTB&23418-8cc005be-8d9a-40d3-ad75-798e2acb9e12-65af34bc-494c
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5107433832264167376
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAACx07LXmkAABMh1hX3Cw
.zeotap.com/ Name: zc
Value: 5fbf78fa-ed43-4059-7208-4fe87ec69215
.sportradarserving.com/ Name: zuuid
Value: ee08e069-df66-4c1b-b47f-9a3a60ad4043
.sportradarserving.com/ Name: c
Value: 1705981117
.sportradarserving.com/ Name: zuuid_lu
Value: 1705981117
.onaudience.com/ Name: cookie
Value: 8e04288e8c117de2
.onaudience.com/ Name: done_redirects147
Value: 1
.adfarm1.adition.com/ Name: UserID1
Value: 7327133105123162272
.adx.opera.com/ Name: UID
Value: OPUdb73d62c9631481b952ab4182d9b5058
.mediarithmics.com/ Name: mics_vid
Value: 71812261663
.mediarithmics.com/ Name: mics_uaid
Value: web:1:015ae22c-a066-4d3a-ac71-263011f6f7ad
.mediarithmics.com/ Name: mics_lts
Value: 1705981117947
.addthis.com/ Name: na_tc
Value: Y
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1705981117
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7327133105123162272&KRTB&23369-7327133105123162272
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1p9y|7bq.0.1|7TZ.0.1|7dN.0.AAACx07LXmkAABMh1hX3Cw
.semasio.net/ Name: SEUNCY
Value: A85B365F7EAABA84
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-tAfc8mllVrldEoksSbg9lJVYG1I&KRTB&23334-tAfc8mllVrldEoksSbg9lJVYG1I&KRTB&23417-tAfc8mllVrldEoksSbg9lJVYG1I&KRTB&23426-tAfc8mllVrldEoksSbg9lJVYG1I
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUdb73d62c9631481b952ab4182d9b5058&KRTB&23485-OPUdb73d62c9631481b952ab4182d9b5058&KRTB&23524-OPUdb73d62c9631481b952ab4182d9b5058
.de17a.com/ Name: guid
Value: 1.9064062763748439557
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-9064062763748439557
.colossusssp.com/ Name: gtm_usr
Value: ed94d654-0e7c-4c62-aeed-999d2e7d20d0
.colossusssp.com/ Name: lmg_r
Value: 11
.smartadserver.com/ Name: csync
Value: 127:AAACx07LXmkAABMh1hX3Cw
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwNTk4MTExODA5NCwiMjQiOjE3MDU5ODExMTY2MTIsIjM5IjoxNzA1OTgxMTE2NjEyLCI3IjoxNzA1OTgxMTE2NjEyfQ
.go.sonobi.com/ Name: __uis
Value: 4308fdf6-0a57-4885-b68b-9ed3b6b771a1
.go.sonobi.com/ Name: HAPLB8G
Value: s85124|Za80w
.dotomi.com/ Name: DotomiTest
Value: d0913bc5210176c
.mfadsrvr.com/ Name: tuuid
Value: 12759afa-0c2a-4f6f-9f4c-d3bd3772b705
.mfadsrvr.com/ Name: c
Value: 1705981118
.mfadsrvr.com/ Name: tuuid_lu
Value: 1705981118
.ads.yieldmo.com/ Name: ptrpub
Value: 7BC00642-7252-4DDF-B9FE-EF913FD24BAB
.dlx.addthis.com/ Name: na_sc_x
Value: 1
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1705981118
.addthis.com/ Name: na_id
Value: 2024012303383700048543295827
.addthis.com/ Name: uid
Value: 65af34bdc46f32cb
.addthis.com/ Name: ouid
Value: 65af34bd0001469f0625b29ac2131786d2dd1db332eb562ba881
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3205897004932985690&KRTB&23150-3205897004932985690&KRTB&23527-3205897004932985690
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAH7PsphgEUSwMUz6FWAAAAAAA&KRTB&22713-AAAH7PsphgEUSwMUz6FWAAAAAAA&KRTB&22715-AAAH7PsphgEUSwMUz6FWAAAAAAA&KRTB&23519-AAAH7PsphgEUSwMUz6FWAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-75dfa792-243c-4814-8e47-a1f76ddeb89e
.adsby.bidtheatre.com/ Name: __kuid
Value: cc2aa801-4ca5-4833-8ef2-1f58b6885a72.475195118
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrDy+Q63gz/mJjNLKGdDwNQNfInUvAj0qXJA3d4FNyv1DbO1l3LMt+dME3xSlOtsJvAUJ+gL7gixXgEVgNMYbr60djsaEpcUMY=
pixel-us-east.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_a18b21af-1d19-4cda-95ff-827ff27ef05d
.bing.com/ Name: MUID
Value: 38785A06DFA0652D07F74E09DE0C64ED
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 38785A06DFA0652D07F74E09DE0C64ED
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 38785A06DFA0652D07F74E09DE0C64ED
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.pubmatic.com/ Name: SPugT
Value: 1705981119
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 14
.pubmatic.com/ Name: pi
Value: 156319:4
.pubmatic.com/ Name: SyncRTB3
Value: 1706832000%3A63%7C1707177600%3A165_81_234_13_3_243_251_54_249_55_220_166_88_22_46_7_99_8_233_254_238_266_21_56_176_264_161_71_214%7C1707264000%3A35%7C1706572800%3A15_2_223%7C1708560000%3A203%7C1711152000%3A69
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XMKw6AMBAFwJBgUZyjpG-73Q-3aQkcCIlEIjkeCsdHjpmz6aAxuwGwlPn6WEhxtI8pOnjt1WryuSSEOvkcePESSqweKls2IY4sy_gmg0OFSbb-nTXD958JNwd6Qy-KAAAA
.ctnsnet.com/ Name: cid
Value: 2336c4e51efd48c8babb93015496f537
.onaudience.com/ Name: done_redirects104
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7a68961c-d19d-4a2e-9a6e-42f6f3718bd4-003%22%2C%22nxtrdr%22%3Afalse%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7a68961c-d19d-4a2e-9a6e-42f6f3718bd4-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-0E2y59DCSnaWXSSnSjbbTQnX
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-7a68961c-d19d-4a2e-9a6e-42f6f3718bd4-003&KRTB&17107-RX-7a68961c-d19d-4a2e-9a6e-42f6f3718bd4-003
.pubmatic.com/ Name: PugT
Value: 1705981120
.tribalfusion.com/ Name: ANON_ID
Value: aYntuJyKalHobWm8ZaCyPrjOjZbcDtiZdQ1bKMZbMhyaUcwHYe0dXASsuWucJVKZam3p1UKjgRZaZby5rySsWXbfylt4iIu

12 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network error URL: https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network error URL: https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
other warning URL: https://min.tryiqos.ch/trck/ehtml/449f5b35d42da36109fb9c0488f8191a?tp=onetag&subid=oneidK13CRfR5x2fbRK3c5HMHktPt55eDF8TAT8Gaqoneid__dbm_Awin_Reach02&gdpr_consent=&gdpr=0&gdpr_pd=0
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
violation error URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=418192&ca=25&p=&av=2&pu=50003&as=0&uv=&id=(Line 39)
Message:
Permissions policy violation: Synchronous requests are disabled by permissions policy.
violation error URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=418192&ca=25&p=&av=2&pu=50003&as=0&uv=&id=(Line 39)
Message:
Permissions policy violation: Synchronous requests are disabled by permissions policy.
violation error URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=414281&ca=25&p=&av=2&pu=50003&as=0&uv=&id=(Line 39)
Message:
Permissions policy violation: Synchronous requests are disabled by permissions policy.
violation error URL: https://a.gsitrix.com/view/?a=5d8c8ca8773741569492136&cr=414281&ca=25&p=&av=2&pu=50003&as=0&uv=&id=(Line 39)
Message:
Permissions policy violation: Synchronous requests are disabled by permissions policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=63072000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io
1f2e7.v.fwmrm.net
2sport.tv
428c24fff7f5b739ef4c012e7fd7373d.safeframe.googlesyndication.com
a.audrte.com
a.gsitrix.com
a.sportradarserving.com
a.tribalfusion.com
a1131.casalemedia.com
a1144.casalemedia.com
a1161.casalemedia.com
a1181.casalemedia.com
a1186.casalemedia.com
a1203.casalemedia.com
a1212.casalemedia.com
a1214.casalemedia.com
a5134.casalemedia.com
a5176.casalemedia.com
a5180.casalemedia.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ad.mrtnsvr.com
ad.sxp.smartclip.net
ad.turn.com
ad.yieldlab.net
ad4m.at
ads.avct.cloud
ads.creative-serving.com
ads.pubmatic.com
ads.smartstream.tv
ads.stickyadstv.com
ads.yieldmo.com
ap.lijit.com
api.btloader.com
api.id5-sync.com
as.ad4m.at
assets.ad4m.at
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
blogger.googleusercontent.com
bloggernetwork-d.openx.net
btloader.com
c.amazon-adsystem.com
c.bannerflow.net
c.bing.com
c.clarity.ms
c1.adform.net
casale-match.dotomi.com
cdn.adpushup.com
cdn.adswizz.com
cdn.confiant-integrations.net
cdn.doubleverify.com
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
client.aps.amazon-adsystem.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.adsafety.net
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
contextual.media.net
cookie-matching.mediarithmics.com
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs.lkqd.net
csync.loopme.me
d.adroll.com
d.turn.com
d5p.de17a.com
data.mediaintelligence.de
delivery-cdn-cf.adswizz.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
e.serverbid.com
e3.adpushup.com
eb2.3lift.com
esp.rtbhouse.com
eu-u.openx.net
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fastlane.rubiconproject.com
folkd.com
folkd0612.bubbleapps.io
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
hb.minutemedia-prebid.com
hb.yahoo.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
i.ytimg.com
i6.liadm.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imps.monu.delivery
invstatic101.creativecdn.com
ipac.ctnsnet.com
js-sec.indexww.com
keochuan.tv
keymap.adpushup.com
lb.eu-1-id5-sync.com
live.primis.tech
live.rezync.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mediaintelligence.de
min.tryiqos.ch
monu.delivery
mug.criteo.com
mwzeom.zeotap.com
mymodernlaw.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
openx2-match.dotomi.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.cootlogix.com
prebid.media.net
proc.ad.cpe.dotomi.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.casalemedia.com
r.clarity.ms
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-ew1.doubleverify.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-assets.strikinglycdn.com
static.adsafeprotected.com
static.criteo.net
storage.googleapis.com
sync-pm.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.colossusssp.com
sync.cootlogix.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.serverbid.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
synchrobox.adswizz.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ew1.doubleverify.com
tr.blismedia.com
trace.mediago.io
track.adform.net
uipglob.semasio.net
um.simpli.fi
ums-tr.eterna.de
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
visitor.omnitagjs.com
wam.solution.weborama.fr
wholesaleusb.com.au
ws.rqtrk.eu
www.awin1.com
www.clarity.ms
www.conrad.ch
www.folkd.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
x.dlx.addthis.com
x.serverbid.com
xeqe-t3lw-i7hv.n7.xano.io
ad.mrtnsvr.com
ads.avct.cloud
cm-supply-web.gammaplatform.com
104.16.224.78
104.18.38.76
107.191.36.239
124.146.153.164
13.224.95.222
13.32.27.99
13.32.99.88
130.211.23.194
130.211.44.5
134.122.57.34
141.193.213.10
141.94.170.64
141.94.170.77
141.94.242.226
142.250.181.226
142.250.184.230
145.40.97.66
147.135.143.112
149.28.187.227
151.101.2.49
152.199.21.70
154.59.122.79
159.89.246.130
162.19.138.117
162.19.138.120
162.19.138.82
172.240.155.116
172.64.151.101
178.250.1.9
18.158.46.130
18.165.183.57
18.165.191.236
18.185.42.140
18.193.197.239
18.195.136.197
18.245.46.103
184.30.16.195
184.30.17.243
184.30.211.26
185.170.60.112
185.170.60.117
185.170.60.134
185.170.60.143
185.170.60.145
185.170.60.62
185.170.60.75
185.170.60.92
185.184.8.90
185.255.84.153
185.64.189.112
185.64.190.79
185.64.191.210
192.241.159.82
193.0.160.130
193.135.9.126
195.5.165.20
198.47.127.19
198.47.127.20
198.47.127.205
20.119.174.243
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
208.93.169.131
213.155.156.185
216.200.232.249
216.52.2.30
217.79.187.68
23.48.23.21
23.56.202.187
23.88.86.2
23.97.225.52
2600:1f13:800:7781:e315:15fa:9bb4:390c
2600:1f18:ed:550a:ac77:9c63:d66e:ebeb
2600:9000:211e:e00:1b:fdeb:7440:93a1
2600:9000:2190:b400:1b:5138:8a40:93a1
2600:9000:2190:b800:f:858:b480:93a1
2600:9000:2250:fc00:a:e047:753:a221
2600:9000:25a2:1200:1a:5235:f980:93a1
2600:9000:25a2:7400:8:48e:53c0:93a1
2600:9000:25a2:9a00:6:44e3:f8c0:93a1
2602:803:c003:200::31
2606:4700:10::6816:3262
2606:4700:10::6816:3456
2606:4700:10::6816:4ad8
2606:4700:20::681a:4f3
2606:4700:20::681a:ad1
2606:4700:20::ac43:4513
2606:4700:20::ac43:48f1
2606:4700:4400::6812:2b5a
2606:4700::6810:5814
2606:4700::6810:cc42
2606:4700::6811:c96e
2606:4700::6812:19ad
2606:4700::6812:bae0
2607:ae80:4::26
2607:f350:3:2569:0:10:0:c
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:809::201b
2a00:1450:4001:811::2004
2a00:1450:4001:811::2008
2a00:1450:4001:813::2002
2a00:1450:4001:828::2016
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2001
2a00:1450:4001:831::2001
2a01:4a0:1338:28::c38a:ff18
2a01:7e00:1::b903:5c4c
2a02:2638:3::3
2a02:2638:3::c
2a02:fa8:8806:13::1400
2a02:fa8:8806:21::1780
2a05:d018:cc3:fe05:9109:5249:ec1e:4708
2a05:d018:d29:3605:a6fa:b563:be0e:7526
2a06:98c1:3120::3
3.208.240.1
3.64.96.203
3.69.181.161
3.71.149.231
34.102.146.192
34.111.113.62
34.111.129.221
34.120.107.143
34.120.63.153
34.160.19.107
34.196.213.92
34.247.233.198
34.250.99.97
34.252.143.149
34.91.62.186
34.95.81.168
34.96.105.8
34.96.70.87
34.96.71.22
35.158.151.55
35.186.193.173
35.186.194.101
35.186.236.140
35.186.253.211
35.190.39.111
35.193.186.65
35.208.249.213
35.210.53.219
35.214.131.35
35.214.149.91
35.244.159.8
35.244.174.68
35.71.131.137
37.157.4.28
37.157.5.73
37.252.173.215
38.91.45.7
45.137.176.88
46.105.200.240
46.137.85.126
46.228.174.117
51.75.86.98
52.18.204.174
52.2.41.65
52.208.7.68
52.209.41.250
52.210.162.23
52.46.128.147
52.49.110.165
52.95.125.22
54.154.71.202
54.160.145.206
54.36.150.184
54.36.78.116
54.76.118.59
57.129.18.109
65.9.66.104
68.219.88.97
69.173.144.138
69.173.144.139
69.173.144.165
69.20.43.192
70.42.32.63
72.246.169.24
72.251.245.181
76.223.111.18
76.76.21.21
77.243.51.122
8.43.72.98
81.17.55.108
81.17.55.117
82.145.213.8
85.114.159.118
85.195.93.95
85.91.45.48
85.91.45.90
85.91.45.94
91.216.195.7
92.123.148.9
95.101.148.20
95.101.149.233
98.98.134.242
99.86.4.30
00002b0b6914252b281bc9e51ae7e1f7589cdc36b66adc531f9abc1e02cc26a4
005289be01b4f5f0456718e324286efb24afafaee47e0438ea0fb24fcd8c9f48
008401efc82c7bdef5df69e06d410e448438c395b9a3d3cc11d53451e4c55383
00d61b3bfe958bd15f3182f3037adff7f6febb34644b037a706e78dcbb4c5b55
010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58
01170050458513699e926b282be71d0ea577e944cecaa8867c7188141235cfd0
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01d68db95b6eb39e176a461c6af054e453a59935fc718662474d35dd4f7b4c3c
034c16236433799b4f923c21b40a67179a6f991f4046fdc2f45b84a24e01bc1c
043be5caa4b29446e3ca043ed9aee58108c3dab806b7a34b562dae0df1c36253
0500a40419570f47e77e03549101b0492d84f581961128b1c1cb3e1115ae9dc8
052149bcbc8e59b32d0245b298cb6936fa56da125f4f3f7e965aee65ea436015
05deee3fdf1fcfaf986017678f334ea2733f5e233f80b1081f3f0867fb55179f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
074468e2fdeab67f22caab991850fb09c81e2b2dee11251753ca188e20763679
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08c6ad8229e94df839eec40a580e3d7d6366e148abc0154f3905a1948437582d
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0936158982202f279e4b6004098c59eb61419fda6e25613e80f566d8172df15c
098e6dc516d5b171a1bf126adf3b8e8510746bac17f477f73a6310587e4ab9e8
09d504a3c8079958601741cd2d93308fd15eac55184dafa7886d1e9f160e8335
0b085f379cec1de975355c05a277444bca12e8affe31a69a229a3bd6a1e5aec9
0b26090b7c2ddac21b5731cd0dc5ada44fd88d3b7ee421dd8ddc0a7db2b12c70
0b58459ade0868e6cc1e4c0990207833886e3fe2da8b48d4c8733b6f4263bdd0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b982f82e7d031b53e2c22bc9f801136d292006fd6ec9ee99ea29cb019a4f220
0bd600a32b39a677f13ea3c3a0d8d29cd887387132cbb012175ef6a769b2bb52
0c48fe60a78a5e0d7a84099de90259f8a75e58f9a6e2aee649d82fc42b82b79a
0d9b10631d6898646bc9241fb5b2b613df0e2a0fd2c8367d86ce3bb6f95fa1ea
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0f788d3eb180f3627d8597324bf01e9c22c50d04a35a5efd65ab31b0d7ed79a0
0fec3d2ea95826f5eea652013d20b1ce91c54990f011fdd4355e3d84ebce03db
10eec9311dd99b07bbc70f9d03cb69c856ba6888f498a09a498cc79e17d4467e
113c0d7ce216b502e1fe889b7f9dd135a0bc97d46519cd9c600e67407d97db09
126bf005143e240bec00185c7265ea992808854b04e8d0c93a0fe815b6a6702b
12bc579e58c584fa5863ca90534c96acf7a1f63e7ae6862177d9621e8d5937ab
12c538c22dc32893f9ac5aabda5b75c0e2335dd5ef9bfa92e1a613f23ca2a420
1392da57c2f3f4a5b34523272c09e3fd637c9572feb6e3e8d0847bb24ce08121
15df7612b2f445f4d18846aed403d0ca0947b3f8dead95d4b167621f5faaba57
1761aab2762f325b8a87c3b7c50d8abaaa7f90354c3ded696f0b66f25e7390af
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1930bf2d8033d1d4fc246a7af852b98f8b81432a7753468dd0f780d7ba11d211
19bfd1c6283762f6aabb023c7dfacc2132b247d6adc0dccf00c5e05bcab8b719
1acaa5c7684c9262e311b96ad136909d9ceb432c74a3e66b4f01b355adf7cc2d
1d335d06a5820341727f640aec2d7049d34ef5d38d4d0cf5afac31b4cfb3f3bc
1de4ab26b147f56d8be8ca51ad9169399b113cab7356cd70aeca850a61937fae
1e18b9a52e6778a39cd6e0ed7563964abf5a8bc1b948c9f1ee00589ec94ed7d7
1e432f14531c18a1160a13ed2e9a99a47cd1ca17b06629035429861665e6461d
1ea6ee0237253d9114205128f9cd7e154f617d144ef478d7f50e388aaba13151
1ebbaff2611ef2a128396d79225579570ad54163e32d0961aa2753c0f4c0d96c
200dc7bef742f1444cb61f8815c670559515190e8c26b22d2321d97f0b9f772b
204a126edc6abd43f702a155ed708e1d4d6f5ffef7197f066511a81978ad5a5c
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
20ba63fa72bdbc6564881789953019784a38095e9ac87ea371498fd93333eaad
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
22fc0ddb24d8efc04575d1109ca34ed78029eda8fa355df702a163debb5aadd2
234edb3bf857c597c4edcdca7704e732960747b3acf2e84303113b596f459568
260b762c98bed6aff9c0a2814be9ade28c45cd1a1f0a4acf56c6bcf3fffdc2bd
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
275f19c4014d522d4d54a91ad42308f5616a807e4102dda915a1b65ff1211ceb
27af51639b2ee14d9a43cc3471a9251098eeebf029876e0fb62eed2601513300
286fe9b776af1c387c1ba6b0b934dc34717badca35e5516470f9e8710f12b319
29c043402918cd8bd045e152d013b0c817814ffdaeea9030fb7dbd8661542142
2aa25a19729df7b573f42c20a108d4ec213403df5ac193414f02f35887e7017c
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2be0076967a01c8ed6dee3285b73515f1e89d067927e237943ef8055492c6bc4
2ce171d09c7a14253c1724fc908fb1d266e0f3133c1699b83c338fa0ca3db569
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e3d658ff059ad0c287b5e14a5b80a96c010305fa29eadef264730019d31f361
2e71f18edd174a4cb13dc9b75daa0d9d7ce1fc949585941eac0f85263893bcac
2e75a7b677ff22f2387eeaead5e53f08c223fb487f1001776870c515815f9062
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7735fce76148ac8c6e0b5e52174312873694d58501188d7c517689343d8775
2fac2e8c5bb9f93b869197adb5a33f149e76cb76ce951bf1c9ae78d5d82e61a2
3014b3817b109cdaf90cd9166e666a3198727b99ba998777ce5f24ca299eeb72
30aa4d7efa4951ec30982e0e1d2028878293a77173af2607472dad22c6456321
3167f736560284d97a1e3cda600b00c3ada2f5aaae9322e84db77b00406aadc0
330f30b07c8369325432d9fa0e46841ab20853f781459d43c9949da1cddc92d6
3381eefb1d27cb110697afc4e4d12efc2e245609113ef6e53d4caf1db9d5f5e0
338c98cab7cd729a00c6bc448747431a19a6ce4e0103b58f090d413e99918740
35595ffe49947fe70d49915c759eacd2084d96335f6903aed8567fcf4a5a9321
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
377fa40bcc16e031bad01562506feb40b10cec35205d816efa8234f52a44ec2e
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37df1457e06cbc382518473bf774d2bdec3b5099fb86154b7848f9153372a3bd
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39fa629516fd07d054b82cdcf21961f1fbb5d75806cb504aab95f4df29ae6b10
3aff96e293a065aed096fb648d773a6c0563629b3bd6c2692b89cf92e6aede71
3b957145b6c0cab6ddebf4819ef457d4bc415cf0ac0ee726e1b7a874422ce3ce
3c4ac01f07cc863564dfe803f6beb04f6f48c3f1902882e77633abde6d6bc965
3d23336dceed6581535bdba4d8065059fbb2ec11d6538f04221e6019f53fe581
3d6dfc6f6fe9bcd20cdf22fae9ba75fa01e38598c57124f402f28867a5c93465
3e172351681175a64b1e409719b4e5275cce06c8620547ce26fe08f6a669198e
3e3dca4c611a512a601e5df44a84d42b0b833d22601bc42561c6ab0483e80b4e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ec4093f0b63f24ebd5718ef66e318e7b9e4232b9c51e24a833d3de754e3e4f1
3f9971f161504a3d0a6547d91e1a52e2b48226733f7c31bb4332960b4709fe4c
3fa691dbdac3f7fda5ec9d0553907c9bea66ee693833d2891ea709ebadd8202d
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4043527f155c11dfc119f5aa843b25741bc423a8d9469b65d70eb9296043a3d3
41871c1ff2450757844389f48e01359764e179042b06e65c3b5eac88bb12a7f8
41b770ec46c90e2a840049fa99c5d5f64c1a53c1a4e138f7b72bcdd5ec18a6b7
432501d7bf47b128295c61f72eeee2e5c2d33755f85db43ba89188408ab9389d
43563ab5ef5c1e6050e852cd8382994a83f1603f7f6c95363cf1d450c296ba99
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43ccc9257f5ed5b95b6862ce8a3144aa0a1cceac38b9f8ca758884483cd9bd9e
447e9b8778c1b139bd832a92b109ff3c82781560d0506936be0a425edc2f46ed
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b
4572a18dfe4a5f4b5b77648eaacda37a1e0cb08e261be3bcb44f94e98bb17fae
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
4687434dc03b141993982445f5276c6317f1e1a2b92e3032b91f6901dd6592be
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4811255bf4b6f8efa88b7b0609189c60d5d1e8e3e996ee0a107df8d8401cee1c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
493c8e5e8f262311f7c5a36dc28f3ddbd38ba9613aafe00bba0ca330529cd152
4950a360ec2df3f4a3275b0f84e2bb7b411d993874f4e83e17c4a848f8f3d219
4967efe234c6de8d030bacf88cb0a9ec28fda81ab575c77c549393be8658656f
4970a864d5be91437aee3bcf90ed842ed4c8edc10bf215341b0177dbeab1ccba
49a58ee815bb9019d5b047c40e097f8c0c7216ea0602433917d445dd7d42b2cc
49b09ba27caac344635861c05395b6f9543611d228f8bdcabcb735714f6fcc1a
4accf05d09eadaf4275126a11a4f389d93b78abf856f30afb0c10906160f65d0
4af1b1852b288b1964f61cd1a1eff6743f14f45e5b7bd5ca14721c39dbacb079
4b03483d15f80c82ab2302a3efb783b0de11addd91853aa8a67a596a5e0ffb13
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b81d898e5d53f02ebdc999358ce2272b4ec0c4bb45039f2cf1ce73dee139a47
4c3dd56744d5eb14af9d4c6da2ff9c0268421d8853e64c4ac13c3722d20e25ad
4cdc69369d43a4259950ed25233ed9433210ae66e82ae6e17e2cf64b6ae0ccb5
4ce30d513c6b00904dbdfb7179f5b7e6b28978087444a3e1b52b0d6f596fb40b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5f598d7143ab20b4463ecfd8d59fa4b9a677335448e4be8a58d5e31053293c
4e6ee3a660e14eda56fc4ec4bc845220a52ce5cbb9c44c164e7e881a46b49bc9
4e9c4c488c8dcdc7a4e211f20f5234edb2632adbbac8626047abad68abd80ed0
4f1339ff8ae3d23b2800b9dac3115ef8a29dd9b449a3b5e3bf7aef6503854e20
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5035904b964007bb315d2176b66174dbd370107ff5023643c96108af0c564bd6
50a35a94e1a56e14a25ad8112c4e0aba806f1876c9e643a70b2ae0480fc611c5
51198c4135a9cbbf06c8928e14381d5682a8a65c083b9344bdb5cea3e1d050c9
513e799b7183f90d8ea7bccbad038fc59c610f82ab7aced911fc538f6b295f60
527e8ed040f143bdae1e2dd9b09e0af5b41a40ec8c593b06d9a3764d647a30ac
5292e19f60a4ef4b168fc470b7d5c6e0e6d7380d5bde9c0459c65a8efb1cba1f
53e79de7ed020aa4b3485c1903c89f56b0785daf65ba3a937cb2ebf547b4cf59
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
5502c36815c77ea729793a5b03c99e2868605a59c64f7d4fe8e7721f705a14b5
55697fbe4c066ae359a6703e8839bcd2ae60c38677d0eda3a4f4d8fea04027c1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d658eb2be0892523c04ca8373d2c3dd9de9b1522e783666dbd1dd675bde522
561f0617a91b096621ac6333edc08b37354ce40503454c5764554a9f33479321
5681fdd600e64a571f62ad76bddbaaeb5eaed08a7cf1a49c5e68c37692467d95
58d7578937c83a09aa87ada0c719ef38325c2ee49a3360652ed4ef6a63e31e92
59008aa886b2187bae890aea3248ca71724f2cf4c21769ae17e817860d53fd96
5962b920733637e9765fe59ee5f2219b367b21cc2cdef9f2a017a466f927b891
5c64bc84052ed4b27648e6a76d61320325a171a7c6e497f36ff9ed7e8e869c03
5cb0409c5348f33ced7149cb31ad6354c386883773600d579dde61e792901028
5cf4546ecf02750cf89b46a3f1773cd00ddeda2e39281a43502666990a2ec3c7
5d4b2b6fd44a65a28fbe37387e0fe0a7a523ed85b488f1e915f0e6e92c4de866
5dd0b5724f4bbac4bd58de274236fce36135ce302364b3b8ff5c4c3631e81139
5f3a2f23b87726a7e734ba9e86fe91b3eaa06cdc872ca2391c72f01f4105ba28
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
5f7754a2dce9b1ba53728c773a4ff81b35f6662cdf89f6dea717c85c79191c94
5fa7ccbe33d2d4f6baf2d49e9bd66ca2ff1543fa59881379b06e3fbc9aaf6d91
6084b0863d2638b03e367ba2c2e433a4d8ccfd0cd6fa0002f5267dbe7a1a4579
60c4c179463b4ed2a5f1772cddb5fb10d469d44822e0e648dafcf19ab23e4b0e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6294d5651a5a0202aa93d91b34f3bb5fdde694634a122a41b3c93fbe25c93bbf
62d9a6327f0a3dc8d6a8b08306b1bf7f051ccd6cac72dc01bd3ffa1aaa585970
645c58677e2bfe285d26f92ad76260b7e17c1099970fb4833dd338230ddb2a64
650f0298a438d1d94ade810ce788458fe92afe47f29a7e14509cdaa813191a99
6545494954a3106704616072f09caa556c3744534687ac605fc1014f1851e432
65b25f24667e48a877baeb0703c4dbf397b14ead350d0d31daae49e7612a88ba
65ec22d8d07fa090f45201a8d0b52eb3cfbfc1f5d283f216d33c1b3a59c7ae64
66ddc5fe01fd1008308e249e4269310b0c44f2ff169996a930c47d55f9413577
66de149726bc4de094a778e3fb1698d0e8f763f6b8f480765253f41f546ce265
66fa27515a653f48a7bf5ac44a5fecc33aa0df71ce1c56eea3817afb780d2a6a
68c40c9594bb42468224a2c2d5a909c7e72175a5ac74c88028b8dc7b50593a44
6925583b4197682a2f2cdce3e6c2e3c3adc5df5708439bb2970bc016c1660c0a
69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0
6ad1c857a263e2b59671ebd3907c72afa94196826b3881c721993a0dc3191ffb
6ad6ff0e64609ab287986c6d44306130201eb73680498e3011bff1d4ebac634a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b05917fc94ad80f762de7a9032b1b8ec4b4a0c85a0e85a3ebf2b46961832080
6b40b551d26b0030a9a2b04187c97f9ea64c619248eb19da2a77863099e061b8
6b6138f440c1bca2cc9ef6522b0d324219659eaf2d10140bcc9903c066eaba21
6ba39b9ef4e9b0df8dbf65358a647f657b882b43da1171a3baf95428d2b71c6c
6c9ae1b881d1f06dd17621644c14516b7a5225287ad5bb84a8d88d65ef40e8f7
6d70d5e5ce5077d4ec4c23aff7b787383d79628169e4eb869781e7ff161d57c8
6ee699170258d031d0517044298de09587516a0afc4bf0ff58f774774e0d7a5a
7034155d3cfd461b523a287d5ec4afb67d5a3904b34c0dd98d9ab52ef02f5c6b
7045daaa7d715a99fc1108627a8bd5c97beb77fd01d5df6a453eaaeea3d6aae4
70cd3cbe11ac9c35869a07f5c0a2cdcf02246d56e0621c61a8e6c88e8e915293
70d8d351338dbd0e13c2305d578d19d14d1cc639cc7819c707d9ce931b499ce0
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
71fdf3d7c6023ece9322fdd93cfc3ef8ed942d6ba93fb208641b057986d17dc1
72499ca3bf0bcdebfb30e0448a2eff8ff45b58c50936d944f203d07b8fb646a1
7257293d730b2ec1ab33b00a4ef7d4d5808982f17387efceec22c9a85624388f
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
738e8e4babe4f26dc496be3b1eed919ade66e46a7c4d2bf25029c3dd01f4b8c1
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
745097fdeb0ffd3d61c322f951065a79ea6cde580a5746b312028d2ab4995dd3
75412df45ad9712385647c7c225ed22d2d34ebfc3f33f8e8a3d98cf93568a1f4
75959325fb9d59d5d89397a5b59da2f31e1cc34941fc672955e7682c497aebfc
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
774f80a819fb44e6249888e072297e8f5841dd323985f9bd3eaab44523d07799
778cda59d4bf374327b73a7033b5a8e2184b00ca79badb671bfdfe5702e08586
78825f2c0d076c5ece3f855790f01561ee9f71e52babe220c3931299bd51e6ed
78c8ebe2c081e12621fe91b41ec808f75baa6f6539bfa70d1da74c68949b8efa
78e5bf0f7c111d526da74e62930274c12f71ad77ded6bd6dd9193b8f48e666c2
78efd3407a2d6c9b8f8c13b80320ee60d368a7119b3687bbc2c658581e77a888
7a1e338ff2896e7604147f12cbe9a9e2d647b37d0da255dd605da5d29a255096
7a3ef347399b85cdbb13aa57682829b1cdd528ee68a8cfa2e489a3601108e121
7a785e8b2ad30e6279397d656a61f70ad6341ee944c310df19593d8fabd79d9f
7a9467224c58d93d0b0774ddc39394c6f4aa98aa58900d35c888e077065a4d14
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7d51ea9f746e527a6eef60cec329bf76f02fb15c1275df7c4040199ce538841d
7d60ea320318ee1a177d90d12d600c39646c98243b5a009c1158dd31cf79f7b7
7e5657c282317e3e7792d92fed4e3cfe8bdb1f5241ecc28889fb0f67318f8732
7e7827217a94d1d1020058638a3ebc7d637615bbe0696879d60dd75ca50a07f8
7e9bd2fd825c5f0320be96f92b2fa16c22dd53c33743295a30f391344988b93c
7eeb51ffec008a9304a44d6a468bc5a6201e568eee6fc24c0df13556d699c163
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01
7fefb9ff941f766fe52bcd325785196ecb8c3644b50133ebb19326bd87066e88
809901696c445170eaaf43cb6be803728a74f342cf2765ae18ca02d50bb6362c
80c1a71b0825d5c2a91d238da77ede821f8df46b20974aa774f5bc03aefe6a45
8182c2ba46dce768a5570e5f9f6c6b233640749387177912e275c8419f0069f9
82aac3c8a0240268a317299ba5c3eb3ba1205648b3fa2a80e01f0b548d884880
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832e8a9433137280a40c993f882c3db72bab007b84e4752f623fa0bae2afde41
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8364993fe79ec5386ecffeab216f79b6712cd18491182690f87f467d2728d053
8375e31c2712c3b47a25c5142d99f05be77c8ccd57b1c67fa3822a55668dd44a
83a84b394923bf33971950d604b0f97952acb960e30b3c05926d80659c480188
8403899e4eecd1bcd1ac753e8aad240ffc60f9b9d38b922f61934cee496a3e91
84221e6c0c5f950b44d38a40bc19ffa9a340b2a5d207cb6f6461b84d474f2555
84ab4c96d63ed2e5b34db2304b4fae23e5dd8e392f9ebef756badab5ffa07d09
84df613ecd85c89e75fb6212f5808d88a4e655f3da8b7961fd5159fb32ab6a11
855fbcb56b6e252f45b6a73df7d68271e5b2f72364bb41275bc758a3feae96cc
85fc6174ce4620ca01e50174ef4cb0317d5e8574a634bf1924b63dac85d8ef9e
8668702ca9c30d629858b6da28f9f23d4d65b9901e08ba66946b274ba591c436
86dd90987bc7c8f495426b395d83455e04d7ab1176b6dac16a88fb6f89367a50
885730ca6e2ba1646931a99ca5a7f39bc4c0fbf9cb2e5a6ae66db1080e200f59
885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
891b68419fdd5fd644fac36a5554fc83c7d36160fbfd56eccc9cc35155d997ac
893e77a09a16aa5eb568f7445e9042b4791a424645a4f19dc15f7c7ea9f81698
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
89b173278c5636bfcf7d1ffc6cc82622f8a454305c5fdd2be6641bb338aff31d
89ed24333afffa10aa495a82a6734ecf2f8d3dee072708e685d7ac4380146347
8b018f909b3b33093cf97487446278ad476fc1971f425a863384144de528afc4
8bcac8d081dd5a705d9f51acc519536f65ef3c5761e7140132e97fbc5e90ab58
8c9720ff7b127eeb29eed4649047707162f0d1c57aa8d217f4fb4a47264ed12f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e20be163c21dbdf451e1c676883271abc29407bdaa3aa7e013b4dfd36b2c6b3
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ea379b580a09637721c28ea1e40c91d7d30657b1d2d91cd0365d030d1908126
8f6d694e148066e3fe90ba2f8630b2cbfc3ddb78e445ce5216f85fb5bf8f2160
8f97fa5818ba52dd031853fb7ad157e88de94a21f6bb8456db694d66712fe65a
8ff8245284c5d02b6ca754d8c55be129b2c68e4ed104550a51533073423bedd4
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
908518690d6f7b271c11819997a4d0fab3647d5b1c2d851df6765bc2260370c8
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91e30b3abc8f7312124bb2a75a5a3c40a2271fc5d32be803cce36b1376e05e88
922eaa1f6eacdfd6639c4863e1cbb3fa180c02c39ceeaa9264691170275b2fe9
9320aefda898669a70165a032d00d6c35e2cae4a232890f3a88e2b628ddea4bc
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
955c6c31f165d8901751da00b0eb40938d1777ee87c9e5d0e215ca2ad3e9fed1
95f45a07e6e2be78b5a835947bddb74172c9b0d9316ab624ae1508dcd90e7684
962d6dea088b031cd44d33f937adb5ba241a9435aa32a8be667d57482b8bbe1a
98a0cacca0d1fb08b998161b9e8262f857a6c9d5b2797b05f2ad1682d95ce158
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9925c6065089025b6ba0f8d93d80dd327d7c0de03f0bbc2f640fefec4364592a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ac86f9bf7cddd7963a2df2dfd00d5bae17aff357eeee30a091c3160d86f4202
9d1a83866a35d5b8d73120a03689fffbcc20a5067ba8c11944b844303f61f940
9d21519436c69f8048ad992a8c089600818ca0339e421c70e8a5d99d45be1270
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9e7c8ac15d173afeaa02e877a55f1aa4e5439ecd3497133a4c0a634aec205b90
9e9eae96a4a18d34b91d11b7fb4612d905ca45a110a55056ca05a27981653e37
9f6ca105c08004b8a6ff98cd37eb247552afc816bcb6c2bf74a7e3ea8688653f
9ff08560f14f7f0870d28f0ab67261cd4eb22a267b26dd7612734bc8b2e92bc2
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e9db79e9136bbcb41984056cb74a68a2442361bac52ca1ba45fe6d26405d51
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2bfd9fe607d28fd07b05046e622818b8b5b94a358d53853a0d3f03e597cdc71
a48bef477dd5da681e93f9ba2f39b7c33653ef4f5172bce854b448b73cb363ea
a491af70859c77bcbc3a0d2c0744c868e3c44a78382531e153ad315272877d7e
a4f1b77a21fda3ababa1e603818a01e943cbcd5cd5e5b0d3902171531b29e0ad
a519996db78bc20a1bdcd20c020393305c7528436a7e7230cf14e5fb22759bc8
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a568e9f19d288441365da05a762ea619b5f1b49ba131df40e4a6bf10ce022d54
a70eb6e0553b8c7aa32b2a6ea38598ccb648f07803cebc1c9df16ec04000fed2
a7e081ac2862a2c9fe794a716293c201eb0cc90623edfe349438c3af8f58ca6a
aa91beed35405bce612652d7ef5b7255e8120bd6bc00aa0f13b3f42f5af970e0
aa91bf9506874bcdc8c6e193d8d3230599c4d7f55c3268ff476949d3de9b5216
ab685c3c71fa770524de722fadfa61021debdaf0c7678e24a4ee113779bf7f21
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad22af17099959c6c05cc8f11cfac5e225e81216a65e70f296bfca34b60e9789
ad64ce4213a2e267543b033ed1ec4cfa3670c883e7ae58e2f65e6bd538b5589a
ae20175d544428533ebf0b3d2a9c9e1faa009dcdbe3e49a33dd503112145a8c5
ae90c0029bb3718a5b2ba8022e9f669f08fbed6fbd4c5fb5e101e3ce108c9d6d
aec687923f2e182639e80a81f1eaf224c1b696157eb1f3a4c5caed8f91a57fea
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b159ecc236252d7d25331d47c209c7bcd4e54adeb375a8881e88c91a2efe467b
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b32d53fc4f01372ea08505f9ba214ee30b8f7e464f03c8c7cbb3456015398fb2
b4edaf9f06bb71a5ce5a1daa73d3606e0506d86d3d2b847b6bb333a92b848fca
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b762f381a52cb44d27b1c836333547a4d866472f0d4b0a765da5be19bcda6d30
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
b924c0f3cca5409ff9a2c9641e5610cee45e81ae4d315dc6bfa594dd0d5ca663
b9487c605b1e31ef688b8719c4bc940c5b29cbb78e21fad5428538f960074ba5
b9b4a80560fbd7a4f13bdac9fbc0b330a43ab3bf6079724362cd1c0cd3ec2527
b9df5918b66bf9e1be73d74b09b3cf3d14885dead6a956b50e1a12e7ea9192b8
ba8451f39b0887dfff955335e5bf9007d350bf5c2d9f5ef697e07275ecbc331a
baa8bc545f507b98ebfc8d1bc7a40f0f059c2fe50a86b00150587edf31d542e5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb6a4ede18ce3ace0904a7aa83afccc0b8de437d72cf65bb991bfabce211580d
bbd7270df5fec9e9a114f9bec7db3436f33282bba9b469d610c2e012a53efa09
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc3f299c65309fadb24e23a3a2976cb09bf368c20c492a04f7c0a01945ac735e
bca894724ceefcf243636b8e5a57265019d79dd2664270f81f1c3fb5ab317894
bd6ce7643866a4c1392bfda2a2ac69b1c65bcf67f0b7b0d1c8f9a691d7651be4
bd6d264b492c4fa61eef03366ade98e435317593718eedc6d2bb2075684f989a
becf6fd8cb2a3a36d3d3048c5c9a76dc6accdb80d271f676295b4d55980a68c9
bf5cb5cbadcbbfb5560f7a66eb69a0bc2aabab171bfc75512f5b4cbebd0880a6
bfe555be78efec6fde29edd9b0169e3a7c0c4e61187fd2584f5d9a4719ab738f
c047a1f80d80d4157a386e058ba6df0d836a3e33966744c49746480d2f5fd628
c05e5ca1f06ebf70189cc9a35b29d1aac28d9ed4bc983e102122be6a378ce603
c0bc4ebeef055988ac53e5b06d779f323cf800937e42713a516605f7e87bb76d
c1026d524c1c7fe22fa69e1ef735c435040e65e037696c12db688a0f9b9e1798
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2a2aded5bca356748af4ad6c29a153636c5d6dc399ab405a43e1cdc101d0607
c2f9aa48e9558c83410b287551b1b76c49a0570b1384b3caed8d8b0c62f9c985
c376bcc8c95fa807daa0d92f87d1dbb2e47ea5582397d66aee8bdbe20490222d
c387a224147908b2c32356bac948199878f42cd6413965d1abf266978605189a
c47b5a01db671339098d535f5e4ba9b1aea4e8f6a587115f3c5fb1c5f536c026
c540a738830541d90f744525d7954713a0fb442c663fbb8b36781ffeeadf270f
c5b7b8028c346e2a25f27a56a9893669f0fe237c259841f39be6ea8a8c5ce794
c6f4557c4456e2a3e62f734b6604267ffd57be136eb46222c5619a36804f5513
c73e2713d99d94dab10f137eb7e3c03d2fa05ff6f80dc56f1955aef7953486ab
c98d2570404e47d7bb871c5c001a7c898558b2f5d8276d697311eb06e37176b8
c9d685ce0597e95e53f9ee1afd2fac73665d3333457a9d4d873542ccd7afe50b
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
caaecfe6d9db485166e9b6400fbfbadda5a6c054e578463d4bfa3d46b3dd5a7b
cb103ba00caae9ca976d9a2db4046ce1172a003776693d40ede1bc93283b6f69
cba26c68f8d6c20aa083b17d619b921289a8a201c8ee0431381e341c044fff46
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cd3bec578049163e4cd3e91e52d55040e999465b011fde978ca10b689317ac4c
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
cde28e24a7f302540490018c3f1687f4b6af79543b69fd162c98970a0ec29ac7
ce658fec86c1f9a68dfdfcd3a26f13e51f5e6002c96fbfe1010b72810aa6bea8
ce96f7696dc25f5f14631ecfbd0b268c20c3d47d5adcf4569ca0d22efc38d2d7
cedf903226b3c65dd60a0ba349211ff4f6705cf3722703f1d7150e410d1923ab
cee2e898c68b9c4bf7d3cc782ec02e0ca93a9c0ea0183cbd3132c9378799d106
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d079ef0936a792b48200c9d8f3244cbc32286decde98183d7f559ba1553cab13
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
d1fc09ab10d5d51017d62ad3ed8c21d24b774100f033dde2f3162a2ce7ddc671
d2334800abed0581eb624918383a4672c5eb1632139f8f284bd29f9c4ac7db61
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d598a76c194a6b555af16111ebeea806848ca2e56c8ebe13c128e461cb7b60cb
d77a8d5a7107b5cfbc5ff1df45f0e5a18c2c991b538c7ea39c5da9ab0b8d7ecc
d811a4bee69c838dc22237884d72d567d31259ee5f61e1846b31b3fdac3f3307
d865d299275a3ecf877f5e52048ad06bb1490eb65e50505bc4ac1cf2a0927de7
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da8ffc9147bfc3a8486493d8fe4cbcdb7bbd9381bc9fc67d46e1660d7e60d176
db05d39ae4bf44734a8276f66803e44b71e49cce115224575f3d948cbd9cbf86
db96b6a99086c9be15073bd9c0d579f9621c39684c0918a51b028e13381c6239
dc3a0e2e935e1287780338713472a6ab77cfddcd82259c9d6bb4317de0d93898
dc4975745b326c02a0e5589f352a2f1954eba6dcc7425844d153e737d1bfd434
ddd74f234a0a311775b11b5d55c226cf0ba278d6e02cc087d30ab81ee10d282f
de8712eddc4c1d3e8a057b4cd76cb1402addd39fc80d9a92e8eeab00a435833d
df62a85c145869ed317e169559c07aa331c92d799e3a000527a71bc1a28f99c2
df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446
df9f9cfb272c731cdf1d1512b5b895a6e6251ba980de3e5a22324ea112d529a8
dfd251cb9efcc375ca2b4edb240bc6deb399ce53798c217afbc0a33cb195cb61
e24cb3a4306d966fdd7d86193e7e3aa32ee307d864d5d639ec5ef821fdd49906
e31763b17bd5c4ffe1ddace651407190acbc12fc9b1c5fc6dabce0adda645f2d
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e425bf4d1c295fd075a6ebf444bfaeab7080a8339e4a7e47e62aee628b804481
e432a20aad47702cea9a13b047e1b86b04d0374f9b41157af7916498c93cd498
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
e4d8cb7cf484bb7e216b0da5d9785c8af59236e6e26901bc49bb03972bae3892
e55c01e3ca797dbf8af251c9d68755f6039f7792afe6866e46269e4036697d3d
e5a0588e409ca07afce916fbb84095840b819a143b7f8a702caf1b5e714cfa8e
e6a3e3e68f2bb821f3d303be31e30b990da42792e6342067124b82c8a88df8dd
e6e797a73fabcaffa3f52f68f3a8a9cdd19e4b836059fbd9cb5a3041ae67b516
e6f528cebac9b1597f1ddc32d408f660e5c980d38e73b530494ea86c02b233ba
e818d03d9342a84db2b79ba5cc85fc6aaec66d773b93dcad734054c6f8f4dc4f
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
e87d989cd9e9d666b235b23b2702294432c4f858ff0589f90c65d6b891e8a855
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ea5dcac6d3c08f40d01e85fdd30081a0e9f40c7e83700075d6d36d0be4721cbd
ea84042ca3c1917aaea41eeaa291aaa87c97658dedc8bc62bd0d6f090136da4d
eb53e5ef9b8c3f1fb6b33895bc87504dc215a5307a9c48706563f75b24da8bc8
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ed8343699e054a0900f23319e31cba32ad43bf77136313508ea25d86073366bb
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
edd1217d26d4d7d337f8c8063b66e04daf73759097e1dc2be5921840b3ee84b7
ee0ae4248563dc381f487aa661d074894d4d675025f2e09d83fff30804396323
ee4ac951ca99f813f37feec1c39ed47a7a2947e2aea963254e848f5aa9b04418
ee8470de2e9f9887af0298cbcc9a1f14608993023959bbc6b5957febb917d65f
eec2dc8130f4a9a79e2c11092a898e8360034b0e5acb704d644f8031e807a991
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef689833844f1c100571bc1bcea6c1325e6f2e3da192343a49650d18b8781411
f05330bc0330060972600b53270ab622e77a783ffe8db7d1ca20fa4a3f5beb68
f1888bc2e4ccadc3b31acfc20f33151d3cd41a79df326883d3d2f0c0b96af191
f2ae169bf1922df4d3549ce410627b89562c3dac72cdc3a7dec4a12689ce19d7
f2c2d8760b4abc3e09320f965c2f765f350ce42003d3fd7d61db7bb753b6661c
f46e716c860f5553ebba27e8f8e4099720df32dfdd26145458f3bc31d12e6849
f630bbe4045a0ee7ea0085583c91297d553ba4827ad1782a992a5bb4cfbfa995
f68687158d2c493d42ae6dee2f15fc2c761da3abf8d92c4474e1dbc527b6930d
f73bcc33a51b42fc44cf95764174e3302e3a940ec3eb1429b733c9ef5d36b87a
f769320c043fcac039c1b87ae5104b22b4b419b02c61c71e85d1425f8093fedf
f837866795d2a876b1ab1ffa8720fb1ae4424f82310722203801d64082eab093
f8b3bbfb9725373863d2b34d9a47cc2601d2f428e1e77abd7d2e9c3407333d18
fa06ae650b7f67219406246c0410f957bb9ca1f311ce09b8b351def2e2a811dc
fa1e7d9dce7700cb108f1075a3454dd6f99a72e59a5a4c659ed9c245624f4fb7
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fd0d8e333ef3fc5f777c1dcabab5ec4780dbb61995ceafc2330c6a77a2bea693
fd67cce30de85b9e80ee4f44f771dc0bb3149bfa527522eb8799ebda0fa65e28
ff3f9a64105bc41cf93ca8e620e907d68e8969361dfc7c56c0d74340a26b865f
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876