www.folkd.com Open in urlscan Pro
2606:4700:3031::6815:e55 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.folkd.com/user/accountinghub1
Submission: On August 23 via manual (August 23rd 2021, 11:11:39 am UTC) from IN

Summary HTTP 70 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 21 domains to perform 70 HTTP transactions. The main IP is 2606:4700:3031::6815:e55, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.folkd.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 8th 2021. Valid for: a year.

This is the only time www.folkd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3031::6815:e55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21f... 2600:9000:21f3:2e00:f:4f64:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3 9	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	99.83.169.100 99.83.169.100	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
15	89.163.211.233 89.163.211.233	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	35.157.44.220 35.157.44.220	16509 (AMAZON-02) (AMAZON-02)
2	89.163.211.242 89.163.211.242	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	116.202.48.214 116.202.48.214	24940 (HETZNER-AS) (HETZNER-AS)
1 5	78.46.90.238 78.46.90.238	24940 (HETZNER-AS) (HETZNER-AS)
4 4	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:7f05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.79.227.54 178.79.227.54	22822 (LLNW) (LLNW)
2	51.75.147.170 51.75.147.170	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
70	26

13 2606:4700:3031::6815:e55 (United States)

ASN13335 (CLOUDFLARENET, US)

www.folkd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:2e00:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.169.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: a3436eee63857ff41.awsglobalaccelerator.com

gaa.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 89.163.211.233 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

brain.rvty.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.44.220 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-44-220.eu-central-1.compute.amazonaws.com

trx.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.163.211.242 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

cdn.rvty.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.48.214 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.214.48.202.116.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 78.46.90.238 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de

ad19.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.239.217 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.227.54 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-227-54.vie.llnw.net

asset.conrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.147.170 (France)

ASN16276 (OVH, FR)
PTR: ns3133977.ip-51-75-147.eu

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	rvty.net brain.rvty.net cdn.rvty.net	98 KB
13	folkd.com www.folkd.com	170 KB
7	yandex.com 2 redirects mc.yandex.com	2 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	176 KB
6	ad-srv.net 1 redirects ad.ad-srv.net ad19.ad-srv.net	8 KB
5	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	6 KB
4	adscale.de js.adscale.de gaa.adscale.de trx.adscale.de	12 KB
3	google.com www.google.com adservice.google.com	2 KB
2	contentspread.net cdn.contentspread.net	4 KB
2	zenaps.com 2 redirects www.zenaps.com	1 KB
2	awin1.com 2 redirects www.awin1.com	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	yandex.ru 1 redirects mc.yandex.ru	72 KB
1	conrad.com asset.conrad.com	24 KB
1	conrad.de www.conrad.de	707 B
1	googletagservices.com www.googletagservices.com	27 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	655 B
1	gstatic.com www.gstatic.com	133 KB
1	googletagmanager.com www.googletagmanager.com	41 KB
1	googleapis.com ajax.googleapis.com	25 KB
70	21

	Domain	Requested by
15	brain.rvty.net	js.adscale.de brain.rvty.net cdn.rvty.net
13	www.folkd.com	www.folkd.com
7	mc.yandex.com	2 redirects www.folkd.com mc.yandex.ru
5	ad19.ad-srv.net	1 redirects brain.rvty.net ad19.ad-srv.net
5	pagead2.googlesyndication.com	www.folkd.com pagead2.googlesyndication.com tpc.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	cdn.contentspread.net	ad19.ad-srv.net
2	www.zenaps.com	2 redirects
2	www.awin1.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	cdn.rvty.net	brain.rvty.net cdn.rvty.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	mc.yandex.ru	1 redirects www.folkd.com
2	js.adscale.de	www.folkd.com js.adscale.de
2	www.google.com	www.folkd.com tpc.googlesyndication.com
1	asset.conrad.com	ad19.ad-srv.net
1	www.conrad.de	ad19.ad-srv.net
1	ad.ad-srv.net	brain.rvty.net
1	trx.adscale.de	js.adscale.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	gaa.adscale.de	js.adscale.de
1	www.gstatic.com	www.google.com
1	www.googletagmanager.com	www.folkd.com
1	ajax.googleapis.com	www.folkd.com
70	29

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.accountingadvice.co
www.accountingguide.co
www.accountinghub.co
facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-01-08` - `2022-01-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.adscale.de Amazon	`2021-08-08` - `2022-09-06`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.rvty.net Sectigo RSA Domain Validation Secure Server CA	`2020-09-02` - `2021-10-04`	a year	crt.sh
ad-srv.net R3	`2021-08-20` - `2021-11-18`	3 months	crt.sh
www.conrad.de Cloudflare Inc ECC CA-3	`2021-05-17` - `2022-05-16`	a year	crt.sh
asset.conrad.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-21` - `2022-08-20`	a year	crt.sh
contentspread.net R3	`2021-08-03` - `2021-11-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.folkd.com/user/accountinghub1
Frame ID: 6AFDD345E7C7E8DF1C54FF508069A94D
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210816/r20190131/zrt_lookup.html
Frame ID: B3FAE8C12322C027DC49D3B066E0D2FD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr_consent=tcunavailable&tcfe=3&client=ca-pub-3319618738478027&output=html&adk=3046330955&adf=2044148826&lmt=1629717078&plat=8%3A134217728%2C9%3A134250632%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629717077975&bpp=4&bdt=200&idt=77&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=63993820183&frm=20&pv=2&ga_vid=1743970724.1629717078&ga_sid=1629717078&ga_hid=1310856081&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C44748390%2C31062297%2C31062094&oid=3&pvsid=4189691598251377&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97
Frame ID: BE8AE34A605DE619DC82E09B894C26AE
Requests: 1 HTTP requests in this frame

Frame: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=58a380e1b6fd4f4cb7a25dc165f9de06&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&rawReferrerURL=&uid=c5b72428-3d34-4a40-a7d1-c861bfa370f9&euid=0d1beb22926001578f92a9acb22bae0999452e58d47c74de5670b833531961b4&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
Frame ID: ABB31387062095E674CB1C96A1A4854D
Requests: 5 HTTP requests in this frame

Frame: https://trx.adscale.de/imp?ej=NGExZWM3Njg4ZGY1NGUwMjR0y3FTMN9ORcqTKAkoT1JSTPNJMFLpenHn4RFnHShwfm6aJ1kmgBsdtYRgM3RFFQ0a-0opBLoqK4e9VwJDdSI6I8J7BSbJU0Xk6SQgeUQUCBr1SjIW_mt01tsIAgshZVxzmC8QLNxZROTqJTIzDFdvJ6keKh3tY3XTxBwLAlZ1QwXcbU9vpAdX6eZ6bTtnTHoy5V15WJQzYd-EQgsJVHgfBdZqTGqnBgXot2AnKzUNfHG_BSI-3nZgyo1QCwlGYRMF9mEABO9HVv25fCl6NRFDZIQVbmGdDjLfg00bTBkzJxf0RQ8T6WBXrcopOXYrAAs1nSxrMdNCb87_SwFGH2M7V_sbX1DhdVf3nX04d3xUDjWaLG9j1UJ1278UURMEdjQXqh1NT_cxBqvtcSBaYFQONZosfHnEVGLNwEMSPlR5OgP8GFEY8GIG4PYmJlxnTwswxX4wKdJOJJefQlI0RXU6BvVSEkG3J0P_62BoAnVFFiSHJnAC1koznoIHBksRZywWvhRBNed4H7zjY2c7ZQJeX9o2exeAGX6R21VQD101PTnjVFZ_928U5fl5cmYwRU9ckCc_EJk7bZWcW0hUHGcsM-VJS2LgeALx-XlydlgiDh_HLS4UiRtnpYAJF1RiAEpalGZ6W9k5S4fkbGE9AWUFKbZcWAyQdw_Isz9DESMVd0bSKTtp4j5r6okdJ3kOc09-6kpZX9YKRpiwcxIeLF9tG5I6NiyzbhPr1QFbeg5lTyv2C1RJ0Vwh0uc3a0o_UHgTkDJmKOg9QrDVBQkrWmBBKqkGUxqNCHrU4TJqHG4EJB-fMWN4tTtJ4dIDUypfZhA9sxMQF8BJKoSbc3EQfV4pE4EnKTn2fQS0uV9TdhExRmHRVUBak18-hJdvf1RwVTUCsDklF_ItWe35PxomEzBbdpIDFTnHGHXPmk1_R2dZLRPbZzcD5SlB-ap7T2VLe0FytQNebYJ5IJ7PWXVHKBQvANRncAnnWwy8qTAHNFxWRmT2XUAn128gns9ZdUcoBCcKnX96F_lfFLLtPxw1W3BlY_wMWC3IcSSez1h5Wz8VF0HGLjUP5FNF-ap6Q3kJJTxj6gxFfY08N5DeA2FDOQkeEJlgZ0f5TkL18iEFKlRscGPwDwllw2wVvLZkWnkfNSMgok5ZIJFOOZ7VCzQKeltXacwoNgKrbHfRikh7RCkeGT2Te2JQ4iIw86ZqGCtHbXxT5y0HIpFLX52EUDp-CSYyHLBjJQ6zOTr58TNfGktff33CBExgkQNOi4RWczg4LD4J4D5-TLNmNujsNx1fXX5ffYUcRH2dVhrKj1huKxQQPBHweCEOyTluq-MZG099dVJylVobaKhVHc7PO30mDwYmIuczeA3qPHns9U8PU2oqBFuOVhRphlMPiaYqbDwETlc--iNkS7w1buXVT0Aeazw-WZNNMi7ORgeKu216PDl5cnShfAIW4HQ0pIhPVh5WCxsTyBJDZpBWDobsJ3QydGRpeq97LSX8I33yiVVWCFYADBbGDUhXhQ4Yh-pke2t7MT4n5CFqNuFvaPOPFjobCxMEBYNACxTNTQmX7mZOfnlFYXfwKWR673crxasqY0xIdVlZwRpKS9ZVB-fPWRMNLBQpLaRoHC6kJm6IoXspL35RZQCWWSwWihdZppNICwNcMgpv_TBJQ_lyK-vyPGhrOVYoVZtRJTCcXgmZl18NAk8zTAboIXBZ-Hwz__YzfmdjESVgiXECPIsZXYvUCRgGD2JATKsUd1XvWi_ioGx3Vn0HMynFYFVviTtDkcVAVTMIbldgoVUFHexIJv-xYm9VaQIkBY13YGiFLHWX0BAKMSBmdHfoBAUG8Q5P8bF8eVQMRBECgWBVc5NNIJzcExcEfiFiZ-8Ud0n1LEzvuT81ZRpSAQaDcTIoh0Ilgd5MF18ofDNDrkQeCvQxVdG_PmMxTQ52Itwqd2STQnfrjhBbdGA7WgC_RQQQsXhDxb5VdkFMGT5pzDVoccgoKr3bOT8lbiMcCPVXC0X-Th_b7g5aEV0Wf2mUND1zmyp6uog8YyRpd0lZtkkdU7sKTFg5MQ==&rns=MjRjNDExOGVhOWYyNDVhNiU7uW5RtWS28LKxLvuDmlMTXd1aN4EH1MfTgxuf4KtlJjvkPlKxMfbr8e1064nNHHFSilA3wxPMn4OYEcero3MFO-wpe6xgqe2homW13sZfJ0_OE0qeTIuPyMYM0fz8fRZt4jEm6z7nrfKoeb2QgV3WOci9
Frame ID: 237A763C26826ABE1CDC2D4750A1AE98
Requests: 1 HTTP requests in this frame

Frame: https://www.conrad.de/ztpv.php?awc=11354_278235_1629717079_d79ed880-0402-11ec-9723-692d00a25ac2&insert=AW
Frame ID: 8F9F4328D64B52DF2DF1D607CCF743C6
Requests: 1 HTTP requests in this frame

Frame: https://ad19.ad-srv.net/request_content.php?s=72187800081144701324219011695019&a=923bf69f
Frame ID: A23E42E54A08827E7D0EFAE2ABD9EFF3
Requests: 7 HTTP requests in this frame

Frame: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Frame ID: 13FC6A3481EB147F49FEE75CC50916F5
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C782092DC1CA95A83F9A524558DD0904
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B5065A59DEC4B50D30ED33BFF5BB9CD8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

accountinghub1 | user details | folkd.com

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

70
Requests

100 %
HTTPS

59 %
IPv6

21
Domains

29
Subdomains

26
IPs

5
Countries

818 kB
Transfer

1754 kB
Size

14
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/folkd
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/folkd
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.accountingadvice.co/change-the-financial-year-start-date-in-sage
Title: Step : Change The Financial Year Start Date In Sage

Search URL Search Domain Scan URL

URL: https://www.accountingguide.co/sage-100-2019-unable-to-connect-to-server
Title: Error : Sage 100 2019 Unable To Connect To Server

Search URL Search Domain Scan URL

URL: https://www.accountingguide.co/ini-file-location
Title: Steps : Sage 50 2019 or Higher InI File location

Search URL Search Domain Scan URL

URL: https://www.accountingadvice.co/add-users-in-sage
Title: How to add users in Sage

Search URL Search Domain Scan URL

URL: https://www.accountingguide.co/sage-50-cannot-be-started-when-pervasive-psql-not-running-needs-restart
Title: Error : Sage 50 can't be started When Pervasive psql Not Running

Search URL Search Domain Scan URL

URL: https://www.accountingguide.co/quickbooks-company-file-needs-to-be-updated
Title: How to Fixed : QuickBooks Company File Needs To Be Updated

Search URL Search Domain Scan URL

URL: https://www.accountingadvice.co/install-sage-50-connection-manager-on-the-serve
Title: Step : Install Sage 50 Connection Manager On The Server

Search URL Search Domain Scan URL

URL: https://www.accountinghub.co/sage-50-write-off-bad-debt-invoice
Title: How to Sage 50 write off a sales invoice to bad debt

Search URL Search Domain Scan URL

URL: https://www.accountingguide.co/quickbooks-file-types-with-differences
Title: QuickBooks File Types, Extensions, and Formats

Search URL Search Domain Scan URL

URL: https://www.accountingadvice.co/print-t4-slips-and-summary-in-sage
Title: Step: To Print T4 Slips and Summary in Sage

Search URL Search Domain Scan URL

URL: https://www.accountingguide.co/unmatch-a-transaction-in-quickbooks-online
Title: How to Unmatch a Transaction in QuickBooks Online

Search URL Search Domain Scan URL

URL: https://www.accountingguide.co/journal-entry-in-quickbooks-online
Title: How to Make a Journal Entry in QuickBooks Online?

Search URL Search Domain Scan URL

URL: https://www.accountinghub.co/terminated-employee-active-again-in-quickbooks
Title: Step: Terminated Employee Active Again in QuickBooks

Search URL Search Domain Scan URL

URL: https://www.accountingadvice.co/purge-old-employees-in-sage-50
Title: How to Purge Old Employees in Sage 50

Search URL Search Domain Scan URL

URL: https://www.accountingguide.co/quickbooks-clean-install-tool
Title: What is QuickBooks Clean Install Tool

Search URL Search Domain Scan URL

URL: https://www.accountingguide.co/quickbooks-database-server-manager
Title: How to Install, Update & Setup QuickBooks Database Server Manager

Search URL Search Domain Scan URL

URL: https://www.accountingadvice.co/setup-credit-cards-for-sales-or-purchases-as-payment-type
Title: Steps : Setup Credit Cards For Sales Or Purchases As Payment Type

Search URL Search Domain Scan URL

URL: https://www.accountingguide.co/quickbooks-installation-error-in-windows-and-mac
Title: Fix Common QuickBooks Installation Errors (Windows & Mac)

Search URL Search Domain Scan URL

URL: https://www.accountingadvice.co/sage-50cloud-2022
Title: Sage 50cloud 2022 : Overview

Search URL Search Domain Scan URL

URL: https://www.accountingadvice.co/create-a-consolidated-company-in-sage-50
Title: How to Create A Consolidated Company In Sage 50 : Overview

Search URL Search Domain Scan URL

URL: https://facebook.com/folkd
Title: Friend us on facebook

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9374.mB0BxqeuRTfEwfJsDevGQE9DxQ5Xd2RaA2syfVx2WgNAmi-0hM8WfaLA_vp8-9Pi.hQZbMi13nZR25Pvgj0MUe0CzyaU%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9374.44wgRarltB1_ihwi-5-8vP9plsUQQtoUWvZVSlEeWaQ4IK7faBBESpE_m2DSX0fc78d4YKG4kCcq2_UGUKINaQ%2C%2C.capOq5Nm-qwhAptLKjqD1OiviIQ%2C

Request Chain 36

https://cm.g.doubleclick.net/pixel?google_nid=easymedia&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=easymedia&google_cm=&google_tc= HTTP 302
https://brain.rvty.net/RTB/GoogleMatch?google_gid=CAESEBVwqRNOl9Vy6CfD2JJ1hV4&google_cver=1

Request Chain 37

https://mc.yandex.com/watch/71239210?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A393%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A622%3Acn%3A1%3Adp%3A0%3Als%3A519502774688%3Ahid%3A317557149%3Az%3A120%3Ai%3A20210823131118%3Aet%3A1629717078%3Ac%3A1%3Arn%3A784386512%3Au%3A1629717078897082002%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629717077523%3Ads%3A11%2C24%2C215%2C2%2C0%2C0%2C%2C135%2C2%2C%2C%2C%2C388%3Adsn%3A10%2C24%2C214%2C3%2C0%2C0%2C%2C135%2C2%2C%2C%2C%2C389%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629717078%3At%3Aaccountinghub1%20%7C%20user%20details%20%7C%20folkd.com HTTP 302
https://mc.yandex.com/watch/71239210/1?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A393%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A622%3Acn%3A1%3Adp%3A0%3Als%3A519502774688%3Ahid%3A317557149%3Az%3A120%3Ai%3A20210823131118%3Aet%3A1629717078%3Ac%3A1%3Arn%3A784386512%3Au%3A1629717078897082002%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629717077523%3Ads%3A11%2C24%2C215%2C2%2C0%2C0%2C%2C135%2C2%2C%2C%2C%2C388%3Adsn%3A10%2C24%2C214%2C3%2C0%2C0%2C%2C135%2C2%2C%2C%2C%2C389%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629717078%3At%3Aaccountinghub1%20%7C%20user%20details%20%7C%20folkd.com

Request Chain 39

https://ad19.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=5dd4302a64&subid=&uid=ecdc0cd9ea4fbac9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1629717078194%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3D58a380e1b6fd4f4cb7a25dc165f9de06%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=7943805004424&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://ad19.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=5dd4302a64&subid=&uid=ecdc0cd9ea4fbac9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1629717078194%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3D58a380e1b6fd4f4cb7a25dc165f9de06%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=7943805004424&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 40

https://www.awin1.com/cshow.php?s=2470169&v=11354&q=371933&r=278235&pv=1&pref1=72187800081144701324219011695019&gdpr=&gdpr_consent= HTTP 302
https://www.zenaps.com/cshow.php?pvr=d79ed880-0402-11ec-9723-692d00a25ac2&v=11354&r=278235&q=371933&s=2470169&viewref=72187800081144701324219011695019&pv=1&gdpr=&gdpr_consent= HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_278235_1629717079_d79ed880-0402-11ec-9723-692d00a25ac2&insert=AW

Request Chain 43

https://www.awin1.com/cshow.php?s=2470169&v=11354&q=371933&r=278235&pref1=72187800081144701324219011695019&gdpr=&gdpr_consent= HTTP 302
https://www.zenaps.com/cshow.php?pvr=d7a28201-0402-11ec-9723-692d00a25ac2&v=11354&r=278235&q=371933&s=2470169&viewref=72187800081144701324219011695019&gdpr=&gdpr_consent= HTTP 302
https://asset.conrad.com/media10/isa/160267/c1/-/de/Vkfrei_160x600?format=gif

70 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request accountinghub1 Show response
www.folkd.com/user/ 56 KB
11 KB 250ms
214ms Document
text/html 2606:4700:3031::6815:e55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.folkd.com/user/accountinghub1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:e55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b12ffab845f5fad7416cc1ee99fc6810512fa93749b82fffef1c702aa00d523

Request headers

:method: GET
:authority: www.folkd.com
:scheme: https
:path: /user/accountinghub1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:11:17 GMT
content-type: text/html; charset=utf-8
set-cookie: PHPSESSID=u6qsluri311ujdfq3s9aoci2a6; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rL34ce%2FxXxO8KyIHNVCMuOHPFsI5dK1Ss4Iu%2FuMgH7cwJxCFOgh0uOd2DKX1boFuWH2XtmqzdKzMgky7CNqEu1AjRl1lsIkFJ0H95aYnknCfvSiqXRaBVKpgNaDp4J%2FCxi1ZnRaw9GUa6L7i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6833e636bf1d432d-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 folkd.css
www.folkd.com/styles/ 39 KB
10 KB 27ms
17ms Stylesheet
text/css 2606:4700:3031::6815:e55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.folkd.com/styles/folkd.css?v=1.20
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/accountinghub1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:e55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3db2e09adb3a038fa2efa016ef16f84ec56aed13a118201d01ed6b4fedbac56c

Request headers

:path: /styles/folkd.css?v=1.20
pragma: no-cache
cookie: PHPSESSID=u6qsluri311ujdfq3s9aoci2a6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.folkd.com
referer: https://www.folkd.com/user/accountinghub1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/accountinghub1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:11:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Jan 2021 07:03:16 GMT
server: cloudflare
age: 4214
etag: W/"9d15-5b9b421dc4f0e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QzEBQR7fiSihHjQGDwQT3bJJBuV1IfRhU9EBRxlPoWdQEFaygmpls7I3l8Ybrj1awpD4tR7qg6SoLwD47F9Ayp8Dte1x38YnnUVcXSWhHMJXDa4NxoEBtsBPeL0%2B3nSN%2Fh4qHT85Lkwlp6kH"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6833e63839df4eb0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
763 B 16ms
15ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/accountinghub1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d6ffde0bc44344c9007373cfd28cad502d8ab3dffb0f7c02fd72f68d309386b1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Mon, 23 Aug 2021 11:11:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 83ms
59ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/accountinghub1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2d2846040ce0726ba6ace389110fad3b2c7f1cc23caf00adc4f8a016892ad57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49909
x-xss-protection: 0
server: cafe
etag: 14305058684536401169
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 11:11:17 GMT

GET
H3-29 200 logo.svg
www.folkd.com/images/ 2 KB
1 KB 15ms
13ms Image
image/svg+xml 2606:4700:3031::6815:e55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/logo.svg
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/accountinghub1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:e55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56356001ba467fc7240f786c964eb00db91e14603b30b527db7c0db54526b425

Request headers

:path: /images/logo.svg
pragma: no-cache
cookie: PHPSESSID=u6qsluri311ujdfq3s9aoci2a6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/user/accountinghub1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/accountinghub1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:11:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Jan 2021 09:15:21 GMT
server: cloudflare
age: 2306
etag: W/"68a-5b8741cb69c40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GO7aMOrGO6CVagDasGk3wFJPOezll0LJLknd6usGZL%2FZLFtMo4QvNJrWCEXfCnQ90StMt%2BX1LPvs5Sk6uz1i0PDgrFSdQ68BzTPLwN%2BkIJKbZ29hDopL4IpBf5pBaL6yDdUr1I%2B4%2BZsbGzM0"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6833e6385a3f4eb0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 offline.gif
www.folkd.com/images/ 910 B
1 KB 23ms
20ms Image
image/gif 2606:4700:3031::6815:e55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/offline.gif
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/accountinghub1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:e55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03538cc5b5491d983dec8a3b1f5bcfbbdd3f07f7a2525b4074e189664280a7a5

Request headers

:path: /images/offline.gif
pragma: no-cache
cookie: PHPSESSID=u6qsluri311ujdfq3s9aoci2a6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/user/accountinghub1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/accountinghub1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1924
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 910
last-modified: Tue, 16 May 2017 07:09:28 GMT
server: cloudflare
etag: "38e-54f9eda3d113c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKV0Ub7Uzi3U%2BtC8zBs8wurm138bUxiVrCSk9xYxrfFCNcQV%2FBhjV26KFBQtHpRPhf1Ie4Kf%2B6yNk5nk4NPvJ4axVufSoEahTUeICDeDtG%2FLbEGE6Iaqx3G4%2FIoksZ4Km8S46qzGZY86ApYn"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6833e6385a404eb0-FRA

GET
H3-29 200 userTkYGBVUIBA_big.png
www.folkd.com/images/ 1 KB
2 KB 16ms
14ms Image
image/gif 2606:4700:3031::6815:e55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/userTkYGBVUIBA_big.png
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/accountinghub1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:e55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0740b83ca1f5dd7cbe3d6459f695b120ef1679b149f6be8a911f315081b0bce

Request headers

:path: /images/userTkYGBVUIBA_big.png
pragma: no-cache
cookie: PHPSESSID=u6qsluri311ujdfq3s9aoci2a6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/user/accountinghub1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/accountinghub1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63072
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1279
last-modified: Sun, 22 Aug 2021 17:40:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAtTquFqPL%2FUe6vJC3FQ8AYIfG6GzWmYdkqphPsCIw6DUcRPypUpqMsNAS2vJpZe9zpiFdACozuXzyd3JE%2F0GSdlII2zLhoUcJNIQX7Fff250KJr2C69EgBAR%2BMD%2BNBruRaDnYYOdD0J%2FMOF"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86344128
accept-ranges: bytes
cf-ray: 6833e6385a454eb0-FRA
expires: Sat, 18 May 2024 19:40:05 GMT

GET
H3-29 200 userTkYGBVUIBA.png
www.folkd.com/images/ 1 KB
2 KB 15ms
13ms Image
image/gif 2606:4700:3031::6815:e55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/userTkYGBVUIBA.png
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/accountinghub1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:e55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edf6326231b783518a62509c0fbd536be2ee76a49216f536b56ff2f025eb4b7f

Request headers

:path: /images/userTkYGBVUIBA.png
pragma: no-cache
cookie: PHPSESSID=u6qsluri311ujdfq3s9aoci2a6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/user/accountinghub1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/accountinghub1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 346415
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1274
last-modified: Thu, 19 Aug 2021 10:57:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXScLayJXxJk0GaJpUzdQKSoWrJlnSbaA02h%2FrlysPwdmrz3UfDbWF7LfB48s%2FPcJMlQNJhhJ%2FTIQ2%2FF%2Ff1%2FwShOKefHKGO1CHJHbnT4x6plh8IfUl1fLQxRsYZafiYjb06q6cW8iYvKa0dh"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86060785
accept-ranges: bytes
cf-ray: 6833e6385a464eb0-FRA
expires: Wed, 15 May 2024 12:57:42 GMT

GET
H3-29 200 div_x.gif
www.folkd.com/images/ 971 B
2 KB 14ms
11ms Image
image/gif 2606:4700:3031::6815:e55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/div_x.gif
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/accountinghub1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:e55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8180abcb91f876e9e3749696063dd70d4125c5389b83b1a85715fc7fea7c4486

Request headers

:path: /images/div_x.gif
pragma: no-cache
cookie: PHPSESSID=u6qsluri311ujdfq3s9aoci2a6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/user/accountinghub1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/accountinghub1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5454
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 971
last-modified: Tue, 16 May 2017 07:09:28 GMT
server: cloudflare
etag: "3cb-54f9eda3a03ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSoNQe8SH039LboryLPpD4pk26NuJNYixQ5%2BKc%2BETA2Jjzpuo%2FfDxerUrld%2FEJGR2FQGuLnMJvYu9FWt8WnHmeG8k1MoISKDjFzYNc9m8Ffx84%2BwcOIOZUDIb5o2RtqJQCTNFZPxNDVFitsb"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6833e6385a474eb0-FRA

GET
H3-29 200 dot-tag.gif
www.folkd.com/images/ 989 B
2 KB 27ms
25ms Image
image/gif 2606:4700:3031::6815:e55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/dot-tag.gif
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/accountinghub1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:e55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09e1e05e792c205625b4692d601237e48a5d5b468b7399bf95024ac833feefa7

Request headers

:path: /images/dot-tag.gif
pragma: no-cache
cookie: PHPSESSID=u6qsluri311ujdfq3s9aoci2a6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/user/accountinghub1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/accountinghub1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:11:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3121
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 989
last-modified: Tue, 16 May 2017 07:09:27 GMT
server: cloudflare
etag: "3dd-54f9eda35fcc3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rloX4NuZJ%2BjoAoEOjtcyjzIBlEfyK8hHztCYYkNQUYWbgxEyyKKPMrP76tK%2BKgq%2Fnig3QQTIfky31ffmcvo9WXfIGLjuAapDp5VlQd5ZJfnEq25fjrVCLUGNvs3V0ZeXvSVhw20yexujgGY8"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6833e6385a484eb0-FRA

GET
H2 200 getads.js Show response
js.adscale.de/ 25 KB
9 KB 48ms
13ms Script
application/javascript 2600:9000:21f3:2e00:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/getads.js
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/accountinghub1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2e00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e13ad0fd149b388477adcd6417fd3cf2bc0a71f614c5a51e1845f88ad3b8c12

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: eyeA48zhI0XdFKGFfEELJ7lqKdKD2mHI
content-encoding: gzip
last-modified: Fri, 13 Aug 2021 03:15:33 GMT
server: AmazonS3
age: 2967
etag: W/"50bb3a4af6413e0bf7a261465cbb90af"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
cache-control: max-age=7200
date: Mon, 23 Aug 2021 10:21:51 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: FcaAYY__dgwOVqZtYW78fnOk24WIKqKR_v1WzvbuH0T5zhEw4xqWCg==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 70 KB
25 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/accountinghub1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 22 Aug 2021 18:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24715
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Aug 2022 18:34:57 GMT

GET
H3-29 200 jquery.cookie.js Show response
www.folkd.com/js/ 4 KB
2 KB 14ms
11ms Script
text/html 2606:4700:3031::6815:e55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.folkd.com/js/jquery.cookie.js
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/accountinghub1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:e55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5

Request headers

:path: /js/jquery.cookie.js
pragma: no-cache
cookie: PHPSESSID=u6qsluri311ujdfq3s9aoci2a6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.folkd.com
referer: https://www.folkd.com/user/accountinghub1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/accountinghub1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:11:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Aug 2021 10:32:51 GMT
server: cloudflare
age: 2306
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hicx7v20kBw3SmWIT1P03YaGo70TV3Z6tThncmHCsiYqcUPhgYyL9jY1%2B2Vxf2J4sdHJzI%2BDZiI3Wib78bG99pDdB7FmeiLnxqkSPYm4XsbQPp9x8Ur6eKmZjaxW9cMm5bpUMSYytHJjjn9B"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6833e6385a364eb0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 common.js Show response
www.folkd.com/js/ 12 KB
4 KB 42ms
39ms Script
text/javascript 2606:4700:3031::6815:e55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.folkd.com/js/common.js
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/accountinghub1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:e55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5cdd1311fda5aefb51f9945fb526884dfc01e9468dced4bffdb4bd65b5a723c

Request headers

:path: /js/common.js
pragma: no-cache
cookie: PHPSESSID=u6qsluri311ujdfq3s9aoci2a6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.folkd.com
referer: https://www.folkd.com/user/accountinghub1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/accountinghub1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 11:11:17 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3rnxTet4ZMMYObQHtyPdhREgI2GTvgDlfBbENThUeFf7qbYGuSyajBYi6%2F9oViLcrzXTuFMBciAL%2BkXACtzA10n6Nm0eh%2FzPAFtrIW62rJdW9rw%2BBP%2Bgkwd8Rw96HSzOrrV9o%2F2xK95SGe3"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6833e6385a3a4eb0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3-29 200 page_userdetails.js Show response
www.folkd.com/js/ 483 B
816 B 42ms
39ms Script
text/html 2606:4700:3031::6815:e55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.folkd.com/js/page_userdetails.js
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/accountinghub1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:e55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ca7e8fd30f014ba4d5a9a1e6ea49beb7df76cfe6053e9ca0cc267f45f92e1a8

Request headers

:path: /js/page_userdetails.js
pragma: no-cache
cookie: PHPSESSID=u6qsluri311ujdfq3s9aoci2a6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.folkd.com
referer: https://www.folkd.com/user/accountinghub1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/accountinghub1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:11:17 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 23 Aug 2021 09:06:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twj%2BEo253W8Qng324RGMA4fS7q7AekqVMeTHxxFWIAh%2BK0jTQm8VmN5faglzxRMfavRsEnKUu99n2pIXQBWgK8%2BxwFww1nrbpUy9DFS5DC%2FdoezbJ2uNKYQNk7o3DvAPZ8yHv1mhNVqQwNio"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6833e6385a3c4eb0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
41 KB 42ms
19ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-4499241-1

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/accountinghub1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

419684fcc119159caae1a4e919758cf3e361e037483dc61e336d116142708ff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:11:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40976
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 23 Aug 2021 11:11:17 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ 340 KB
133 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b168b017f9db602024341f3e4fce6b102b26e59a60f2ee8f6083b86f83e58c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.folkd.com
Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135293
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Aug 2022 11:06:24 GMT

GET
H3-29 200 folkd-sprite.png
www.folkd.com/images/ 121 KB
122 KB 29ms
28ms Image
image/png 2606:4700:3031::6815:e55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/folkd-sprite.png
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/styles/folkd.css?v=1.20
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:e55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 688811b41e86684db597160601b55b64ef059d2fba49dfd5651d65f865de7738

Request headers

:path: /images/folkd-sprite.png
pragma: no-cache
cookie: PHPSESSID=u6qsluri311ujdfq3s9aoci2a6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/styles/folkd.css?v=1.20
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/styles/folkd.css?v=1.20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:11:17 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 16 May 2017 07:09:28 GMT
server: cloudflare
etag: "1e3e7-54f9eda3e49bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqxN58moxpG41xMqrV0opBCWYISz3prZDV8CFTeD5FJWrYKAVUMKAuTvc4zfmRbeu85N8wE2YsNdzLTS1Sq9KxgWaEqSIKVeSEUlFlE1KM0BKP%2B6PJIbsEuYzHNtNspB6zRtyZqYeeJOoS8N"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6833e6385a494eb0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 123879

GET
H3-29 200 new_updates_bnr.png
www.folkd.com/images/ 11 KB
12 KB 50ms
50ms Image
image/png 2606:4700:3031::6815:e55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.folkd.com/images/new_updates_bnr.png?v=3
Requested by: Host: www.folkd.com
URL: https://www.folkd.com/user/accountinghub1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:e55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a6c5626e0eab1555c89fd50d7f166f3e5ecd812a28c94fc842051dcec1191a5

Request headers

:path: /images/new_updates_bnr.png?v=3
pragma: no-cache
cookie: PHPSESSID=u6qsluri311ujdfq3s9aoci2a6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.folkd.com
referer: https://www.folkd.com/user/accountinghub1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.folkd.com/user/accountinghub1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:11:17 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 22 Feb 2021 14:37:04 GMT
server: cloudflare
etag: "2c50-5bbedbc478400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6n%2FvhcHP%2BtXswsAxeUM%2FpomSWxp0YzU2%2F1tWyMxv44zVDVi7VBwdYUJU3zl%2BUvDrdcnOHcnv%2FNucwYs7sm%2FvFP7x9bXAiTXPwuIejUH9MPYofZoNQ5aVyewhPX29%2BLYw9nGEmQPDojAFiZ0v"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6833e6385a4d4eb0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 11344

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 224 KB
72 KB 149ms
49ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/accountinghub1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

c0ecf1302c42850f5a665b0f6e1ff0853816a966dbf2b7b8ce545e89d16dd4c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:11:18 GMT
content-encoding: br
last-modified: Fri, 20 Aug 2021 14:26:38 GMT
etag: "611fb217-11d3b"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73019
expires: Mon, 23 Aug 2021 12:11:18 GMT

GET
H2 200 impr Show response
gaa.adscale.de/ 3 KB
4 KB 207ms
157ms Script
text/javascript 99.83.169.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gaa.adscale.de/impr?v=2&sid=YjY2ODA=&nu=0&t=1629717077937&ssl=1&pos=below&ws=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&uuid=01163edf-22d4-46f4-a46d-6e4b36139fa1
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.169.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a3436eee63857ff41.awsglobalaccelerator.com
Software: /
Resource Hash: c0cc9f9e78e6cd79d76db842aad98266f0fbccd26f07dbda0d9c8a784b5b72b8

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:11:18 GMT
cache-control: no-cache
p3p: CP=NOI PSA OUR
x-robots-tag: none
content-length: 3287
content-type: text/javascript

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/ 252 KB
93 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e50923eeab2fab42aabd0b1dd0295ed74f9bf5eec3f91bdcb4b36316a40860bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:11:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95447
x-xss-protection: 0
server: cafe
etag: 5134495107379379254
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 11:11:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210816/r20190131/ Frame B3FA 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210816/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210816/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.folkd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.folkd.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 23 Aug 2021 08:37:30 GMT
expires: Mon, 06 Sep 2021 08:37:30 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 9227
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 25ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4499241-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 5684
date: Mon, 23 Aug 2021 09:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Mon, 23 Aug 2021 11:36:34 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
23 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1310856081&t=pageview&_s=1&dl=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&ul=en-us&de=UTF-8&dt=accountinghub1%20%7C%20user%20details%20%7C%20folkd.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=849338411&gjid=686009256&cid=1743970724.1629717078&tid=UA-4499241-1&_gid=1631888795.1629717078&_r=1&gtm=2ou8i0&z=1033460825

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 11:11:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.folkd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
655 B 51ms
28ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.folkd.com&callback=_gfp_s_&client=ca-pub-3319618738478027

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3319618738478027&plah=www.folkd.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

1e751f4fc8e82d319dbcc2720d40ffc33d12a83fb07bb29c78eb851d94a8082e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 36ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.folkd.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Aug 2021 11:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 37ms
17ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.folkd.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Aug 2021 11:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BE8A 0
16 B 22ms
21ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr_consent=tcunavailable&tcfe=3&client=ca-pub-3319618738478027&output=html&adk=3046330955&adf=2044148826&lmt=1629717078&plat=8%3A134217728%2C9%3A134250632%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629717077975&bpp=4&bdt=200&idt=77&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=63993820183&frm=20&pv=2&ga_vid=1743970724.1629717078&ga_sid=1629717078&ga_hid=1310856081&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C44748390%2C31062297%2C31062094&oid=3&pvsid=4189691598251377&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?gdpr_consent=tcunavailable&tcfe=3&client=ca-pub-3319618738478027&output=html&adk=3046330955&adf=2044148826&lmt=1629717078&plat=8%3A134217728%2C9%3A134250632%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629717077975&bpp=4&bdt=200&idt=77&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=63993820183&frm=20&pv=2&ga_vid=1743970724.1629717078&ga_sid=1629717078&ga_hid=1310856081&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C44748390%2C31062297%2C31062094&oid=3&pvsid=4189691598251377&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.folkd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.folkd.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 23 Aug 2021 11:11:18 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 37ms
18ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:11:18 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629458978809797"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27677
x-xss-protection: 0
expires: Mon, 23 Aug 2021 11:11:18 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
459 B 42ms
14ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-4499241-1&cid=1743970724.1629717078&jid=849338411&gjid=686009256&_gid=1631888795.1629717078&_u=YEBAAUAAAAAAAC~&z=2008599771

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 23 Aug 2021 11:11:18 GMT
content-type: text/plain
access-control-allow-origin: https://www.folkd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 userconnect.js
js.adscale.de// 0
0 23ms
23ms Script
application/xml 2600:9000:21f3:2e00:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de//userconnect.js
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2e00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H/1.1 200 Cookie set ShowAd Show response
brain.rvty.net/RTB/ Frame ABB3 1 KB
1 KB 52ms
17ms Document
text/html 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=58a380e1b6fd4f4cb7a25dc165f9de06&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&rawReferrerURL=&uid=c5b72428-3d34-4a40-a7d1-c861bfa370f9&euid=0d1beb22926001578f92a9acb22bae0999452e58d47c74de5670b833531961b4&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 59845b2a85bcfb1fe089648024dbf4563d6bc22232e9e59d6463ae987f38fa20

Request headers

Host: brain.rvty.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.folkd.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.folkd.com/

Response headers

Server: nginx/1.13.4
Date: Mon, 23 Aug 2021 11:11:18 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: RTBUserId=c5b72428-3d34-4a40-a7d1-c861bfa370f9; path=/; SameSite=None; secure; Expires=Tue, 23 Aug 2022 13:11:18 CEST RTBUserId-Old=c5b72428-3d34-4a40-a7d1-c861bfa370f9; path=/; secure; Expires=Tue, 23 Aug 2022 13:11:18 CEST RTBUserId-Plain=c5b72428-3d34-4a40-a7d1-c861bfa370f9; path=/; Expires=Tue, 23 Aug 2022 13:11:18 CEST
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Encoding: gzip

GET
H/1.1 204
No Content imp Show response
trx.adscale.de/ Frame 237A 0
149 B 81ms
16ms Script
application/javascript 35.157.44.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trx.adscale.de/imp?ej=NGExZWM3Njg4ZGY1NGUwMjR0y3FTMN9ORcqTKAkoT1JSTPNJMFLpenHn4RFnHShwfm6aJ1kmgBsdtYRgM3RFFQ0a-0opBLoqK4e9VwJDdSI6I8J7BSbJU0Xk6SQgeUQUCBr1SjIW_mt01tsIAgshZVxzmC8QLNxZROTqJTIzDFdvJ6keKh3tY3XTxBwLAlZ1QwXcbU9vpAdX6eZ6bTtnTHoy5V15WJQzYd-EQgsJVHgfBdZqTGqnBgXot2AnKzUNfHG_BSI-3nZgyo1QCwlGYRMF9mEABO9HVv25fCl6NRFDZIQVbmGdDjLfg00bTBkzJxf0RQ8T6WBXrcopOXYrAAs1nSxrMdNCb87_SwFGH2M7V_sbX1DhdVf3nX04d3xUDjWaLG9j1UJ1278UURMEdjQXqh1NT_cxBqvtcSBaYFQONZosfHnEVGLNwEMSPlR5OgP8GFEY8GIG4PYmJlxnTwswxX4wKdJOJJefQlI0RXU6BvVSEkG3J0P_62BoAnVFFiSHJnAC1koznoIHBksRZywWvhRBNed4H7zjY2c7ZQJeX9o2exeAGX6R21VQD101PTnjVFZ_928U5fl5cmYwRU9ckCc_EJk7bZWcW0hUHGcsM-VJS2LgeALx-XlydlgiDh_HLS4UiRtnpYAJF1RiAEpalGZ6W9k5S4fkbGE9AWUFKbZcWAyQdw_Isz9DESMVd0bSKTtp4j5r6okdJ3kOc09-6kpZX9YKRpiwcxIeLF9tG5I6NiyzbhPr1QFbeg5lTyv2C1RJ0Vwh0uc3a0o_UHgTkDJmKOg9QrDVBQkrWmBBKqkGUxqNCHrU4TJqHG4EJB-fMWN4tTtJ4dIDUypfZhA9sxMQF8BJKoSbc3EQfV4pE4EnKTn2fQS0uV9TdhExRmHRVUBak18-hJdvf1RwVTUCsDklF_ItWe35PxomEzBbdpIDFTnHGHXPmk1_R2dZLRPbZzcD5SlB-ap7T2VLe0FytQNebYJ5IJ7PWXVHKBQvANRncAnnWwy8qTAHNFxWRmT2XUAn128gns9ZdUcoBCcKnX96F_lfFLLtPxw1W3BlY_wMWC3IcSSez1h5Wz8VF0HGLjUP5FNF-ap6Q3kJJTxj6gxFfY08N5DeA2FDOQkeEJlgZ0f5TkL18iEFKlRscGPwDwllw2wVvLZkWnkfNSMgok5ZIJFOOZ7VCzQKeltXacwoNgKrbHfRikh7RCkeGT2Te2JQ4iIw86ZqGCtHbXxT5y0HIpFLX52EUDp-CSYyHLBjJQ6zOTr58TNfGktff33CBExgkQNOi4RWczg4LD4J4D5-TLNmNujsNx1fXX5ffYUcRH2dVhrKj1huKxQQPBHweCEOyTluq-MZG099dVJylVobaKhVHc7PO30mDwYmIuczeA3qPHns9U8PU2oqBFuOVhRphlMPiaYqbDwETlc--iNkS7w1buXVT0Aeazw-WZNNMi7ORgeKu216PDl5cnShfAIW4HQ0pIhPVh5WCxsTyBJDZpBWDobsJ3QydGRpeq97LSX8I33yiVVWCFYADBbGDUhXhQ4Yh-pke2t7MT4n5CFqNuFvaPOPFjobCxMEBYNACxTNTQmX7mZOfnlFYXfwKWR673crxasqY0xIdVlZwRpKS9ZVB-fPWRMNLBQpLaRoHC6kJm6IoXspL35RZQCWWSwWihdZppNICwNcMgpv_TBJQ_lyK-vyPGhrOVYoVZtRJTCcXgmZl18NAk8zTAboIXBZ-Hwz__YzfmdjESVgiXECPIsZXYvUCRgGD2JATKsUd1XvWi_ioGx3Vn0HMynFYFVviTtDkcVAVTMIbldgoVUFHexIJv-xYm9VaQIkBY13YGiFLHWX0BAKMSBmdHfoBAUG8Q5P8bF8eVQMRBECgWBVc5NNIJzcExcEfiFiZ-8Ud0n1LEzvuT81ZRpSAQaDcTIoh0Ilgd5MF18ofDNDrkQeCvQxVdG_PmMxTQ52Itwqd2STQnfrjhBbdGA7WgC_RQQQsXhDxb5VdkFMGT5pzDVoccgoKr3bOT8lbiMcCPVXC0X-Th_b7g5aEV0Wf2mUND1zmyp6uog8YyRpd0lZtkkdU7sKTFg5MQ==&rns=MjRjNDExOGVhOWYyNDVhNiU7uW5RtWS28LKxLvuDmlMTXd1aN4EH1MfTgxuf4KtlJjvkPlKxMfbr8e1064nNHHFSilA3wxPMn4OYEcero3MFO-wpe6xgqe2homW13sZfJ0_OE0qeTIuPyMYM0fz8fRZt4jEm6z7nrfKoeb2QgV3WOci9
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/getads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.44.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-44-220.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=3600
Expires: Mon, 23 Aug 2021 12:11:18 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9374.mB0BxqeuRTfEwfJsDevGQE9DxQ5Xd2RaA2syfVx2WgNAmi-0hM8WfaLA_vp8-9Pi.hQZbMi13nZR25Pvgj0MUe0CzyaU%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9374.44wgRarltB1_ihwi-5-8vP9plsUQQtoUWvZVSlEeWaQ4IK7faBBESpE_m2DSX0fc78d4YKG4kCcq2_UGUKINaQ%2C%2C.capOq5Nm-qwhAptLKjqD1OiviIQ%2C

75 B
75 B

50ms
50ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9374.44wgRarltB1_ihwi-5-8vP9plsUQQtoUWvZVSlEeWaQ4IK7faBBESpE_m2DSX0fc78d4YKG4kCcq2_UGUKINaQ%2C%2C.capOq5Nm-qwhAptLKjqD1OiviIQ%2C

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/accountinghub1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:11:18 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9374.44wgRarltB1_ihwi-5-8vP9plsUQQtoUWvZVSlEeWaQ4IK7faBBESpE_m2DSX0fc78d4YKG4kCcq2_UGUKINaQ%2C%2C.capOq5Nm-qwhAptLKjqD1OiviIQ%2C
date: Mon, 23 Aug 2021 11:11:18 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 51ms
50ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/accountinghub1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:11:18 GMT
last-modified: Fri, 20 Aug 2021 14:26:38 GMT
etag: "611fb217-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 23 Aug 2021 12:11:18 GMT

GET
H/1.1 200
OK ads_view.js Show response
cdn.rvty.net/view/ Frame ABB3 3 KB
4 KB 1068ms
13ms Script
application/javascript 89.163.211.242
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rvty.net/view/ads_view.js
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=58a380e1b6fd4f4cb7a25dc165f9de06&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&rawReferrerURL=&uid=c5b72428-3d34-4a40-a7d1-c861bfa370f9&euid=0d1beb22926001578f92a9acb22bae0999452e58d47c74de5670b833531961b4&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.242 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 00bb2f69ab06efff6555f6ccae10902e87bb6aea861e83de082a45a07e525054

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 23 Aug 2021 11:11:19 GMT
Last-Modified: Fri, 20 Dec 2019 09:27:25 GMT
Server: nginx/1.13.4
ETag: "5dfc93fd-d40"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3392

GET
H/1.1

200

GoogleMatch
brain.rvty.net/RTB/ Frame ABB3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=easymedia&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=easymedia&google_cm=&google_tc=
https://brain.rvty.net/RTB/GoogleMatch?google_gid=CAESEBVwqRNOl9Vy6CfD2JJ1hV4&google_cver=1

43 B
553 B

233ms
233ms

Image
image/gif

89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brain.rvty.net/RTB/GoogleMatch?google_gid=CAESEBVwqRNOl9Vy6CfD2JJ1hV4&google_cver=1
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=58a380e1b6fd4f4cb7a25dc165f9de06&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&rawReferrerURL=&uid=c5b72428-3d34-4a40-a7d1-c861bfa370f9&euid=0d1beb22926001578f92a9acb22bae0999452e58d47c74de5670b833531961b4&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 23 Aug 2021 11:11:18 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 23 Aug 2021 11:11:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://brain.rvty.net/RTB/GoogleMatch?google_gid=CAESEBVwqRNOl9Vy6CfD2JJ1hV4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 292
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/71239210/
Redirect Chain

https://mc.yandex.com/watch/71239210?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A393%3Afu%3A0...
https://mc.yandex.com/watch/71239210/1?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A393%3Afu%3...

316 B
398 B

50ms
49ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/71239210/1?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A393%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A622%3Acn%3A1%3Adp%3A0%3Als%3A519502774688%3Ahid%3A317557149%3Az%3A120%3Ai%3A20210823131118%3Aet%3A1629717078%3Ac%3A1%3Arn%3A784386512%3Au%3A1629717078897082002%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629717077523%3Ads%3A11%2C24%2C215%2C2%2C0%2C0%2C%2C135%2C2%2C%2C%2C%2C388%3Adsn%3A10%2C24%2C214%2C3%2C0%2C0%2C%2C135%2C2%2C%2C%2C%2C389%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629717078%3At%3Aaccountinghub1%20%7C%20user%20details%20%7C%20folkd.com

Requested by

Host: www.folkd.com
URL: https://www.folkd.com/user/accountinghub1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

2faad628f9db71096b7091b7907216117a86484006c41098e26bf0bd59591439

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 11:11:18 GMT
x-content-type-options: nosniff
last-modified: Mon, 23-Aug-2021 11:11:18 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.folkd.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 316
x-xss-protection: 1; mode=block
expires: Mon, 23-Aug-2021 11:11:18 GMT

Redirect headers

pragma: no-cache
date: Mon, 23 Aug 2021 11:11:18 GMT
last-modified: Mon, 23-Aug-2021 11:11:18 GMT
location: /watch/71239210/1?wmode=7&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A393%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A622%3Acn%3A1%3Adp%3A0%3Als%3A519502774688%3Ahid%3A317557149%3Az%3A120%3Ai%3A20210823131118%3Aet%3A1629717078%3Ac%3A1%3Arn%3A784386512%3Au%3A1629717078897082002%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629717077523%3Ads%3A11%2C24%2C215%2C2%2C0%2C0%2C%2C135%2C2%2C%2C%2C%2C388%3Adsn%3A10%2C24%2C214%2C3%2C0%2C0%2C%2C135%2C2%2C%2C%2C%2C389%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629717078%3At%3Aaccountinghub1%20%7C%20user%20details%20%7C%20folkd.com
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.folkd.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 23-Aug-2021 11:11:18 GMT

GET
H/1.1 200
OK 4sxtd47yng2k Show response
ad.ad-srv.net/zone/ Frame ABB3 10 KB
3 KB 45ms
13ms Script
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/zone/4sxtd47yng2k?subid=&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1629717078194%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3D58a380e1b6fd4f4cb7a25dc165f9de06%26gdpr%3D0%26gdpr_consent%3D%26dest%3D
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=58a380e1b6fd4f4cb7a25dc165f9de06&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&rawReferrerURL=&uid=c5b72428-3d34-4a40-a7d1-c861bfa370f9&euid=0d1beb22926001578f92a9acb22bae0999452e58d47c74de5670b833531961b4&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 09922cd5d5e47b23c04a49b0dc6714fbf732869622c19aa235a0fadb2015cff7

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 23 Aug 2021 11:11:19 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2846
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

request.php Show response
ad19.ad-srv.net/ Frame ABB3
Redirect Chain

https://ad19.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=5dd4302a64&subid=&uid=ecdc0cd9ea4fbac9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x6...
https://ad19.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=5dd4302a64&subid=&uid=ecdc0cd9ea4fbac9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x6...

2 KB
1 KB

62ms
39ms

Script
application/x-javascript

78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad19.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=5dd4302a64&subid=&uid=ecdc0cd9ea4fbac9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1629717078194%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3D58a380e1b6fd4f4cb7a25dc165f9de06%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=7943805004424&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: brain.rvty.net
URL: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=58a380e1b6fd4f4cb7a25dc165f9de06&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&rawReferrerURL=&uid=c5b72428-3d34-4a40-a7d1-c861bfa370f9&euid=0d1beb22926001578f92a9acb22bae0999452e58d47c74de5670b833531961b4&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 3c21703fbf7d7bdac0c326c177a8d68f320a2bd92feffabb5e289a44559a3db9

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 23 Aug 2021 11:11:19 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 72187800081144701324219011695019
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 733
Expires: Mon, 23 Aug 2021 12:11:19 +0200

Redirect headers

Pragma: no-cache
Date: Mon, 23 Aug 2021 11:11:19 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=5dd4302a64&subid=&uid=ecdc0cd9ea4fbac9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1629717078194%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3D58a380e1b6fd4f4cb7a25dc165f9de06%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=7943805004424&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 23 Aug 2021 12:11:19 +0200

GET
H2

200

ztpv.php Show response
www.conrad.de/ Frame 8F9F
Redirect Chain

https://www.awin1.com/cshow.php?s=2470169&v=11354&q=371933&r=278235&pv=1&pref1=72187800081144701324219011695019&gdpr=&gdpr_consent=
https://www.zenaps.com/cshow.php?pvr=d79ed880-0402-11ec-9723-692d00a25ac2&v=11354&r=278235&q=371933&s=2470169&viewref=72187800081144701324219011695019&pv=1&gdpr=&gdpr_consent=
https://www.conrad.de/ztpv.php?awc=11354_278235_1629717079_d79ed880-0402-11ec-9723-692d00a25ac2&insert=AW

0
707 B

76ms
53ms

Document
text/html

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.conrad.de/ztpv.php?awc=11354_278235_1629717079_d79ed880-0402-11ec-9723-692d00a25ac2&insert=AW

Requested by

Host: ad19.ad-srv.net
URL: https://ad19.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=5dd4302a64&subid=&uid=ecdc0cd9ea4fbac9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1629717078194%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3D58a380e1b6fd4f4cb7a25dc165f9de06%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=7943805004424&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: www.conrad.de
:scheme: https
:path: /ztpv.php?awc=11354_278235_1629717079_d79ed880-0402-11ec-9723-692d00a25ac2&insert=AW
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://brain.rvty.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://brain.rvty.net/

Response headers

date: Mon, 23 Aug 2021 11:11:19 GMT
content-type: text/html; charset=UTF-8
server-timing: intid;desc=94b1d29ee7c9e063 intid;desc=7fd5241d1fadb6cf
cache-control: no-cache
expires: -1
set-cookie: HTLP_timestamp=1629717079; expires=Sat, 28-Aug-2021 11:11:19 GMT; Max-Age=432000; path=/; secure; SameSite=None CEAffHA=YD; expires=Sat, 28-Aug-2021 11:11:19 GMT; Max-Age=432000; path=/; secure; SameSite=None __cf_bm=4ba49bfbbc7ef0c2a7f7793c4a9ad19943387870-1629717079-1800-AVxqVhgdQw0axClu8FDsafBh8as0NNhmPL5LJfzZ4fjQsSoqdG/2ER8FFmo9k+GmgJ0EKXJTJjqP6H6B0tsPMc4=; path=/; expires=Mon, 23-Aug-21 11:41:19 GMT; domain=.www.conrad.de; HttpOnly; Secure; SameSite=None
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
age: 0
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6833e6446b120629-FRA
content-encoding: br

Redirect headers

Location: https://www.conrad.de/ztpv.php?awc=11354_278235_1629717079_d79ed880-0402-11ec-9723-692d00a25ac2&insert=AW
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Content-Length: 0
Date: Mon, 23 Aug 2021 11:11:19 GMT
Connection: keep-alive
Set-Cookie: awpv11354=278235|1629717079|d79ed880-0402-11ec-9723-692d00a25ac2;domain=.zenaps.com;path=/;expires=Thursday, 26-Aug-2021 11:11:19 UTC;Secure;SameSite=None AWSESS=377133:2470169;domain=.zenaps.com;path=/;Secure;SameSite=None
Strict-Transport-Security: max-age=86400
Awin-Akamai-Rule-Set: default

GET
H/1.1 200
OK request_content.php Show response
ad19.ad-srv.net/ Frame A23E 6 KB
2 KB 35ms
12ms Document
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad19.ad-srv.net/request_content.php?s=72187800081144701324219011695019&a=923bf69f
Requested by: Host: ad19.ad-srv.net
URL: https://ad19.ad-srv.net/request.php?zone=4sxtd47yng2k&nw=14&renderingType=javascript&namespace=5dd4302a64&subid=&uid=ecdc0cd9ea4fbac9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=ANIM_AFTER_30S%3A0&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Fbrain.rvty.net%2FRTB%2FClick%3Fx%3DEASY-X-COORDINATE%26y%3DEASY-Y-COORDINATE%26s%3D1567140%26a%3D146060%26t%3D1629717078194%26l%3D-875671883%26p%3D17%26appid%3D%26aa%3D58a380e1b6fd4f4cb7a25dc165f9de06%26gdpr%3D0%26gdpr_consent%3D%26dest%3D&documentReferer=https%3A%2F%2Fwww.folkd.com%2F&ancestorOrigins=https%3A%2F%2Fwww.folkd.com%2Chttps%3A%2F%2Fwww.folkd.com&random=7943805004424&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 93aac4c751d2971c40dc13c245b20889b4c53479411473f251c2b6e797e3173c

Request headers

Host: ad19.ad-srv.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://brain.rvty.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: kdb0xdq3ls8m_uid=7772d037a362b51b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://brain.rvty.net/

Response headers

Date: Mon, 23 Aug 2021 11:11:19 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 23 Aug 2021 12:11:19 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2062
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK jquery-1.10.2.min.js Show response
cdn.rvty.net/_files/js/ Frame 13FC 91 KB
91 KB 227ms
227ms Script
application/javascript 89.163.211.242
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/view/ads_view.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.242 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Referer: https://brain.rvty.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 23 Aug 2021 11:11:19 GMT
Last-Modified: Wed, 08 Jan 2020 08:13:37 GMT
Server: nginx/1.13.4
ETag: "5e158f31-16bb3"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 93107

GET
H2

200

Vkfrei_160x600
asset.conrad.com/media10/isa/160267/c1/-/de/ Frame A23E
Redirect Chain

https://www.awin1.com/cshow.php?s=2470169&v=11354&q=371933&r=278235&pref1=72187800081144701324219011695019&gdpr=&gdpr_consent=
https://www.zenaps.com/cshow.php?pvr=d7a28201-0402-11ec-9723-692d00a25ac2&v=11354&r=278235&q=371933&s=2470169&viewref=72187800081144701324219011695019&gdpr=&gdpr_consent=
https://asset.conrad.com/media10/isa/160267/c1/-/de/Vkfrei_160x600?format=gif

23 KB
24 KB

62ms
23ms

Image
image/gif

178.79.227.54
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://asset.conrad.com/media10/isa/160267/c1/-/de/Vkfrei_160x600?format=gif

Requested by

Host: ad19.ad-srv.net
URL: https://ad19.ad-srv.net/request_content.php?s=72187800081144701324219011695019&a=923bf69f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.79.227.54 , United States, ASN22822 (LLNW, US),

Reverse DNS

https-178-79-227-54.vie.llnw.net

Software

Cliplister GmbH /

Resource Hash

989941d663b541dd239d443523e36334bf8eed988aeeab970e31e699783f2771

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://ad19.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:11:19 GMT
last-modified: Mon, 23 Aug 2021 07:21:40 GMT
server: Cliplister GmbH
age: 13429
etag: "61234c84-5cb8"
strict-transport-security: max-age=15768000
reporting: eyJjb25zdW1lcmlkIjoxNjAyNjcsIm93bmVyaWQiOjE2MDI2NywidW5pcXVlaWQiOiIxNjAyNjc2cF9fNDl1OE5zcDhtTGNRRXZUZml4QVQiLCJ1dWlkIjoiYTQ3OTc4MThmYjdiNzQ0MTBiMjBjNDg0MGQ3MTA4ODA0IiwiYXNzZXR0eXBlIjoicGljdHVyZSJ9
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=172800
x-server: c11
accept-ranges: bytes
content-length: 23736
x-llid: 08970087e731e881fe98b2c2ecd45521
expires: Wed, 25 Aug 2021 07:27:30 GMT

Redirect headers

Date: Mon, 23 Aug 2021 11:11:19 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://asset.conrad.com/media10/isa/160267/c1/-/de/Vkfrei_160x600?format=gif
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK viewability Show response
ad19.ad-srv.net/ Frame A23E 0
150 B 35ms
13ms Script
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad19.ad-srv.net/viewability?s=72187800081144701324219011695019&a=83124b8f&vb=m
Requested by: Host: ad19.ad-srv.net
URL: https://ad19.ad-srv.net/request_content.php?s=72187800081144701324219011695019&a=923bf69f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad19.ad-srv.net/request_content.php?s=72187800081144701324219011695019&a=923bf69f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 23 Aug 2021 11:11:19 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame A23E 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/oliro/tools/js/ Frame A23E 851 B
1 KB 38ms
8ms Script
application/javascript 51.75.147.170
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/oliro/tools/js/addDoubleBorder.js
Requested by: Host: ad19.ad-srv.net
URL: https://ad19.ad-srv.net/request_content.php?s=72187800081144701324219011695019&a=923bf69f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.75.147.170 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3133977.ip-51-75-147.eu
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

Referer: https://ad19.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 23 Aug 2021 11:11:19 GMT
Last-Modified: Sun, 01 Mar 2015 14:40:33 GMT
Server: nginx
ETag: "54f324e1-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H/1.1 200
OK oba_icon.png
cdn.contentspread.net/oliro/oba/ Frame A23E 3 KB
3 KB 39ms
8ms Image
image/png 51.75.147.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/oliro/oba/oba_icon.png
Requested by: Host: ad19.ad-srv.net
URL: https://ad19.ad-srv.net/request_content.php?s=72187800081144701324219011695019&a=923bf69f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.75.147.170 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3133977.ip-51-75-147.eu
Software: nginx /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

Referer: https://ad19.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 23 Aug 2021 11:11:19 GMT
Last-Modified: Fri, 05 Aug 2016 12:57:49 GMT
Server: nginx
ETag: "57a48d4d-c35"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 3125

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 13FC 0
119 B 12ms
12ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=58a380e1b6fd4f4cb7a25dc165f9de06&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&rawReferrerURL=&uid=c5b72428-3d34-4a40-a7d1-c861bfa370f9&euid=0d1beb22926001578f92a9acb22bae0999452e58d47c74de5670b833531961b4&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 23 Aug 2021 11:11:19 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210816&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daf07a039f071a26258d63de90d2f5e6b5cd407153bd6862b2bd1ea4416d24f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 23 Aug 2021 11:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8477
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 39ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 11:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 23 Aug 2021 11:11:19 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C782 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.folkd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.folkd.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 23 Aug 2021 10:47:44 GMT
expires: Tue, 23 Aug 2022 10:47:44 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1415
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B506 783 B
778 B 15ms
15ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2f1bea0e5bf9756906d269eaa469831f0f111a0bbb9b6ac8478152f24fd9b29c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uI624y95wgGN2asxhtytSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.folkd.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.folkd.com/

Response headers

expires: Mon, 23 Aug 2021 11:11:19 GMT
date: Mon, 23 Aug 2021 11:11:19 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-uI624y95wgGN2asxhtytSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame C782 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 08:39:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13272
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Aug 2022 08:39:48 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 29ms
29ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210816&jk=4189691598251377&bg=!ZGelZyPNAAZvV8FTb1c7ACkAdvg8WgW_enT0wdtUnohy7bnw_upktPeRqXajEtLITcrfrTsoPAHDJgIAAABfUgAAAAxoAQcKAJgGQquaZpXtEFSR-HlAedEsi1C3UC-QQEdUZzwWDqQ89-E8d4VzODIlMYOKWu1Zf4PeUowZ_k-XkcYw5q-3Vt5BkP1yEGib1TkK1eYnlQXx-P4J_RZ2xmL5ZRhDLKSQ5rlnhlKmgVcU5XbGGFDaeJB7B3BSoy9fZwwFWZaQU6lTagBjnHeQPCzansRHKNRje3OX3bsfPwz9t5kCfRImmhIxhrKmRIz_IkKslQKbRG3q75pXjuPD5_Y4urfReSKOjZC1yBihsqqiUvBzz8n05_qPtik8hFYEZhgemn3iDi_7--wKz1CJSbckF1FCt90vV8SZMWMHWWushCuKQcbUGGmg6Dtm5O-YdvG0tafnrtlXDh-R06Lw2PZQLJnkOkMCRsFb94KzaK8YsAbWKvw5dpgPodLswsRsGYBjdhThP5RdLj-dQWjy46YmcKEiyfbx2ziaBRfA1tiOIfENJY57FWKrR0XvM4yP5K4eLIhywtKJX6L4h6ivcFAddDFspmi6QmUuoeElPlzutabHDcblViXHZeT9Oqpz3SCld4BzPyC9vfyx54xpFnouL9D8JV7R6VbwJHZ4nohchJj0aOhm96XP9PAhJBdQazmf2wjeio1mTmhgKjL-nQL_FlwiXmBlMZ7myHOe68kDgx1bzqK01jiDXF-wUSkFZZMtEkCBX1ywg8xqbGu2i2qX-e_f3eDwmyeV1yC9Cq_xjf7lMWhi9uqjoZ8pccwvCGQS7mCeZuTsU9r6p1vHEjsPRmA7El3CavavxlhU9D8a98OaoT0VzE34Sw4D6xbYsPwtShNegU1AypjILphMRq3WBVyti5ZfzEZdFC2VeBxAlfZvsza8kqguV16oovcCjstXY1_9km9sV66VdMeDmgsZFFkRgKCEov3vQoKCknGxnacIwDF7oN7QMpe1DKzP_ecLTfflGaj7aYxE8VznoF6j8ZG764KW5Nry8LUitWRRL6-1loqt-h-U36sSJF9YAD37TX3vjqkZuGw2juOYM_h28HklFBLZRm0iNlfnNFEBoL1ZMznmXa0UflUyQsI6Qvs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 11:11:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 13FC 0
119 B 13ms
13ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=58a380e1b6fd4f4cb7a25dc165f9de06&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&rawReferrerURL=&uid=c5b72428-3d34-4a40-a7d1-c861bfa370f9&euid=0d1beb22926001578f92a9acb22bae0999452e58d47c74de5670b833531961b4&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 23 Aug 2021 11:11:20 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK viewability Show response
ad19.ad-srv.net/ Frame A23E 0
150 B 37ms
13ms Script
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad19.ad-srv.net/viewability?s=72187800081144701324219011695019&a=83124b8f&vb=v
Requested by: Host: ad19.ad-srv.net
URL: https://ad19.ad-srv.net/request_content.php?s=72187800081144701324219011695019&a=923bf69f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad19.ad-srv.net/request_content.php?s=72187800081144701324219011695019&a=923bf69f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 23 Aug 2021 11:11:20 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H2 200 71239210 Show response
mc.yandex.com/webvisor/ 43 B
73 B 244ms
147ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/71239210?wmode=0&wv-part=1&wv-hit=317557149&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&rn=149841077&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1629717081%3Aw%3A1600x1200%3Av%3A622%3Az%3A120%3Ai%3A20210823131120%3Au%3A1629717078897082002%3Avf%3A25rt5xty9edhsiwwad%3Awe%3A1%3Ati%3A2%3Ast%3A1629717081

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 11:11:20 GMT
last-modified: Mon, 23-Aug-2021 11:11:20 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.folkd.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 23-Aug-2021 11:11:20 GMT

POST
H2 200 71239210 Show response
mc.yandex.com/webvisor/ 43 B
145 B 193ms
99ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/71239210?wmode=0&wv-part=1&wv-hit=317557149&page-url=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&rn=139630391&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1629717081%3Aw%3A1600x1200%3Av%3A622%3Az%3A120%3Ai%3A20210823131120%3Au%3A1629717078897082002%3Avf%3A25rt5xty9edhsiwwad%3Awe%3A1%3Ati%3A2%3Ast%3A1629717081

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 11:11:20 GMT
last-modified: Mon, 23-Aug-2021 11:11:20 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.folkd.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 23-Aug-2021 11:11:20 GMT

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 13FC 0
119 B 13ms
12ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=58a380e1b6fd4f4cb7a25dc165f9de06&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&rawReferrerURL=&uid=c5b72428-3d34-4a40-a7d1-c861bfa370f9&euid=0d1beb22926001578f92a9acb22bae0999452e58d47c74de5670b833531961b4&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 23 Aug 2021 11:11:20 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 13FC 0
119 B 13ms
12ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=58a380e1b6fd4f4cb7a25dc165f9de06&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&rawReferrerURL=&uid=c5b72428-3d34-4a40-a7d1-c861bfa370f9&euid=0d1beb22926001578f92a9acb22bae0999452e58d47c74de5670b833531961b4&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 23 Aug 2021 11:11:21 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 13FC 0
119 B 13ms
13ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=58a380e1b6fd4f4cb7a25dc165f9de06&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&rawReferrerURL=&uid=c5b72428-3d34-4a40-a7d1-c861bfa370f9&euid=0d1beb22926001578f92a9acb22bae0999452e58d47c74de5670b833531961b4&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 23 Aug 2021 11:11:21 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 13FC 0
119 B 12ms
11ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=58a380e1b6fd4f4cb7a25dc165f9de06&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&rawReferrerURL=&uid=c5b72428-3d34-4a40-a7d1-c861bfa370f9&euid=0d1beb22926001578f92a9acb22bae0999452e58d47c74de5670b833531961b4&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 23 Aug 2021 11:11:22 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 13FC 0
119 B 12ms
12ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=58a380e1b6fd4f4cb7a25dc165f9de06&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&rawReferrerURL=&uid=c5b72428-3d34-4a40-a7d1-c861bfa370f9&euid=0d1beb22926001578f92a9acb22bae0999452e58d47c74de5670b833531961b4&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 23 Aug 2021 11:11:22 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 13FC 0
119 B 12ms
12ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=58a380e1b6fd4f4cb7a25dc165f9de06&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&rawReferrerURL=&uid=c5b72428-3d34-4a40-a7d1-c861bfa370f9&euid=0d1beb22926001578f92a9acb22bae0999452e58d47c74de5670b833531961b4&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 23 Aug 2021 11:11:23 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 13FC 0
119 B 14ms
13ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=58a380e1b6fd4f4cb7a25dc165f9de06&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&rawReferrerURL=&uid=c5b72428-3d34-4a40-a7d1-c861bfa370f9&euid=0d1beb22926001578f92a9acb22bae0999452e58d47c74de5670b833531961b4&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 23 Aug 2021 11:11:23 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 13FC 0
119 B 13ms
12ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=58a380e1b6fd4f4cb7a25dc165f9de06&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&rawReferrerURL=&uid=c5b72428-3d34-4a40-a7d1-c861bfa370f9&euid=0d1beb22926001578f92a9acb22bae0999452e58d47c74de5670b833531961b4&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 23 Aug 2021 11:11:24 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 13FC 0
119 B 12ms
12ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=58a380e1b6fd4f4cb7a25dc165f9de06&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&rawReferrerURL=&uid=c5b72428-3d34-4a40-a7d1-c861bfa370f9&euid=0d1beb22926001578f92a9acb22bae0999452e58d47c74de5670b833531961b4&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 23 Aug 2021 11:11:27 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 13FC 0
119 B 13ms
13ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=58a380e1b6fd4f4cb7a25dc165f9de06&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&rawReferrerURL=&uid=c5b72428-3d34-4a40-a7d1-c861bfa370f9&euid=0d1beb22926001578f92a9acb22bae0999452e58d47c74de5670b833531961b4&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 23 Aug 2021 11:11:30 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200 Visibility Show response
brain.rvty.net/RTB/ Frame 13FC 0
119 B 13ms
12ms XHR
text/plain 89.163.211.233
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://brain.rvty.net/RTB/Visibility
Requested by: Host: cdn.rvty.net
URL: https://cdn.rvty.net/_files/js/jquery-1.10.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.163.211.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx/1.13.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://brain.rvty.net/RTB/ShowAd?adHeight=600&adWidth=160&adFormat=3&adslotId=&siteId=1567140&bannerId=146060&e=17&p=0.04&penc=&bp=38462&a=58a380e1b6fd4f4cb7a25dc165f9de06&n=1&geo=-875671883&rawURL=https%3A%2F%2Fwww.folkd.com%2Fuser%2Faccountinghub1&rawReferrerURL=&uid=c5b72428-3d34-4a40-a7d1-c861bfa370f9&euid=0d1beb22926001578f92a9acb22bae0999452e58d47c74de5670b833531961b4&encn=N4IgXglgDiBcIEYAMCDsAOEAaEBjA9gK4B2ALgE4CecIAIgKLYgCGpcCOANsQObsDMAOgAsSAGzp0AJinoxSVGlSocuCKWrwAQgFNynCMSYBnUqx01d+w006s4AVimCHCAJzzXDt6m9OAvkA&gdpr=0&gdpr_consent=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Mon, 23 Aug 2021 11:11:33 GMT
Server: nginx/1.13.4
Connection: keep-alive
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.conrad.de/	1970-01-19 20:41:58	Name: __cf_bm Value: 4ba49bfbbc7ef0c2a7f7793c4a9ad19943387870-1629717079-1800-AVxqVhgdQw0axClu8FDsafBh8as0NNhmPL5LJfzZ4fjQsSoqdG/2ER8FFmo9k+GmgJ0EKXJTJjqP6H6B0tsPMc4=
www.conrad.de/	1970-01-19 20:49:09	Name: HTLP_timestamp Value: 1629717079
.ad-srv.net/	1970-01-19 22:51:33	Name: kdb0xdq3ls8m_uid Value: 7772d037a362b51b
brain.rvty.net/	1970-01-20 05:27:40	Name: RTBUserId Value: c5b72428-3d34-4a40-a7d1-c861bfa370f9
.doubleclick.net/	1970-01-20 06:03:33	Name: IDE Value: AHWqTUlknzAmAOaifk7owzKyHt4YYgsQoRiXGPG9b-tb0Sw2FztseV9PNH03QBgScso
www.conrad.de/	1970-01-19 20:49:09	Name: CEAffHA Value: YD
.folkd.com/	1970-01-19 20:41:58	Name: _ym_visorc Value: w
.folkd.com/	1970-01-20 05:27:33	Name: _ym_d Value: 1629717078
.folkd.com/	1970-01-20 06:03:33	Name: __gads Value: ID=a35ce7c3f1934ba0-2274c267b3c9009d:T=1629717078:RT=1629717078:S=ALNI_MapclcHMOQ-I3Qbn4FulGCtt0Pl6A
.folkd.com/	1970-01-20 14:13:09	Name: _ga Value: GA1.2.1743970724.1629717078
.folkd.com/	1970-01-19 20:43:09	Name: _ym_isad Value: 2
.folkd.com/	1970-01-19 20:43:23	Name: _gid Value: GA1.2.1631888795.1629717078
.folkd.com/	1970-01-20 05:27:33	Name: _ym_uid Value: 1629717078897082002
.folkd.com/	1970-01-19 20:41:57	Name: _gat_gtag_UA_4499241_1 Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.ad-srv.net
ad19.ad-srv.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
asset.conrad.com
brain.rvty.net
cdn.contentspread.net
cdn.rvty.net
cm.g.doubleclick.net
gaa.adscale.de
googleads.g.doubleclick.net
js.adscale.de
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tpc.googlesyndication.com
trx.adscale.de
www.awin1.com
www.conrad.de
www.folkd.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.zenaps.com
104.111.239.217
116.202.48.214
142.250.181.226
142.250.185.98
178.79.227.54
2600:9000:21f3:2e00:f:4f64:8940:93a1
2606:4700:3031::6815:e55
2606:4700::6812:7f05
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2001
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9c
2a02:6b8::1:119
35.157.44.220
51.75.147.170
78.46.90.238
89.163.211.233
89.163.211.242
99.83.169.100
00bb2f69ab06efff6555f6ccae10902e87bb6aea861e83de082a45a07e525054
03538cc5b5491d983dec8a3b1f5bcfbbdd3f07f7a2525b4074e189664280a7a5
09922cd5d5e47b23c04a49b0dc6714fbf732869622c19aa235a0fadb2015cff7
09e1e05e792c205625b4692d601237e48a5d5b468b7399bf95024ac833feefa7
0b12ffab845f5fad7416cc1ee99fc6810512fa93749b82fffef1c702aa00d523
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
1e751f4fc8e82d319dbcc2720d40ffc33d12a83fb07bb29c78eb851d94a8082e
2ca7e8fd30f014ba4d5a9a1e6ea49beb7df76cfe6053e9ca0cc267f45f92e1a8
2f1bea0e5bf9756906d269eaa469831f0f111a0bbb9b6ac8478152f24fd9b29c
2faad628f9db71096b7091b7907216117a86484006c41098e26bf0bd59591439
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
3b168b017f9db602024341f3e4fce6b102b26e59a60f2ee8f6083b86f83e58c0
3c21703fbf7d7bdac0c326c177a8d68f320a2bd92feffabb5e289a44559a3db9
3db2e09adb3a038fa2efa016ef16f84ec56aed13a118201d01ed6b4fedbac56c
419684fcc119159caae1a4e919758cf3e361e037483dc61e336d116142708ff0
4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56356001ba467fc7240f786c964eb00db91e14603b30b527db7c0db54526b425
59845b2a85bcfb1fe089648024dbf4563d6bc22232e9e59d6463ae987f38fa20
5e13ad0fd149b388477adcd6417fd3cf2bc0a71f614c5a51e1845f88ad3b8c12
688811b41e86684db597160601b55b64ef059d2fba49dfd5651d65f865de7738
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf
8180abcb91f876e9e3749696063dd70d4125c5389b83b1a85715fc7fea7c4486
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8a6c5626e0eab1555c89fd50d7f166f3e5ecd812a28c94fc842051dcec1191a5
93aac4c751d2971c40dc13c245b20889b4c53479411473f251c2b6e797e3173c
989941d663b541dd239d443523e36334bf8eed988aeeab970e31e699783f2771
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
b0740b83ca1f5dd7cbe3d6459f695b120ef1679b149f6be8a911f315081b0bce
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c0cc9f9e78e6cd79d76db842aad98266f0fbccd26f07dbda0d9c8a784b5b72b8
c0ecf1302c42850f5a665b0f6e1ff0853816a966dbf2b7b8ce545e89d16dd4c2
c5cdd1311fda5aefb51f9945fb526884dfc01e9468dced4bffdb4bd65b5a723c
d2d2846040ce0726ba6ace389110fad3b2c7f1cc23caf00adc4f8a016892ad57
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d6ffde0bc44344c9007373cfd28cad502d8ab3dffb0f7c02fd72f68d309386b1
daf07a039f071a26258d63de90d2f5e6b5cd407153bd6862b2bd1ea4416d24f6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50923eeab2fab42aabd0b1dd0295ed74f9bf5eec3f91bdcb4b36316a40860bc
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
edf6326231b783518a62509c0fbd536be2ee76a49216f536b56ff2f025eb4b7f

www.folkd.com Open in urlscan Pro 2606:4700:3031::6815:e55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

70 Requests

100 %HTTPS

59 %IPv6

21 Domains

29 Subdomains

26 IPs

5 Countries

818 kBTransfer

1754 kBSize

14 Cookies

23 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.folkd.com Open in urlscan Pro
2606:4700:3031::6815:e55 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

100 %
HTTPS

59 %
IPv6

21
Domains

29
Subdomains

26
IPs

5
Countries

818 kB
Transfer

1754 kB
Size

14
Cookies

70 HTTP transactions
1 data transactions