www.folkd.com Open in urlscan Pro
2606:4700:3035::ac43:caae  Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9364.LC4-NTT9qtrgibPtr_hG_OuIYyVnJDnT-jwc-VyrWjodZsXZcYYAcmdXkr2_BiKt.52ZtPqHQHVga12S9jNPgcJk-lUk%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=9364.axSSoY7ejI7v-xCPUyii8VMOwbl7JxmAJvr5BnF0dfVC9XxyMeu7cw6aGJYmFl5xG61RN7Lx6KyeHCjjHJgvjA%2C%2C.2ES3eLTojEgoanCmb00tdglDBZk%2C

Request Chain 37

• https://cm.g.doubleclick.net/pixel?google_nid=easymedia&google_cm HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=easymedia&google_cm=&google_tc= HTTP 302
• https://brain.rvty.net/RTB/GoogleMatch?google_gid=CAESEBcxY7r2BacixS5iYhGhQBw&google_cver=1

Request Chain 39

• https://mc.yandex.com/watch/71239210?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A258%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A956837043128%3Ahid%3A45039992%3Az%3A120%3Ai%3A20210813112922%3Aet%3A1628846962%3Ac%3A1%3Arn%3A325554409%3Au%3A1628846962727108341%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628846961647%3Ads%3A1%2C18%2C132%2C1%2C0%2C0%2C%2C153%2C1%2C%2C%2C%2C309%3Adsn%3A1%2C18%2C133%2C1%2C0%2C0%2C%2C156%2C1%2C%2C%2C%2C310%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628846962%3At%3Avieclambienhoadongnai%20%7C%20user%20details%20%7C%20folkd.com HTTP 302
• https://mc.yandex.com/watch/71239210/1?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A258%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A956837043128%3Ahid%3A45039992%3Az%3A120%3Ai%3A20210813112922%3Aet%3A1628846962%3Ac%3A1%3Arn%3A325554409%3Au%3A1628846962727108341%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628846961647%3Ads%3A1%2C18%2C132%2C1%2C0%2C0%2C%2C153%2C1%2C%2C%2C%2C309%3Adsn%3A1%2C18%2C133%2C1%2C0%2C0%2C%2C156%2C1%2C%2C%2C%2C310%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628846962%3At%3Avieclambienhoadongnai%20%7C%20user%20details%20%7C%20folkd.com

Request Chain 40

• https://ad7.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=e6ad5657cc&subid=&uid=5b3d965ba2feca16&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1628846962200%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3Df53a60d741974108859ea90f3ee35e26%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=6879392633121&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
• https://ad7.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=e6ad5657cc&subid=&uid=5b3d965ba2feca16&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1628846962200%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3Df53a60d741974108859ea90f3ee35e26%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=6879392633121&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 41

• https://www.awin1.com/cshow.php?s=2470169&v=11354&q=371933&r=278235&pv=1&pref1=15813700056003101324219011685007&gdpr=&gdpr_consent= HTTP 302
• https://www.conrad.de/ztpv.php?awc=11354_278235_1628846962_f16b7c61-fc18-11eb-b149-692d057bce79&insert=AW

Request Chain 46

• https://www.awin1.com/cshow.php?s=2470169&v=11354&q=371933&r=278235&pref1=15813700056003101324219011685007&gdpr=&gdpr_consent= HTTP 302
• https://asset.conrad.com/media10/isa/160267/c1/-/de/summersale_160x600?format=gif

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request vieclambienhoadongnai Show response www.folkd.com/user/	29 KB 7 KB	152ms 133ms	Document text/html	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.folkd.com/user/vieclambienhoadongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 82fb009f133c57c82ee1cf0a22b5fe95dca8cf339ad6f64e221d792a6c3dade8 Request headers :method GET :authority www.folkd.com :scheme https :path /user/vieclambienhoadongnai pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:21 GMT content-type text/html; charset=utf-8 set-cookie PHPSESSID=bnq22envv6fo1pcpsqtn66j090; path=/ expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache vary Accept-Encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xsju0DL%2BmCK%2B8bPwF8JlWKXDQxAf7mKgyFQVqpLc%2Fx4MhFz2UCXHxe0tYXKlnlCil0n8Myoze3CqupTo1FRF4Cy2tHTlTE%2BKdLcPJYrfRTh9cAaimA%2FePw9HgIKFcygC0yQxwvVcup3fdaK"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 67e0eb2668e32b41-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	folkd.css www.folkd.com/styles/	39 KB 10 KB	31ms 18ms	Stylesheet text/css	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.folkd.com/styles/folkd.css?v=1.20 Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3db2e09adb3a038fa2efa016ef16f84ec56aed13a118201d01ed6b4fedbac56c Request headers :path /styles/folkd.css?v=1.20 pragma no-cache cookie PHPSESSID=bnq22envv6fo1pcpsqtn66j090 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.folkd.com referer https://www.folkd.com/user/vieclambienhoadongnai :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/vieclambienhoadongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:21 GMT content-encoding br cf-cache-status HIT last-modified Mon, 25 Jan 2021 07:03:16 GMT server cloudflare age 515 etag W/"9d15-5b9b421dc4f0e-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVvz1uPDTqJHxvJEB%2F8WjzvsX%2B%2BiW8rqnfdQU9fRn0ywBydRgYZzcuhwCy%2F5wJplJMicdQDzL4jXTND3Y77qdjGEUDPb9xqPev%2FIOBqxeLLFvLl51JWgm%2BxZ5DxhISuKVdJIUTU1A3dzmrVf"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 67e0eb275e90d6c9-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 646 B	16ms 15ms	Script text/javascript	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 6bed7d524d55f242ceae38dabcb77a7edba15b4eee78134f6557b2c668d3556e Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:21 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 554 x-xss-protection 1; mode=block expires Fri, 13 Aug 2021 09:29:21 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	140 KB 49 KB	55ms 33ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash dd902c8972819fa72cbec32cc1e70809717d9a174b23ec0ce2cc831e4f82ae33 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:21 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49916 x-xss-protection 0 server cafe etag 16652301563836661712 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Fri, 13 Aug 2021 09:29:21 GMT
GET H3-29	200	logo.svg www.folkd.com/images/	2 KB 1 KB	17ms 15ms	Image image/svg+xml	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.folkd.com/images/logo.svg Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56356001ba467fc7240f786c964eb00db91e14603b30b527db7c0db54526b425 Request headers :path /images/logo.svg pragma no-cache cookie PHPSESSID=bnq22envv6fo1pcpsqtn66j090 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.folkd.com referer https://www.folkd.com/user/vieclambienhoadongnai :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/vieclambienhoadongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:21 GMT content-encoding br cf-cache-status HIT last-modified Sat, 09 Jan 2021 09:15:21 GMT server cloudflare age 4072 etag W/"68a-5b8741cb69c40" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KagevwIsaPpB3KtfTnEWunZ1NzJ1zLumXDqdMEWf%2F6vnMti2IDfyW5pKJlrJCI0TW3OyBOJvLP5OaJTiN0i67AXGbxtfTzHYpqCLfWlyV2OHAqXEM%2Bqpn4JZYpS%2F5WXL3rWZ%2BdOd5AmOW%2BdT"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 67e0eb278ed9d6c9-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	offline.gif www.folkd.com/images/	910 B 1 KB	16ms 14ms	Image image/gif	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.folkd.com/images/offline.gif Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03538cc5b5491d983dec8a3b1f5bcfbbdd3f07f7a2525b4074e189664280a7a5 Request headers :path /images/offline.gif pragma no-cache cookie PHPSESSID=bnq22envv6fo1pcpsqtn66j090 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.folkd.com referer https://www.folkd.com/user/vieclambienhoadongnai :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/vieclambienhoadongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2249 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 910 last-modified Tue, 16 May 2017 07:09:28 GMT server cloudflare etag "38e-54f9eda3d113c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWdeMTzmdNUwPTfClDVzioqBtep7OiUAdpBBGvHPmMsGxf0y8vLH9VKoCYJEets4OmaX06prlQDW%2FX1mRbQJxHFSsLXeJtA1KqeZqTMFKZ4Zd8P2N%2Bz5QjqjiPD7LTGyWivQFlhfizYMpbEQ"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 67e0eb278edad6c9-FRA
GET H3-29	200	userTkcEBFEAAg_big.png www.folkd.com/images/	7 KB 7 KB	39ms 37ms	Image image/png	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.folkd.com/images/userTkcEBFEAAg_big.png Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 547bfceaf709b040835484d1995c17a4eca8ee48eb4703352c67dbfe27c7c706 Request headers :path /images/userTkcEBFEAAg_big.png pragma no-cache cookie PHPSESSID=bnq22envv6fo1pcpsqtn66j090 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.folkd.com referer https://www.folkd.com/user/vieclambienhoadongnai :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/vieclambienhoadongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 398 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 6755 last-modified Fri, 13 Aug 2021 09:22:43 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=or4gG4PRB%2B%2B57SldR4sIWS3y6A9MrPpSJIwybqvEwSdegpAEcFcwDvITpoGCbahJ1ruD%2Bh9mig1UBvoRvFMbR30slXp32ywlcVDekK8rneIqzPvZh7H0XX3XS%2FhvVIdAKJApL2eQVTuhwhsT"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=86406802 accept-ranges bytes cf-ray 67e0eb278edcd6c9-FRA expires Thu, 09 May 2024 11:22:43 GMT
GET H3-29	200	userTkcEBFEAAg.png www.folkd.com/images/	1 KB 2 KB	16ms 14ms	Image image/png	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.folkd.com/images/userTkcEBFEAAg.png Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash da04fd5fa27be5ef40b10598ed8f1aa55e399f92f69a40e9527c715241dc55a4 Request headers :path /images/userTkcEBFEAAg.png pragma no-cache cookie PHPSESSID=bnq22envv6fo1pcpsqtn66j090 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.folkd.com referer https://www.folkd.com/user/vieclambienhoadongnai :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/vieclambienhoadongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 398 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 1481 last-modified Fri, 13 Aug 2021 09:22:43 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwUkxEREZlk4atLbj37mjWcuKw8kFeqhv8VRbWBZ4hr4JTZW6wucu57aYc6K%2Bp4eZ2Lz%2FmX3k26NMRgIzELUjF5%2FTP14UK%2BGG1mknsWaelQRSauuzGgSWMfXsFO8LJnu93js1Y3sxEo7%2FZ47"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=86406802 accept-ranges bytes cf-ray 67e0eb278eddd6c9-FRA expires Thu, 09 May 2024 11:22:43 GMT
GET H3-29	200	div_x.gif www.folkd.com/images/	971 B 2 KB	18ms 15ms	Image image/gif	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.folkd.com/images/div_x.gif Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8180abcb91f876e9e3749696063dd70d4125c5389b83b1a85715fc7fea7c4486 Request headers :path /images/div_x.gif pragma no-cache cookie PHPSESSID=bnq22envv6fo1pcpsqtn66j090 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.folkd.com referer https://www.folkd.com/user/vieclambienhoadongnai :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/vieclambienhoadongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2291 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 971 last-modified Tue, 16 May 2017 07:09:28 GMT server cloudflare etag "3cb-54f9eda3a03ff" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHnE2FY74LcTQ%2BnWi4FEX%2FrzVlflm1C%2BoWT9KDgEz0RSocGqPQvHZYApUm4X8RH4JkxwRRRnIQqT1zeWWW%2FNwFrs3dUGB6c845GSh50Dou%2FbqUjWlHKzJ%2Fik6%2Fv4cG4kdX2Xq3BAqyrh5h54"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 67e0eb278ee0d6c9-FRA
GET H3-29	200	dot-tag.gif www.folkd.com/images/	989 B 2 KB	19ms 16ms	Image image/gif	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.folkd.com/images/dot-tag.gif Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09e1e05e792c205625b4692d601237e48a5d5b468b7399bf95024ac833feefa7 Request headers :path /images/dot-tag.gif pragma no-cache cookie PHPSESSID=bnq22envv6fo1pcpsqtn66j090 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.folkd.com referer https://www.folkd.com/user/vieclambienhoadongnai :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/vieclambienhoadongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4074 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 989 last-modified Tue, 16 May 2017 07:09:27 GMT server cloudflare etag "3dd-54f9eda35fcc3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4offtm%2BmgpxfpOEKd0u0%2FZWqyWkae3N3BMEkbiks6O0BD2CbJJJi1xQzFDAfsuukMafHnNEfH5SJL2QNqXLMuKse69rrnNaXW%2BRHA4fizoSr76D6658hF6%2F5n%2FlGoB5OG7j98%2Bjkzd0h2v6b"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 67e0eb278ee1d6c9-FRA
GET H3-29	200	email-decode.min.js Show response www.folkd.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	10ms 9ms	Script application/javascript	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.folkd.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers :path /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js pragma no-cache cookie PHPSESSID=bnq22envv6fo1pcpsqtn66j090 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.folkd.com referer https://www.folkd.com/user/vieclambienhoadongnai :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/vieclambienhoadongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:21 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 05 Aug 2021 12:35:03 GMT server cloudflare etag W/"610bdaf7-4d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options DENY report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nC6viQFo2F%2BU7VltKkGcXPcKzY5Bc%2BkS2%2B5KJ4bmNkiBtWHXHNl2Vvy7XR5PM8feaM0GGi75kG1sSh6RvQ01p8xQm%2F9qAAnXvxFiDnggqEYQOKp1Oq2WcYhVTHbsv3m1hvD4arT%2BwHAA%2FcsT"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800 public nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 67e0eb276e97d6c9-FRA vary Accept-Encoding expires Sun, 15 Aug 2021 09:29:21 GMT
GET H2	200	getads.js Show response js.adscale.de/	25 KB 8 KB	79ms 24ms	Script application/javascript	2600:9000:21a8:4800:f:4f64:8940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adscale.de/getads.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21a8:4800:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5e13ad0fd149b388477adcd6417fd3cf2bc0a71f614c5a51e1845f88ad3b8c12 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id eyeA48zhI0XdFKGFfEELJ7lqKdKD2mHI content-encoding br last-modified Fri, 13 Aug 2021 03:15:33 GMT server AmazonS3 age 5900 etag W/"50bb3a4af6413e0bf7a261465cbb90af" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 2ef602bfa230d0b0e1ca0a28f22a91c9.cloudfront.net (CloudFront) cache-control max-age=7200 date Fri, 13 Aug 2021 07:51:02 GMT x-amz-cf-pop LHR61-C2 x-amz-cf-id q-Bz8xep7N66A2s7aiCLaNxNIY3_43cK4H2nqnRRZvkSyJ2N-4l6RQ==
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.4.2/	70 KB 71 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 04:13:43 GMT x-content-type-options nosniff age 18938 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 72174 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 13 Aug 2022 04:13:43 GMT
GET H3-29	200	jquery.cookie.js Show response www.folkd.com/js/	4 KB 2 KB	16ms 14ms	Script text/html	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.folkd.com/js/jquery.cookie.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5 Request headers :path /js/jquery.cookie.js pragma no-cache cookie PHPSESSID=bnq22envv6fo1pcpsqtn66j090 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.folkd.com referer https://www.folkd.com/user/vieclambienhoadongnai :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/vieclambienhoadongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:21 GMT content-encoding br cf-cache-status HIT last-modified Fri, 13 Aug 2021 08:21:29 GMT server cloudflare age 4072 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sp6es2mb%2B2OzNRScEIvKq3Z71Ms0Fia6xBd8rkfCrAinqHadPeoc10owfCAj7ZwmA3eK8ntyMaWPtJnLmanGpLUi4HD83QGDqpxIVjGVD2tIy5MpHDl3JaM0FVIwieiZJrT972FJ7W%2FbyE1"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 67e0eb278ed3d6c9-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	common.js Show response www.folkd.com/js/	12 KB 4 KB	42ms 40ms	Script text/javascript	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.folkd.com/js/common.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c5cdd1311fda5aefb51f9945fb526884dfc01e9468dced4bffdb4bd65b5a723c Request headers :path /js/common.js pragma no-cache cookie PHPSESSID=bnq22envv6fo1pcpsqtn66j090 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.folkd.com referer https://www.folkd.com/user/vieclambienhoadongnai :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/vieclambienhoadongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 13 Aug 2021 09:29:21 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dsuu563JW4A3mtUEg3cyzjcNHiPk0%2B5XrmKl3dKo4XIKCSe7OCs6mRxXrUuRPZPiM4E7AfHurdqkF0rQl2ufxj391MxkJhNyb1j3At93r%2BHW9btIAlvKXWum%2B0OwfA0ia2anWxxrq4iNORMa"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=utf-8 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 67e0eb278ed4d6c9-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3-29	200	page_userdetails.js Show response www.folkd.com/js/	483 B 813 B	39ms 37ms	Script text/html	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.folkd.com/js/page_userdetails.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ca7e8fd30f014ba4d5a9a1e6ea49beb7df76cfe6053e9ca0cc267f45f92e1a8 Request headers :path /js/page_userdetails.js pragma no-cache cookie PHPSESSID=bnq22envv6fo1pcpsqtn66j090 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.folkd.com referer https://www.folkd.com/user/vieclambienhoadongnai :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/vieclambienhoadongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:21 GMT content-encoding br cf-cache-status HIT last-modified Fri, 13 Aug 2021 08:32:44 GMT server cloudflare age 3397 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrRGLX5dZAxID0NMLzLpiGciAUnNa24eVytn4I5UW4vE3Qd6rSu0HrqnnCL2RXUC8p4j3E5ysS9S8IvWwApcFIDapVyyT9zEIRTVwqVmD%2B1yw0mPIswwYjKVJGEVqz2NVXg4zEmaMRj890%2BT"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 67e0eb278ed6d6c9-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H2	200	js Show response www.googletagmanager.com/gtag/	100 KB 40 KB	23ms 20ms	Script application/javascript	2a00:1450:4001:803::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-4499241-1 Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 633c24bb9188a1341e3dc8bed39a99a91986341ed1b78d0a31fff9251b9fdf20 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:21 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 40857 x-xss-protection 0 last-modified Fri, 13 Aug 2021 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 13 Aug 2021 09:29:21 GMT
GET H2	200	recaptcha__en.js Show response www.gstatic.com/recaptcha/releases/tFhBvPrftr7Y91fo1S1ASkA6/	342 KB 133 KB	28ms 6ms	Script text/javascript	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/tFhBvPrftr7Y91fo1S1ASkA6/recaptcha__en.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 96df2ae6d72e2dea34a94aa91170b68e53e53df65a1c5ad3f8d301780474c718 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.folkd.com Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 Aug 2021 21:36:21 GMT content-encoding gzip x-content-type-options nosniff age 42780 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 135905 x-xss-protection 0 last-modified Mon, 09 Aug 2021 04:35:19 GMT server sffe vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 12 Aug 2022 21:36:21 GMT
GET H3-29	200	folkd-sprite.png www.folkd.com/images/	121 KB 122 KB	19ms 19ms	Image image/png	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.folkd.com/images/folkd-sprite.png Requested by Host: www.folkd.com URL: https://www.folkd.com/styles/folkd.css?v=1.20 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 688811b41e86684db597160601b55b64ef059d2fba49dfd5651d65f865de7738 Request headers :path /images/folkd-sprite.png pragma no-cache cookie PHPSESSID=bnq22envv6fo1pcpsqtn66j090 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.folkd.com referer https://www.folkd.com/styles/folkd.css?v=1.20 :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/styles/folkd.css?v=1.20 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4072 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 123879 last-modified Tue, 16 May 2017 07:09:28 GMT server cloudflare etag "1e3e7-54f9eda3e49bb" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVZ80FW0Fcf9lWcjddmwvHQUfodFLtbdjBkigcjpF9hPppgGDbv9R7Vwvv8fF9S337KOr4BRKbecJ7odD55q7EU5%2F7o9vLE3gkqZMnQtcRXMFgsLQzCEIXoi4QkVXpQvuxgqbgcbmvmGul2h"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 67e0eb278ee2d6c9-FRA
GET H3-29	200	new_updates_bnr.png www.folkd.com/images/	11 KB 12 KB	16ms 16ms	Image image/png	2606:4700:3035::ac43:caae CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.folkd.com/images/new_updates_bnr.png?v=3 Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:caae , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a6c5626e0eab1555c89fd50d7f166f3e5ecd812a28c94fc842051dcec1191a5 Request headers :path /images/new_updates_bnr.png?v=3 pragma no-cache cookie PHPSESSID=bnq22envv6fo1pcpsqtn66j090 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.folkd.com referer https://www.folkd.com/user/vieclambienhoadongnai :scheme https sec-fetch-site same-origin :method GET Referer https://www.folkd.com/user/vieclambienhoadongnai User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4072 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 11344 last-modified Mon, 22 Feb 2021 14:37:04 GMT server cloudflare etag "2c50-5bbedbc478400" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bejkcVKekre36lEEVXlDGuJ2PZFuw7J94PlFLJg9oENFpGxnkVh35tGafC7QUG3m%2BsoUsQKUPzz5G%2Fp9UTKbPEmxPsRWkM8wlDzuKe7cPhLvqyA%2FoEKr4XMTG4nD1vjW03LvFXNw1GreJR6X"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 67e0eb278ee3d6c9-FRA
GET H3-29	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/	252 KB 93 KB	47ms 31ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d05921972a05d43b86b07c7e074afff197f96c2f953a9f8595c2b59ba34cc3d9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:21 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 95570 x-xss-protection 0 server cafe etag 10066065015092213272 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 13 Aug 2021 09:29:21 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/ Frame 7BD4	10 KB 5 KB	6ms 6ms	Document text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20210809/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20210809/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.folkd.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.folkd.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Thu, 12 Aug 2021 21:06:33 GMT expires Thu, 26 Aug 2021 21:06:33 GMT content-type text/html; charset=UTF-8 etag 8999110079160743657 x-content-type-options nosniff content-encoding gzip server cafe content-length 4576 x-xss-protection 0 age 44568 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	225 KB 72 KB	49ms 49ms	Script application/javascript	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash dc6045016d46e4682d7ca0c4669a05794699a50abe0bee108e2d16e747e00eea Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:21 GMT content-encoding br last-modified Thu, 12 Aug 2021 09:51:50 GMT etag "611112b5-11dd4" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 73172 expires Fri, 13 Aug 2021 10:29:21 GMT
GET H2	200	impr Show response gaa.adscale.de/	3 KB 4 KB	197ms 148ms	Script text/javascript	75.2.86.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gaa.adscale.de/impr?v=2&sid=YjY2ODA=&nu=0&t=1628846961963&ssl=1&pos=below&ws=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&uuid=a625e8c0-96ca-4bfa-8f57-b3c4eb147c86 Requested by Host: js.adscale.de URL: https://js.adscale.de/getads.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.2.86.129 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a3436eee63857ff41.awsglobalaccelerator.com Software / Resource Hash 9e12bb7549999cdba4491697e96330016ee29bb3977bc254e210901fdd906eff Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:22 GMT cache-control no-cache p3p CP=NOI PSA OUR x-robots-tag none content-length 3294 content-type text/javascript
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-4499241-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 13 Jul 2021 18:24:06 GMT server Golfe2 age 940 date Fri, 13 Aug 2021 09:13:41 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19672 expires Fri, 13 Aug 2021 11:13:41 GMT
POST H3-29	200	collect Show response www.google-analytics.com/j/	2 B 22 B	29ms 13ms	XHR text/plain	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j92&a=511656376&t=pageview&_s=1&dl=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&ul=en-us&de=UTF-8&dt=vieclambienhoadongnai%20%7C%20user%20details%20%7C%20folkd.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1602784080&gjid=1954271594&cid=568975531.1628846962&tid=UA-4499241-1&_gid=1674508031.1628846962&_r=1&gtm=2ou8b0&z=525732503 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 13 Aug 2021 09:29:22 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.folkd.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	199 B 655 B	52ms 28ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.folkd.com&callback=_gfp_s_&client=ca-pub-3319618738478027 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 498b60792aa145f33da503c4acede0340814eea53b91a892961f640ccb1270ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:22 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 190 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 853 B	37ms 15ms	Script application/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.folkd.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 13 Aug 2021 09:29:22 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 570 B	38ms 16ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.folkd.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 13 Aug 2021 09:29:22 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame A42C	0 16 B	29ms 27ms	Document text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?gdpr_consent=tcunavailable&tcfe=3&client=ca-pub-3319618738478027&output=html&adk=3046330955&adf=2044148826&lmt=1628846962&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628846961940&bpp=3&bdt=138&idt=72&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1181243082347&frm=20&pv=2&ga_vid=568975531.1628846962&ga_sid=1628846962&ga_hid=511656376&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C20211866%2C31062297&oid=3&pvsid=2257959046069233&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=85 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?gdpr_consent=tcunavailable&tcfe=3&client=ca-pub-3319618738478027&output=html&adk=3046330955&adf=2044148826&lmt=1628846962&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628846961940&bpp=3&bdt=138&idt=72&shv=r20210809&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1181243082347&frm=20&pv=2&ga_vid=568975531.1628846962&ga_sid=1628846962&ga_hid=511656376&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C20211866%2C31062297&oid=3&pvsid=2257959046069233&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=85 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.folkd.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.folkd.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff date Fri, 13 Aug 2021 09:29:22 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	73 KB 28 KB	40ms 20ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ffa263f5d44762ba96ccf4475d6da0960f346183c533e582ca0140acadfea7d6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:22 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1628681433796959" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27990 x-xss-protection 0 expires Fri, 13 Aug 2021 09:29:22 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 84 B	14ms 14ms	XHR text/plain	2a00:1450:400c:c04::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-4499241-1&cid=568975531.1628846962&jid=1602784080&gjid=1954271594&_gid=1674508031.1628846962&_u=YEBAAUAAAAAAAC~&z=1977337019 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 13 Aug 2021 09:29:22 GMT content-type text/plain access-control-allow-origin https://www.folkd.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	400	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9364.LC4-NTT9qtrgibPtr_hG_OuIYyVnJDnT-jwc-VyrWjodZsXZcYYAcmdXkr2_BiKt.52ZtPqHQHVga12S9jNPgcJk-lUk%2C https://mc.yandex.com/sync_cookie_image_decide?token=9364.axSSoY7ejI7v-xCPUyii8VMOwbl7JxmAJvr5BnF0dfVC9XxyMeu7cw6aGJYmFl5xG61RN7Lx6KyeHCjjHJgvjA%2C%2C.2ES3eLTojEgoanCmb00tdglDBZk%2C	75 B 75 B	48ms 47ms	Image text/html	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=9364.axSSoY7ejI7v-xCPUyii8VMOwbl7JxmAJvr5BnF0dfVC9XxyMeu7cw6aGJYmFl5xG61RN7Lx6KyeHCjjHJgvjA%2C%2C.2ES3eLTojEgoanCmb00tdglDBZk%2C Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:22 GMT strict-transport-security max-age=31536000 content-length 75 x-xss-protection 1; mode=block content-type text/html; charset=utf-8 Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=9364.axSSoY7ejI7v-xCPUyii8VMOwbl7JxmAJvr5BnF0dfVC9XxyMeu7cw6aGJYmFl5xG61RN7Lx6KyeHCjjHJgvjA%2C%2C.2ES3eLTojEgoanCmb00tdglDBZk%2C date Fri, 13 Aug 2021 09:29:22 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 135 B	48ms 47ms	Image image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:22 GMT last-modified Thu, 12 Aug 2021 09:51:50 GMT etag "611112b5-2b" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Fri, 13 Aug 2021 10:29:22 GMT
GET H2	403	userconnect.js js.adscale.de//	0 0	87ms 87ms	Script application/xml	2600:9000:21a8:4800:f:4f64:8940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adscale.de//userconnect.js Requested by Host: js.adscale.de URL: https://js.adscale.de/getads.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21a8:4800:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H/1.1	200	Cookie set ShowAd Show response brain.rvty.net/RTB/ Frame 132B	1 KB 1 KB	40ms 13ms	Document text/html	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=f53a60d741974108859ea90f3ee35e26&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=4ae3d03f-dc9e-4373-ad57-dbc0787afc16&euid=b170e3defbc61d900990a28ce3b227d6f82094df8247aee68d5a4762b173f03a&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= Requested by Host: js.adscale.de URL: https://js.adscale.de/getads.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash a0cfbd65205dcdbd022d91016cc39792209ce917f24fd088bb257344092fd99b Request headers Host brain.rvty.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.folkd.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.folkd.com/ Response headers Server nginx/1.13.4 Date Fri, 13 Aug 2021 09:29:22 GMT Content-Type text/html;charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie RTBUserId=4ae3d03f-dc9e-4373-ad57-dbc0787afc16; path=/; SameSite=None; secure; Expires=Sat, 13 Aug 2022 11:29:22 CEST RTBUserId-Old=4ae3d03f-dc9e-4373-ad57-dbc0787afc16; path=/; secure; Expires=Sat, 13 Aug 2022 11:29:22 CEST RTBUserId-Plain=4ae3d03f-dc9e-4373-ad57-dbc0787afc16; path=/; Expires=Sat, 13 Aug 2022 11:29:22 CEST P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Encoding gzip
GET H/1.1	204 No Content	imp Show response trx.adscale.de/ Frame 8C91	0 149 B	66ms 15ms	Script application/javascript	18.197.85.141 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://trx.adscale.de/imp?ej=NTYxZGVjOTY4MjdlNDE0ZG7JzWCOxkIrV6mavX74cwxb8alWuKJ0HmLPt9cSlBV0ed2LP9bLAHcDo-WyY8B8GRyu_167uyJNMpXXilv0SiAqnM9vjZcAPkv7tN4o1nARHK73V7mhOQh5yoDvBPQCdG36njrcgwMqS_qy3inEOllcycoK5bkxE3HIgPAZ9QwDfuXof5bcQ1oV6rrSIM08OxzS2B2juXFtIYnesUH-X10r5OwuxY1BWRW55odj0n08XoeYR6rjFSBl3MS9U_5fTzLo7A7OwS8RVOrziX_cLDxCuI18uq9KYx2O0bNO7hoQYNz-DOrOOBdz66P6KswgIlPw3GWDqhotUdOSnx_4EEA3kr1dtZ57GzDrpfl8nnJ3BKDfP9T7SShUyYnbFfcWDyaa_Q_l2WUKJ7r5iXCGX2sEoN9u0-tQbx_ZyaRJsDwKKZS9CLLGaAkq7uTGetMIb0uliT_R_l4rBsyTrx6nYE1xlL8P_dw2Tm-r-9s8nVZ9QbidfYm-dS8C25qyW_MfGWOCr0S7j0IeMPe40z-Sb20G8OYgmbVgeVGWlbAKqllaZMfRQ7TXFBc5orecKMM0KhaiojDduHpDQNLSvhLxGAh1zddeqcoDAC-2t5wo01xNV-H1Osy8amNK4s7sTfFmbxOkpnGY8zpBZsCqiTuYBQpc14RLuqRzDyKP_doZtCd6LrjgPtnBAUZGrcf4fdwKTxbc1gi99zRzIICtlBG6cm06_rNwzZhHFkTV3vFj8xZPANzRQfqoIiUgsLiTAMUnKzns4XjDmEMXGNPdoGL3FRxd2odA8ah6I3y15ZJWwHR5OOy_JMTJThRKh4ejYfMSSQuNnQjmuiFhOOTi6hHRKGsztLM60oMPVwzK0sg9804HXNvBaqDqbDIu8OLmDd9sZjioogvMjyFTXJeLiF26HgVdxtYp9r8PZmm7qesv339xNLCzYJKdNURYj5_bGe9dXRbc0g729FsjCO74vjvVfz55sqBvkto_RirC2thSpwxKO9vETajqEXYe7vi-O9V_Pmm6qiaK0CFYLtrUnF28DU0d-MNH-fIbaQDq-L462WMpeIrhfdufOUUii5_bGONBH0ihw1H570ssTfn2r2HBey9kg7Ailc1xWD-Mk4NDpRJCAe3DS_qjU2Id29rHBvpBCVi-gBm78xYwP_f4pGmUMmw2ysl33Zw0Ch25t_sq23w_c4SdKI7IZkNT_pXXCLgTUQDh81zYrRQwOpH79TKaRh9Lr7wLlo84Ekj0n4BR_yJdMuLdefHmVjBygO31NNMALkGjqVvL1HoSF_iOnVW9Z0sTwt0-6e5LPCfUrP46zhMCfaGxS42LOGhIoM2Se7t3axjP0i6vsV4JJNOovlndHhlru4JcxtI7S023ioQtr2t8R5n7NaO-Xyciwe_XSMwEEiPKnkHWzn0dRKCDpC3gJn1Ro_kouJgYbzfJ7MoP2gQvFO_UGomoIEEG-sL7O_goDXudvX3gxmExdtj42V-QCiFZ8s8Uh68Pchqti6064igbe5aqeO7ZagBjgO7YWdMFelanm0DM9UhhB-GerDyhRAomhaFiq5QpQyvD_8hd0TBvVNPEENj9Ri0J-d2aGJ0dXWXj_D7pzmgcMNvxuHzubRwBgoxKjLw-eUKomNcSzFc-U8fAZ76NDkFsmav5I_h1EnGkrwjV5GsUH_zZtEKMFnoUwI0ys4UHZ3rQ-8Yn73MTYqXpYcD1Ug4e8sGgRoMAdk6HgAehpSBrbZev1GS5Zhci9OUrg8BVAgnU3b0Q3AlHUJGWTu20dzhvtbHOdfArIiX48geJgSdKCsbUoAHSEURElIFipaNCP2Oih8hgoHQgDfDREMDQJ1EXgL2uAcwHRSHStGWptHckdcPSw2yjaRVTt8cAx8BVHhOivrAJj0t0N8SkYaulEH9hzNfebvxpTgXqliSGkDxdEr-njg-OHSBgmNNF9P5VM3XMhbQ-oCVlTa3_Z5eRJkdX9rGaDuUIUGGPmw7k4UomLqbY4muJQTRDtbk_09UsEh7A4Ndbv3QAIYLbB-PnGXd6odHmPdlBNkSz4jfBmjlXwoXaUA==&rns=Y2EyNzlhY2QzYjgwNGMxY-dUHCL4yvDYCEk2JDCz-yrWbSsWyfrI4D1wU0UJg50ZswgYI6zI_sIRUj0qfer7YORhdk3Jutz4ZSBIT1HIlQ-QCBA0hdWvnRcCcjsjvfAjsnwyDrTtg791axZSR5_KAYNeHizYmPHTV1F4JyvztyFSmu0h Requested by Host: js.adscale.de URL: https://js.adscale.de/getads.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.197.85.141 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-197-85-141.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/javascript; charset=UTF-8 Cache-Control max-age=3600 Expires Fri, 13 Aug 2021 10:29:22 GMT
GET H/1.1	200 OK	ads_view.js Show response cdn.rvty.net/view/ Frame 132B	3 KB 4 KB	36ms 12ms	Script application/javascript	89.163.211.242 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://cdn.rvty.net/view/ads_view.js Requested by Host: brain.rvty.net URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=f53a60d741974108859ea90f3ee35e26&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=4ae3d03f-dc9e-4373-ad57-dbc0787afc16&euid=b170e3defbc61d900990a28ce3b227d6f82094df8247aee68d5a4762b173f03a&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.242 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash 00bb2f69ab06efff6555f6ccae10902e87bb6aea861e83de082a45a07e525054 Request headers Referer https://brain.rvty.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 13 Aug 2021 09:29:22 GMT Last-Modified Fri, 20 Dec 2019 09:27:25 GMT Server nginx/1.13.4 ETag "5dfc93fd-d40" Content-Type application/javascript Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 3392
GET H/1.1	200	GoogleMatch brain.rvty.net/RTB/ Frame 132B Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=easymedia&google_cm https://cm.g.doubleclick.net/pixel?google_nid=easymedia&google_cm=&google_tc= https://brain.rvty.net/RTB/GoogleMatch?google_gid=CAESEBcxY7r2BacixS5iYhGhQBw&google_cver=1	43 B 553 B	10ms 10ms	Image image/gif	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Show image Full URL https://brain.rvty.net/RTB/GoogleMatch?google_gid=CAESEBcxY7r2BacixS5iYhGhQBw&google_cver=1 Requested by Host: brain.rvty.net URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=f53a60d741974108859ea90f3ee35e26&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=4ae3d03f-dc9e-4373-ad57-dbc0787afc16&euid=b170e3defbc61d900990a28ce3b227d6f82094df8247aee68d5a4762b173f03a&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Referer https://brain.rvty.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 13 Aug 2021 09:29:22 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 43 Content-Type image/gif Redirect headers pragma no-cache date Fri, 13 Aug 2021 09:29:22 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://brain.rvty.net/RTB/GoogleMatch?google_gid=CAESEBcxY7r2BacixS5iYhGhQBw&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 292 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	4sxtd47yng2k Show response ad.ad-srv.net/zone/ Frame 132B	10 KB 3 KB	45ms 13ms	Script text/html	46.4.10.49 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad.ad-srv.net/zone/4sxtd47yng2k?subid=&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1628846962200%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3Df53a60d741974108859ea90f3ee35e26%26gdpr%3D0%26gdpr_consent%3D%26dest%3D Requested by Host: brain.rvty.net URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=f53a60d741974108859ea90f3ee35e26&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=4ae3d03f-dc9e-4373-ad57-dbc0787afc16&euid=b170e3defbc61d900990a28ce3b227d6f82094df8247aee68d5a4762b173f03a&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.49.10.4.46.clients.your-server.de Software Apache / Resource Hash f3637c6a594f710e1d8894873050049f06b4ad8428f63517ba9bb921746990eb Request headers Referer https://brain.rvty.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 13 Aug 2021 09:29:22 GMT Content-Encoding gzip Server Apache Connection close Content-Length 2843 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H2	200	1 Show response mc.yandex.com/watch/71239210/ Redirect Chain https://mc.yandex.com/watch/71239210?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A258%3... https://mc.yandex.com/watch/71239210/1?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A258...	316 B 398 B	51ms 51ms	XHR application/json	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/71239210/1?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A258%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A956837043128%3Ahid%3A45039992%3Az%3A120%3Ai%3A20210813112922%3Aet%3A1628846962%3Ac%3A1%3Arn%3A325554409%3Au%3A1628846962727108341%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628846961647%3Ads%3A1%2C18%2C132%2C1%2C0%2C0%2C%2C153%2C1%2C%2C%2C%2C309%3Adsn%3A1%2C18%2C133%2C1%2C0%2C0%2C%2C156%2C1%2C%2C%2C%2C310%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628846962%3At%3Avieclambienhoadongnai%20%7C%20user%20details%20%7C%20folkd.com Requested by Host: www.folkd.com URL: https://www.folkd.com/user/vieclambienhoadongnai Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 03c51c60ed0a52e0e995ec9f27d2122899bf776176bbb82170ff22d880b3190b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 13 Aug 2021 09:29:22 GMT x-content-type-options nosniff last-modified Fri, 13-Aug-2021 09:29:22 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://www.folkd.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 316 x-xss-protection 1; mode=block expires Fri, 13-Aug-2021 09:29:22 GMT Redirect headers pragma no-cache date Fri, 13 Aug 2021 09:29:22 GMT last-modified Fri, 13-Aug-2021 09:29:22 GMT location /watch/71239210/1?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A12vwkywz4p6qw9gg56%3Afp%3A258%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A611%3Acn%3A1%3Adp%3A0%3Als%3A956837043128%3Ahid%3A45039992%3Az%3A120%3Ai%3A20210813112922%3Aet%3A1628846962%3Ac%3A1%3Arn%3A325554409%3Au%3A1628846962727108341%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1628846961647%3Ads%3A1%2C18%2C132%2C1%2C0%2C0%2C%2C153%2C1%2C%2C%2C%2C309%3Adsn%3A1%2C18%2C133%2C1%2C0%2C0%2C%2C156%2C1%2C%2C%2C%2C310%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1628846962%3At%3Avieclambienhoadongnai%20%7C%20user%20details%20%7C%20folkd.com strict-transport-security max-age=31536000 access-control-allow-origin https://www.folkd.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Fri, 13-Aug-2021 09:29:22 GMT
GET H/1.1	200 OK	request.php Show response ad7.ad-srv.net/ Frame 132B Redirect Chain https://ad7.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=e6ad5657cc&subid=&uid=5b3d965ba2feca16&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x60... https://ad7.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=e6ad5657cc&subid=&uid=5b3d965ba2feca16&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x60...	2 KB 1 KB	62ms 39ms	Script application/x-javascript	138.201.63.157 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad7.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=e6ad5657cc&subid=&uid=5b3d965ba2feca16&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1628846962200%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3Df53a60d741974108859ea90f3ee35e26%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=6879392633121&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Requested by Host: brain.rvty.net URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=f53a60d741974108859ea90f3ee35e26&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=4ae3d03f-dc9e-4373-ad57-dbc0787afc16&euid=b170e3defbc61d900990a28ce3b227d6f82094df8247aee68d5a4762b173f03a&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.157 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.157.63.201.138.clients.your-server.de Software Apache / Resource Hash f3a31fac1a49a50ff85a44d70eefe7481760a6d79aacd47db42d56940d5e24cd Request headers Referer https://brain.rvty.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 13 Aug 2021 09:29:22 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 15813700056003101324219011685007 Connection close Content-Type application/x-javascript; charset=utf-8 Content-Length 735 Expires Fri, 13 Aug 2021 10:29:22 +0200 Redirect headers Pragma no-cache Date Fri, 13 Aug 2021 09:29:22 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=e6ad5657cc&subid=&uid=5b3d965ba2feca16&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1628846962200%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3Df53a60d741974108859ea90f3ee35e26%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=6879392633121&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Type text/html; charset=UTF-8 Content-Length 0 Expires Fri, 13 Aug 2021 10:29:22 +0200
GET H2	200	ztpv.php Show response www.conrad.de/ Frame BA50 Redirect Chain https://www.awin1.com/cshow.php?s=2470169&v=11354&q=371933&r=278235&pv=1&pref1=15813700056003101324219011685007&gdpr=&gdpr_consent= https://www.conrad.de/ztpv.php?awc=11354_278235_1628846962_f16b7c61-fc18-11eb-b149-692d057bce79&insert=AW	0 706 B	74ms 50ms	Document text/html	2606:4700::6812:7e05 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.conrad.de/ztpv.php?awc=11354_278235_1628846962_f16b7c61-fc18-11eb-b149-692d057bce79&insert=AW Requested by Host: ad7.ad-srv.net URL: https://ad7.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=e6ad5657cc&subid=&uid=5b3d965ba2feca16&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1628846962200%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3Df53a60d741974108859ea90f3ee35e26%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=6879392633121&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers :method GET :authority www.conrad.de :scheme https :path /ztpv.php?awc=11354_278235_1628846962_f16b7c61-fc18-11eb-b149-692d057bce79&insert=AW pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://brain.rvty.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://brain.rvty.net/ Response headers date Fri, 13 Aug 2021 09:29:22 GMT content-type text/html; charset=UTF-8 server-timing intid;desc=612fcd817a7ed530 intid;desc=7abbc2f8d575dd20 cache-control no-cache expires -1 set-cookie HTLP_timestamp=1628846962; expires=Wed, 18-Aug-2021 09:29:22 GMT; Max-Age=432000; path=/; secure; SameSite=None CEAffHA=YD; expires=Wed, 18-Aug-2021 09:29:22 GMT; Max-Age=432000; path=/; secure; SameSite=None __cf_bm=f53294429b30ed1df968df0e06edce2bf8e190f6-1628846962-1800-AcXjC0Ou4utLg8gCnH8dvfLjU4l/FCj7i7zyImcNKKeFSEuyKZmJ969ht2cQbeY5JqK2OhEMJUazRCcE4g0OSsY=; path=/; expires=Fri, 13-Aug-21 09:59:22 GMT; domain=.www.conrad.de; HttpOnly; Secure; SameSite=None p3p policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR" age 0 strict-transport-security max-age=15552000 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 67e0eb2bb834c2e5-FRA content-encoding br Redirect headers Location https://www.conrad.de/ztpv.php?awc=11354_278235_1628846962_f16b7c61-fc18-11eb-b149-692d057bce79&insert=AW Node Helix P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Content-Length 0 Date Fri, 13 Aug 2021 09:29:22 GMT Connection keep-alive Set-Cookie awpv11354=278235|1628846962|f16b7c61-fc18-11eb-b149-692d057bce79;domain=.awin1.com;path=/;expires=Monday, 16-Aug-2021 09:29:22 UTC;Secure;SameSite=None AWSESS=377133:2470169;domain=.awin1.com;path=/;Secure;SameSite=None Strict-Transport-Security max-age=86400 Awin-Akamai-Rule-Set default
GET H/1.1	200 OK	request_content.php Show response ad7.ad-srv.net/ Frame BFBD	6 KB 2 KB	37ms 13ms	Document text/html	138.201.63.157 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad7.ad-srv.net/request_content.php?s=15813700056003101324219011685007&a=36e146d2 Requested by Host: ad7.ad-srv.net URL: https://ad7.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=e6ad5657cc&subid=&uid=5b3d965ba2feca16&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1628846962200%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3Df53a60d741974108859ea90f3ee35e26%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=6879392633121&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.157 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.157.63.201.138.clients.your-server.de Software Apache / Resource Hash 31880e6585b58005e1b766f15dd28bd1ff72a93b8defb5fa647b0e1412462f2c Request headers Host ad7.ad-srv.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://brain.rvty.net/ Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie kdb0xdq3ls8m_uid=36d4d1070fab3ada Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://brain.rvty.net/ Response headers Date Fri, 13 Aug 2021 09:29:22 GMT Server Apache Cache-Control no-store, no-cache, must-revalidate, max-age=0 Expires Fri, 13 Aug 2021 10:29:22 +0200 Pragma no-cache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Vary Accept-Encoding Content-Encoding gzip Content-Length 1954 Connection close Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	jquery-1.10.2.min.js Show response cdn.rvty.net/_files/js/ Frame D27C	91 KB 91 KB	18ms 17ms	Script application/javascript	89.163.211.242 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/view/ads_view.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.242 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988 Request headers Referer https://brain.rvty.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 13 Aug 2021 09:29:22 GMT Last-Modified Wed, 08 Jan 2020 08:13:37 GMT Server nginx/1.13.4 ETag "5e158f31-16bb3" Content-Type application/javascript Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 93107
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame D27C	0 119 B	11ms 11ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=f53a60d741974108859ea90f3ee35e26&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=4ae3d03f-dc9e-4373-ad57-dbc0787afc16&euid=b170e3defbc61d900990a28ce3b227d6f82094df8247aee68d5a4762b173f03a&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Fri, 13 Aug 2021 09:29:22 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
GET H3-29	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame BFBD	89 KB 32 KB	22ms 7ms	Script text/javascript	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js Requested by Host: ad7.ad-srv.net URL: https://ad7.ad-srv.net/request_content.php?s=15813700056003101324219011685007&a=36e146d2 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ad7.ad-srv.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 Aug 2021 14:55:27 GMT content-encoding gzip x-content-type-options nosniff age 66835 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32245 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 12 Aug 2022 14:55:27 GMT
GET H2	200	summersale_160x600 asset.conrad.com/media10/isa/160267/c1/-/de/ Frame BFBD Redirect Chain https://www.awin1.com/cshow.php?s=2470169&v=11354&q=371933&r=278235&pref1=15813700056003101324219011685007&gdpr=&gdpr_consent= https://asset.conrad.com/media10/isa/160267/c1/-/de/summersale_160x600?format=gif	19 KB 19 KB	62ms 22ms	Image image/gif	178.79.227.54 LLNW
General Check archive.org Show headers Download Go to Show image Full URL https://asset.conrad.com/media10/isa/160267/c1/-/de/summersale_160x600?format=gif Requested by Host: ad7.ad-srv.net URL: https://ad7.ad-srv.net/request_content.php?s=15813700056003101324219011685007&a=36e146d2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.79.227.54 , United States, ASN22822 (LLNW, US), Reverse DNS https-178-79-227-54.vie.llnw.net Software Cliplister GmbH / Resource Hash da8a4c84ac527a626164ac5ffd1e93db4e570e0c37bfa3f8dd7ad60458b32492 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://ad7.ad-srv.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:22 GMT last-modified Fri, 30 Jul 2021 05:49:57 GMT server Cliplister GmbH age 12259 etag "61039305-4b58" strict-transport-security max-age=15768000 reporting eyJjb25zdW1lcmlkIjoxNjAyNjcsIm93bmVyaWQiOjE2MDI2NywidW5pcXVlaWQiOiIxNjAyNjdiS3dQSFZwamk5bThid19DMUR4V05yQVQiLCJ1dWlkIjoiYTljZTkxM2RlOTYyMTQxYWVhMWYwMmE3NDk4ZmY1YzEzIiwiYXNzZXR0eXBlIjoicGljdHVyZSJ9 content-type image/gif access-control-allow-origin * cache-control max-age=172800 x-server c20 accept-ranges bytes content-length 19288 x-llid 8a3ab847f321ff08f38ef00f52f75370 expires Sun, 15 Aug 2021 06:05:03 GMT Redirect headers Date Fri, 13 Aug 2021 09:29:22 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Location https://asset.conrad.com/media10/isa/160267/c1/-/de/summersale_160x600?format=gif Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Length 0
GET H/1.1	200 OK	viewability Show response ad7.ad-srv.net/ Frame BFBD	0 150 B	34ms 12ms	Script text/html	138.201.63.157 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad7.ad-srv.net/viewability?s=15813700056003101324219011685007&a=d782ddc6&vb=m Requested by Host: ad7.ad-srv.net URL: https://ad7.ad-srv.net/request_content.php?s=15813700056003101324219011685007&a=36e146d2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.157 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.157.63.201.138.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ad7.ad-srv.net/request_content.php?s=15813700056003101324219011685007&a=36e146d2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 13 Aug 2021 09:29:22 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET H3-29	200	sodar Show response pagead2.googlesyndication.com/getconfig/	11 KB 8 KB	33ms 19ms	XHR application/json	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210809&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 90ce2cfa9e225a945f3937e7d5248bc2bb818af33bd8cde0cea253dbebd0bb19 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 13 Aug 2021 09:29:22 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8531 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	40ms 20ms	Script text/javascript	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Aug 2021 09:29:22 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 expires Fri, 13 Aug 2021 09:29:22 GMT
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0CB2	12 KB 5 KB	21ms 6ms	Document text/html	2a00:1450:4001:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/224/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.folkd.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.folkd.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5029 date Fri, 13 Aug 2021 08:27:36 GMT expires Sat, 13 Aug 2022 08:27:36 GMT last-modified Wed, 02 Jun 2021 17:09:45 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 3706 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	aframe Show response www.google.com/recaptcha/api2/ Frame 70EE	783 B 532 B	24ms 22ms	Document text/html	2a00:1450:4001:803::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 213d327c5a23a8d549ad585a21958729a5f659e2b8b59421eece0fc1104cbcaa Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-pCC+V0Z/axtzSbrQU262OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.folkd.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.folkd.com/ Response headers expires Fri, 13 Aug 2021 09:29:22 GMT date Fri, 13 Aug 2021 09:29:22 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-pCC+V0Z/axtzSbrQU262OQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js Show response pagead2.googlesyndication.com/bg/ Frame 0CB2	35 KB 13 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/1ybhf5PHJCoiRTy-ubeljLlyS14gR-QFfTY_U8tl74U.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d726e17f93c7242a22453cbeb9b7a58cb9724b5e2047e4057d363f53cb65ef85 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 Aug 2021 16:00:22 GMT content-encoding br x-content-type-options nosniff age 62940 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13373 x-xss-protection 0 last-modified Tue, 03 Aug 2021 09:38:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 12 Aug 2022 16:00:22 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	30ms 29ms	Image image/gif	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210809&jk=2257959046069233&bg=!0tGl0ZXNAAbOj6irzo87ACkAdvg8WuqMNSkZCmsnhWktIwqXH1lNd1hH9xjSR0_ZJoIrhhyu1iDwPAIAAABFUgAAAAtoAQeZAnj4BnGKYsTrkhLaCeRgSD9RhZVzA9RLFJ1vnS_TXxZqNxQ3MH2TzBdufIzlTNDadue3EKx8tLUh1aGwK_rXcBGHPVZJ67NeRTy333ePxlBORB11Fr1HD5W9syO3-BA3bffG8FrkOIxLhqS04imCwSX82Pv9HoQbxooz06EGs7MswuIQxd-s7iwya8oX7N77TCdTU_qMM11TuKKipF1ukm7Cw3SFPDNSMOU1tVZ4K6uG4DeFds_fEzR_6rRHQ_koMPa6YE5zmkHR_xBTQ2qEckZL8GAFat4vE0NMJEVZjE0R3dfMpitnYBTbQzU1FX810TqkdIcoV4ycHFxpvm6Au7Bu8o9J0KULhmgGoHMDPLuZSQDH9Po6IrcSJfWnnukzciBl_Ds89Ca2BU6bVXXHu02vHXPz_LaFHtnns0wQwjoUIX2KcCs0AedPuh9CMO5s8vxfILqgShMRGfCUQ4SaS3hAcyaObPH0qvUe3OyYjjv8evdPbcICKFMYeqF-vI9GJ0ovb6UkGgwkO0w6MK_c5GNvdV-5QxRaYu9GLyit63ABeAPCH_2BaIo_UCbTtnhm2_GRbM8_BZqh24XlgNpJGz5Sg2tN4vF-OvKa1wNVonAq4K7EbJJNbgB0iJ3MxhgujMKMeJNXIMrYT23P1gq0LrkLspV6Md_MWoeVh2J5aBXfMW3Gb6oDRGoW2jEofDfRqPtFN5C_H9ZNZf3Fil95wvc_2aNCQogeVJEJeeXAM3IgZz_i05vsXh_XKKW5bDscVpJ3wxG_RiCdjGfTFMmb989QqbEg27_x9OsPAIV30gb-nfM1pgeTMe8adqPvKbuU-SKswOAS5MZ8DA Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 13 Aug 2021 09:29:22 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame D27C	0 119 B	10ms 10ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=f53a60d741974108859ea90f3ee35e26&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=4ae3d03f-dc9e-4373-ad57-dbc0787afc16&euid=b170e3defbc61d900990a28ce3b227d6f82094df8247aee68d5a4762b173f03a&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Fri, 13 Aug 2021 09:29:22 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame D27C	0 119 B	10ms 9ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=f53a60d741974108859ea90f3ee35e26&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=4ae3d03f-dc9e-4373-ad57-dbc0787afc16&euid=b170e3defbc61d900990a28ce3b227d6f82094df8247aee68d5a4762b173f03a&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Fri, 13 Aug 2021 09:29:23 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
GET H/1.1	200 OK	viewability Show response ad7.ad-srv.net/ Frame BFBD	0 150 B	34ms 12ms	Script text/html	138.201.63.157 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad7.ad-srv.net/viewability?s=15813700056003101324219011685007&a=d782ddc6&vb=v Requested by Host: ad7.ad-srv.net URL: https://ad7.ad-srv.net/request_content.php?s=15813700056003101324219011685007&a=36e146d2 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.157 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.157.63.201.138.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ad7.ad-srv.net/request_content.php?s=15813700056003101324219011685007&a=36e146d2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 13 Aug 2021 09:29:23 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame D27C	0 119 B	11ms 10ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=f53a60d741974108859ea90f3ee35e26&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=4ae3d03f-dc9e-4373-ad57-dbc0787afc16&euid=b170e3defbc61d900990a28ce3b227d6f82094df8247aee68d5a4762b173f03a&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Fri, 13 Aug 2021 09:29:23 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame D27C	0 119 B	10ms 9ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=f53a60d741974108859ea90f3ee35e26&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=4ae3d03f-dc9e-4373-ad57-dbc0787afc16&euid=b170e3defbc61d900990a28ce3b227d6f82094df8247aee68d5a4762b173f03a&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Fri, 13 Aug 2021 09:29:24 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
POST H2	200	71239210 Show response mc.yandex.com/webvisor/	43 B 145 B	148ms 147ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/71239210?wmode=0&wv-part=1&wv-hit=45039992&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rn=467175746&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1628846965%3Aw%3A1600x1200%3Av%3A611%3Az%3A120%3Ai%3A20210813112924%3Au%3A1628846962727108341%3Avf%3A12vwkywz4p6qw9gg56%3Awe%3A1%3Ati%3A2%3Ast%3A1628846965 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 13 Aug 2021 09:29:24 GMT last-modified Fri, 13-Aug-2021 09:29:24 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://www.folkd.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Fri, 13-Aug-2021 09:29:24 GMT
POST H2	200	71239210 Show response mc.yandex.com/webvisor/	43 B 73 B	152ms 151ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/71239210?wmode=0&wv-part=1&wv-hit=45039992&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rn=478244722&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1628846965%3Aw%3A1600x1200%3Av%3A611%3Az%3A120%3Ai%3A20210813112924%3Au%3A1628846962727108341%3Avf%3A12vwkywz4p6qw9gg56%3Awe%3A1%3Ati%3A2%3Ast%3A1628846965 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://www.folkd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 13 Aug 2021 09:29:24 GMT last-modified Fri, 13-Aug-2021 09:29:24 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://www.folkd.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Fri, 13-Aug-2021 09:29:24 GMT
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame D27C	0 119 B	10ms 9ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=f53a60d741974108859ea90f3ee35e26&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=4ae3d03f-dc9e-4373-ad57-dbc0787afc16&euid=b170e3defbc61d900990a28ce3b227d6f82094df8247aee68d5a4762b173f03a&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Fri, 13 Aug 2021 09:29:24 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame D27C	0 119 B	10ms 10ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=f53a60d741974108859ea90f3ee35e26&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=4ae3d03f-dc9e-4373-ad57-dbc0787afc16&euid=b170e3defbc61d900990a28ce3b227d6f82094df8247aee68d5a4762b173f03a&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Fri, 13 Aug 2021 09:29:25 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame D27C	0 119 B	11ms 10ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=f53a60d741974108859ea90f3ee35e26&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=4ae3d03f-dc9e-4373-ad57-dbc0787afc16&euid=b170e3defbc61d900990a28ce3b227d6f82094df8247aee68d5a4762b173f03a&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Fri, 13 Aug 2021 09:29:26 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame D27C	0 119 B	10ms 10ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=f53a60d741974108859ea90f3ee35e26&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=4ae3d03f-dc9e-4373-ad57-dbc0787afc16&euid=b170e3defbc61d900990a28ce3b227d6f82094df8247aee68d5a4762b173f03a&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Fri, 13 Aug 2021 09:29:26 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame D27C	0 119 B	10ms 10ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=f53a60d741974108859ea90f3ee35e26&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=4ae3d03f-dc9e-4373-ad57-dbc0787afc16&euid=b170e3defbc61d900990a28ce3b227d6f82094df8247aee68d5a4762b173f03a&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Fri, 13 Aug 2021 09:29:27 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame D27C	0 119 B	12ms 12ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=f53a60d741974108859ea90f3ee35e26&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=4ae3d03f-dc9e-4373-ad57-dbc0787afc16&euid=b170e3defbc61d900990a28ce3b227d6f82094df8247aee68d5a4762b173f03a&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Fri, 13 Aug 2021 09:29:30 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0
POST H/1.1	200	Visibility Show response brain.rvty.net/RTB/ Frame D27C	0 119 B	13ms 13ms	XHR text/plain	89.163.211.233 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://brain.rvty.net/RTB/Visibility Requested by Host: cdn.rvty.net URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept */* Referer https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=f53a60d741974108859ea90f3ee35e26&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Fvieclambienhoadongnai&rawReferrerURL=&uid=4ae3d03f-dc9e-4373-ad57-dbc0787afc16&euid=b170e3defbc61d900990a28ce3b227d6f82094df8247aee68d5a4762b173f03a&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent= X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Fri, 13 Aug 2021 09:29:33 GMT Server nginx/1.13.4 Connection keep-alive Content-Length 0