folkd.com Open in urlscan Pro
76.76.21.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.folkd.com/submit/mybodygeometry.com/2023/11/16/%d0%b7%d0%b0%d0%b1%d0%be%d1%82%d0%b0-%d0%be-%d1%81%d0%b2%d0...
Effective URL:
https://folkd.com/
Submission: On November 17 via manual (November 17th 2023, 3:47:50 am UTC) from US — Scanned from CH

Summary HTTP 773 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 67 IPs in 12 countries across 83 domains to perform 773 HTTP transactions. The main IP is 76.76.21.21, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is folkd.com.
TLS certificate: Issued by R3 on November 13th 2023. Valid for: 3 months.

This is the only time folkd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 12	76.76.21.21 76.76.21.21	16509 (AMAZON-02) (AMAZON-02)
7	104.16.204.66 104.16.204.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
112	104.16.89.20 104.16.89.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	185.3.92.76 185.3.92.76	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	216.58.212.168 216.58.212.168	15169 (GOOGLE) (GOOGLE)
5	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
2	172.217.23.106 172.217.23.106	15169 (GOOGLE) (GOOGLE)
15	142.250.186.36 142.250.186.36	15169 (GOOGLE) (GOOGLE)
10	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
2	13.107.246.45 13.107.246.45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 10	35.193.186.65 35.193.186.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.16.224.78 104.16.224.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
6	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
2	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
2	104.18.43.90 104.18.43.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
5	23.96.124.156 23.96.124.156	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.201.135.255 54.201.135.255	16509 (AMAZON-02) (AMAZON-02)
14	35.186.236.140 35.186.236.140	15169 (GOOGLE) (GOOGLE)
1	104.22.53.86 104.22.53.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	178.250.1.3 178.250.1.3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.104 65.9.66.104	16509 (AMAZON-02) (AMAZON-02)
1	18.66.129.71 18.66.129.71	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
13	142.250.186.65 142.250.186.65	15169 (GOOGLE) (GOOGLE)
2	172.217.18.123 172.217.18.123	15169 (GOOGLE) (GOOGLE)
1	202.92.7.98 202.92.7.98	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
2	45.252.248.51 45.252.248.51	63760 (AZDIGI-AS...) (AZDIGI-AS-VN AZDIGI Corporation)
1	104.21.79.59 104.21.79.59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	68.178.148.206 68.178.148.206	398791 (GO-DADDY-...) (GO-DADDY-COM-LLC)
1	103.146.112.163 103.146.112.163	136557 (HOST-AS-A...) (HOST-AS-AP Host Universal Pty Ltd)
1	143.204.89.213 143.204.89.213	16509 (AMAZON-02) (AMAZON-02)
1	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.255.67.121 34.255.67.121	16509 (AMAZON-02) (AMAZON-02)
1	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
12	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
28	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
67	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
62	142.250.186.97 142.250.186.97	15169 (GOOGLE) (GOOGLE)
12 104	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 6	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
30	18.245.60.36 18.245.60.36	16509 (AMAZON-02) (AMAZON-02)
3 47	54.72.186.48 54.72.186.48	16509 (AMAZON-02) (AMAZON-02)
11	16.171.99.149 16.171.99.149	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
1 3	54.239.38.253 54.239.38.253	16509 (AMAZON-02) (AMAZON-02)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
10 12	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
4 4	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1 4	91.228.74.200 91.228.74.200	16509 (AMAZON-02) (AMAZON-02)
2 2	89.207.16.140 89.207.16.140	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
2 2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10 10	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
4 5	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
8 9	35.158.83.137 35.158.83.137	16509 (AMAZON-02) (AMAZON-02)
2 2	3.121.33.140 3.121.33.140	16509 (AMAZON-02) (AMAZON-02)
6 6	176.34.91.195 176.34.91.195	16509 (AMAZON-02) (AMAZON-02)
12 12	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
6 6	184.30.24.22 184.30.24.22	16625 (AKAMAI-AS) (AKAMAI-AS)
4 8	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
2 2	3.127.72.135 3.127.72.135	16509 (AMAZON-02) (AMAZON-02)
10 10	63.251.14.14 63.251.14.14	14744 (INTERNAP-...) (INTERNAP-BLOCK-4)
6 6	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
5 5	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4	52.28.38.5 52.28.38.5	16509 (AMAZON-02) (AMAZON-02)
4 4	69.166.1.66 69.166.1.66	27630 (AS-XFERNET) (AS-XFERNET)
10	18.66.122.57 18.66.122.57	16509 (AMAZON-02) (AMAZON-02)
86	3.91.171.242 3.91.171.242	14618 (AMAZON-AES) (AMAZON-AES)
3 3	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
1 1	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	54.156.117.66 54.156.117.66	14618 (AMAZON-AES) (AMAZON-AES)
1 11	18.245.60.107 18.245.60.107	16509 (AMAZON-02) (AMAZON-02)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
773	67

12 76.76.21.21 (Walnut, United States) 3 redirects

ASN16509 (AMAZON-02, US)

www.folkd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
folkd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.16.204.66 (None, )

ASN13335 (CLOUDFLARENET, US)

folkd0612.bubbleapps.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

112 104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.3.92.76 (London, United Kingdom)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: nb-185-3-92-76.tc.nodebalancer.linode.com

monu.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.168 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f168.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.186.36 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.246.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.193.186.65 (United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.186.193.35.bc.googleusercontent.com

xeqe-t3lw-i7hv.n7.xano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.224.78 (None, )

ASN13335 (CLOUDFLARENET, US)

1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.43.90 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.96.124.156 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

w.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.201.135.255 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-135-255.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 35.186.236.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.236.186.35.bc.googleusercontent.com

imps.monu.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.129.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-129-71.fra60.r.cloudfront.net

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net

2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.123 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f123.1e100.net

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.92.7.98 (Hai Duong, Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)

gotrangtri.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.252.248.51 (Binh Duong, Viet Nam)

ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN)

ruouvn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.79.59 (None, )

ASN13335 (CLOUDFLARENET, US)

oze6868x.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cruisepassenger.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.178.148.206 (Mumbai, India)

ASN398791 (GO-DADDY-COM-LLC, US)
PTR: 206.148.178.68.host.secureserver.net

mycitymagazine.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.146.112.163 (Australia)

ASN136557 (HOST-AS-AP Host Universal Pty Ltd, AU)

www.morningtonpeninsulasheds.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-213.fra50.r.cloudfront.net

live.staticflickr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.67.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-67-121.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f198.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

67 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

104 142.250.185.194 (United States) 12 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.159.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 18.245.60.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-36.fra60.r.cloudfront.net

static.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 54.72.186.48 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 16.171.99.149 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-16-171-99-149.eu-north-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.132 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.239.38.253 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.64.151.101 (United States) 10 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.134 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.228.74.200 (United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.207.16.140 (Amsterdam, Netherlands) 2 redirects

ASN41041 (VCLK-EU-SE, US)
PTR: ams03-nessy-float2.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.158.49 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (Schiphol, Netherlands) 1 redirects

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.64.190.78 (United Kingdom) 10 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.35 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.171.85 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.158.83.137 (Frankfurt am Main, Germany) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-83-137.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.33.140 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-33-140.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 176.34.91.195 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-91-195.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 46.228.174.117 (United Kingdom) 12 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 184.30.24.22 (Frankfurt am Main, Germany) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 51.89.9.254 (London, United Kingdom) 4 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.72.135 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-72-135.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 63.251.14.14 (United States) 10 redirects

ASN14744 (INTERNAP-BLOCK-4, US)
PTR: 14.14.251.63.unassigned.ord.singlehop.net

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 76.223.111.18 (United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 85.114.159.118 (Loerrach, Germany) 5 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.28.38.5 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-38-5.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.166.1.66 (United States) 4 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.66.122.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-57.fra60.r.cloudfront.net

matchadsrvr.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

86 3.91.171.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-91-171-242.compute-1.amazonaws.com

kinesis.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.208.249.213 (Council Bluffs, United States) 3 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.93.169.131 (United States) 1 redirects

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.156.117.66 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-117-66.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.245.60.107 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-107.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.79.197.200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
142	googlesyndication.com 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149 ade.googlesyndication.com	822 KB
129	doubleclick.net 16 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439 ad.doubleclick.net — Cisco Umbrella Rank: 154	518 KB
112	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	76 KB
87	yieldmo.com 3 redirects static.yieldmo.com — Cisco Umbrella Rank: 2504 ads.yieldmo.com — Cisco Umbrella Rank: 657 matchadsrvr.yieldmo.com — Cisco Umbrella Rank: 2834 sync-openx.ads.yieldmo.com Failed sync-adform.ads.yieldmo.com Failed	2 MB
86	amazonaws.com kinesis.us-east-1.amazonaws.com — Cisco Umbrella Rank: 1266	24 KB
28	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	5 MB
18	monu.delivery monu.delivery — Cisco Umbrella Rank: 26382 imps.monu.delivery — Cisco Umbrella Rank: 31634	178 KB
17	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 105	39 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	894 KB
12	casalemedia.com 10 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486	8 KB
12	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	768 KB
12	folkd.com 3 redirects www.folkd.com folkd.com	17 KB
11	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	4 KB
11	clarium.io protected-by.clarium.io — Cisco Umbrella Rank: 1459	3 KB
10	lijit.com ap.lijit.com — Cisco Umbrella Rank: 683 Failed	6 KB
10	pubmatic.com 10 redirects image6.pubmatic.com — Cisco Umbrella Rank: 823 image8.pubmatic.com Failed	4 KB
10	xano.io 2 redirects xeqe-t3lw-i7hv.n7.xano.io	20 KB
9	bidswitch.net 8 redirects x.bidswitch.net — Cisco Umbrella Rank: 351	4 KB
9	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 827 w.clarity.ms — Cisco Umbrella Rank: 7584 c.clarity.ms — Cisco Umbrella Rank: 1405	24 KB
8	onetag-sys.com 4 redirects onetag-sys.com — Cisco Umbrella Rank: 746	2 KB
8	1rx.io 8 redirects sync.1rx.io — Cisco Umbrella Rank: 567	7 KB
7	openx.net oajs.openx.net — Cisco Umbrella Rank: 1656 Failed google-bidout-d.openx.net — Cisco Umbrella Rank: 1665 eu-u.openx.net — Cisco Umbrella Rank: 2753 us-u.openx.net — Cisco Umbrella Rank: 522	1 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1287 q.stripe.com — Cisco Umbrella Rank: 7148 m.stripe.com — Cisco Umbrella Rank: 1249	158 KB
7	bubbleapps.io folkd0612.bubbleapps.io	1 MB
6	3lift.com 6 redirects eb2.3lift.com — Cisco Umbrella Rank: 417	3 KB
6	media.net 6 redirects cs.media.net — Cisco Umbrella Rank: 1513 contextual.media.net Failed	5 KB
6	yahoo.com 6 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492 ups.analytics.yahoo.com — Cisco Umbrella Rank: 327 Failed	4 KB
5	adition.com 5 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533	3 KB
5	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	4 KB
4	sonobi.com 4 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 931	3 KB
4	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 559	141 B
4	unrulymedia.com 4 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268	2 KB
4	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 764	1 KB
4	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 454 dis.criteo.com — Cisco Umbrella Rank: 597	7 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 storage.googleapis.com — Cisco Umbrella Rank: 409	122 KB
3	mediago.io 3 redirects trace.mediago.io — Cisco Umbrella Rank: 904	1 KB
3	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890	2 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	30 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 487	1 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2529	1 KB
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 4780	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1403	608 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 795	1 KB
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 3451 yieldmo-match.dotomi.com — Cisco Umbrella Rank: 6405 Failed	887 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	299 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 599	1 KB
2	ruouvn.com ruouvn.com	84 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 863 id5-sync.com — Cisco Umbrella Rank: 440	34 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1481	168 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	305 B
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1354	16 KB
2	bubble.io 1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io	186 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 236	764 B
1	stackadapt.com sync.srv.stackadapt.com — Cisco Umbrella Rank: 689 Failed	1 KB
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 547	869 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1309	684 B
1	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4524	475 B
1	staticflickr.com live.staticflickr.com — Cisco Umbrella Rank: 16606	206 KB
1	morningtonpeninsulasheds.com.au www.morningtonpeninsulasheds.com.au	1 KB
1	mycitymagazine.org mycitymagazine.org	3 KB
1	cruisepassenger.com.au cruisepassenger.com.au	215 KB
1	oze6868x.com oze6868x.com	318 KB
1	gotrangtri.vn gotrangtri.vn	84 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491	3 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 668	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1762	8 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	80 KB
0	admanmedia.com Failed cs.admanmedia.com Failed
0	agkn.com Failed aa.agkn.com Failed
0	bluekai.com Failed stags.bluekai.com Failed
0	rlcdn.com Failed idsync.rlcdn.com Failed
0	iqzone.com Failed xsync.iqzone.com Failed
0	smartadserver.com Failed ssbsync.smartadserver.com Failed
0	bidr.io Failed match.prod.bidr.io Failed
0	loopme.me Failed csync.loopme.me Failed
0	mfadsrvr.com Failed rtb.mfadsrvr.com Failed
0	zemanta.com Failed b1sync.zemanta.com Failed
0	adentifi.com Failed rtb.adentifi.com Failed
0	bttrack.com Failed bttrack.com Failed
0	turn.com Failed ad.turn.com Failed
0	rubiconproject.com Failed pixel-eu.rubiconproject.com Failed
773	83

	Domain	Requested by
112	cdn.jsdelivr.net	folkd.com folkd0612.bubbleapps.io securepubads.g.doubleclick.net
92	cm.g.doubleclick.net	12 redirects google-bidout-d.openx.net googleads.g.doubleclick.net 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com ads.yieldmo.com
86	kinesis.us-east-1.amazonaws.com	static.yieldmo.com
66	pagead2.googlesyndication.com	folkd.com 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net
62	tpc.googlesyndication.com	folkd.com 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
47	ads.yieldmo.com	3 redirects 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com folkd.com ads.yieldmo.com static.yieldmo.com
30	static.yieldmo.com	folkd.com static.yieldmo.com 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
28	s0.2mdn.net	folkd.com s0.2mdn.net 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
17	securepubads.g.doubleclick.net	monu.delivery securepubads.g.doubleclick.net folkd.com 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
15	www.google.com	folkd0612.bubbleapps.io 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com www.gstatic.com www.google.com tpc.googlesyndication.com
14	imps.monu.delivery	folkd.com
13	2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com	securepubads.g.doubleclick.net cdn.confiant-integrations.net
12	www.googletagservices.com	folkd.com 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
12	googleads.g.doubleclick.net	folkd.com 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
11	sb.scorecardresearch.com	1 redirects 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
11	protected-by.clarium.io	2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
11	folkd.com	2 redirects folkd.com folkd0612.bubbleapps.io
10	matchadsrvr.yieldmo.com	static.yieldmo.com
10	ap.lijit.com	2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
10	image6.pubmatic.com	10 redirects
10	xeqe-t3lw-i7hv.n7.xano.io	2 redirects cdn.jsdelivr.net
10	fonts.gstatic.com	fonts.googleapis.com www.google.com
9	x.bidswitch.net	8 redirects 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com ads.yieldmo.com
8	onetag-sys.com	4 redirects 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
8	sync.1rx.io	8 redirects
7	ssum-sec.casalemedia.com	7 redirects
7	folkd0612.bubbleapps.io	folkd.com folkd0612.bubbleapps.io
6	eb2.3lift.com	6 redirects
6	cs.media.net	6 redirects
6	pr-bh.ybp.yahoo.com	6 redirects
6	www.gstatic.com	www.google.com www.gstatic.com
5	dsp.adfarm1.adition.com	5 redirects
5	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	w.clarity.ms	www.clarity.ms
4	sync.go.sonobi.com	4 redirects
4	match.sharethrough.com	2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
4	sync.targeting.unrulymedia.com	4 redirects
4	cms.quantserve.com	1 redirects 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
4	ad.doubleclick.net	4 redirects
4	googleads4.g.doubleclick.net	folkd.com
4	monu.delivery	folkd.com monu.delivery
3	trace.mediago.io	3 redirects
3	us-u.openx.net	1 redirects google-bidout-d.openx.net googleads.g.doubleclick.net
3	aax-eu.amazon-adsystem.com	1 redirects google-bidout-d.openx.net ads.yieldmo.com
3	q.stripe.com	folkd.com
3	js.stripe.com	folkd.com js.stripe.com
3	cdnjs.cloudflare.com	folkd.com
2	c.clarity.ms	1 redirects
2	pixel.tapad.com	1 redirects ads.yieldmo.com
2	a.sportradarserving.com	2 redirects
2	ads.creative-serving.com	2 redirects
2	sync.teads.tv	1 redirects 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
2	dis.criteo.com	2 redirects
2	um.simpli.fi	2 redirects
2	dclk-match.dotomi.com	2 redirects
2	adservice.google.com	2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
2	match.adsrvr.org	google-bidout-d.openx.net ads.yieldmo.com
2	c1.adform.net	2 redirects
2	google-bidout-d.openx.net	1 redirects oa.openxcdn.net
2	gum.criteo.com	static.criteo.net gum.criteo.com
2	ruouvn.com	folkd.com
2	storage.googleapis.com	folkd.com
2	cdn.confiant-integrations.net	monu.delivery cdn.confiant-integrations.net
2	region1.google-analytics.com	www.googletagmanager.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io	folkd.com folkd0612.bubbleapps.io
2	www.clarity.ms	folkd.com www.clarity.ms
2	fonts.googleapis.com	folkd0612.bubbleapps.io 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
1	ade.googlesyndication.com
1	c.bing.com	1 redirects
1	sync.srv.stackadapt.com	ads.yieldmo.com
1	bh.contextweb.com	1 redirects
1	ums.acuityplatform.com	1 redirects
1	eu-u.openx.net	google-bidout-d.openx.net
1	id5-sync.com	cdn.id5-sync.com
1	esp.rtbhouse.com	folkd.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	oajs.openx.net	folkd.com
1	live.staticflickr.com	folkd.com
1	www.morningtonpeninsulasheds.com.au	folkd.com
1	mycitymagazine.org	folkd.com
1	cruisepassenger.com.au	folkd.com
1	oze6868x.com	folkd.com
1	gotrangtri.vn	folkd.com
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	m.stripe.com	m.stripe.network
1	www.googletagmanager.com	folkd.com
1	www.folkd.com	1 redirects
0	cs.admanmedia.com Failed	ads.yieldmo.com
0	aa.agkn.com Failed	ads.yieldmo.com
0	stags.bluekai.com Failed	ads.yieldmo.com
0	idsync.rlcdn.com Failed	ads.yieldmo.com
0	sync-adform.ads.yieldmo.com Failed	ads.yieldmo.com
0	xsync.iqzone.com Failed	ads.yieldmo.com
0	ssbsync.smartadserver.com Failed	ads.yieldmo.com
0	contextual.media.net Failed	ads.yieldmo.com
0	match.prod.bidr.io Failed	ads.yieldmo.com
0	csync.loopme.me Failed	ads.yieldmo.com
0	rtb.mfadsrvr.com Failed	ads.yieldmo.com
0	b1sync.zemanta.com Failed	ads.yieldmo.com
0	yieldmo-match.dotomi.com Failed	ads.yieldmo.com
0	rtb.adentifi.com Failed	ads.yieldmo.com
0	sync-openx.ads.yieldmo.com Failed	ads.yieldmo.com
0	bttrack.com Failed	ads.yieldmo.com
0	ad.turn.com Failed	ads.yieldmo.com
0	ups.analytics.yahoo.com Failed	ads.yieldmo.com
0	pixel-eu.rubiconproject.com Failed	ads.yieldmo.com
0	image8.pubmatic.com Failed	ads.yieldmo.com
773	114

This site contains links to these domains. Also see Links.

Domain
gotrangtri.vn
ruouvn.com
shop.japanbiz.vn
uniks.ac.id
oze6868x.com
cruisepassenger.com.au
mycitymagazine.org
www.morningtonpeninsulasheds.com.au
www.flickr.com

Subject Issuer	Validity	Valid
folkd.com R3	`2023-11-13` - `2024-02-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-05` - `2024-05-04`	a year	crt.sh
*.monu.delivery Sectigo RSA Domain Validation Secure Server CA	`2023-02-23` - `2024-03-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.n7.xano.io R3	`2023-10-04` - `2024-01-02`	3 months	crt.sh
bubble.io Cloudflare Inc ECC CA-3	`2023-11-16` - `2024-11-15`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
confiant-integrations.net GTS CA 1P5	`2023-09-20` - `2023-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh
imps.monu.delivery GTS CA 1D4	`2023-11-13` - `2024-02-11`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
gotrangtri.vn Sectigo RSA Domain Validation Secure Server CA	`2023-10-24` - `2024-10-23`	a year	crt.sh
ruouvn.com R3	`2023-10-06` - `2024-01-04`	3 months	crt.sh
cruisepassenger.com.au GTS CA 1P5	`2023-10-23` - `2024-01-21`	3 months	crt.sh
mycitymagazine.org R3	`2023-10-23` - `2024-01-21`	3 months	crt.sh
mornpensheds.com.au R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
static.flickr.com Amazon RSA 2048 M02	`2023-11-13` - `2024-12-10`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-11-08` - `2024-02-06`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
static.yieldmo.com Amazon RSA 2048 M02	`2023-05-21` - `2024-06-18`	a year	crt.sh
*.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
protected-by.clarium.io Amazon RSA 2048 M03	`2023-11-16` - `2024-12-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
kinesis.us-east-1.amazonaws.com Amazon RSA 2048 M01	`2023-03-08` - `2024-03-07`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh

This page contains 71 frames:

Primary Page: https://folkd.com/
Frame ID: 73D7C9969084AAD99121A283461D1F07
Requests: 219 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: A1AF67AE75770AA53A6F3D6F17BFD263
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 9E397AC6221A32F12FD2545868445FC8
Requests: 4 HTTP requests in this frame

Frame: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: C0D1300D53513437E1F6F65B2B0240E8
Requests: 1 HTTP requests in this frame

Frame: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 41A278FA886BE90DE8F0AFB0D7CBEA59
Requests: 1 HTTP requests in this frame

Frame: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4FA951FC7F8C850039E1B387FC94B99F
Requests: 3 HTTP requests in this frame

Frame: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E304F1AA0041611A803FA86EEF69FA3F
Requests: 26 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=folkd.com
Frame ID: 4077F3F2FFE441DC3E7E7D56AE285391
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COemXhDLuHEYz_el-QEwAQ&v=APEucNVXhGIC0ANhh6cC7qJrYtgW0OweDtVFFNzQlNznUu0alE3X8Gh1M2ANPyHVoamP8UKvf1qbZ-Gqq-VDYMl3dUUYDFAYng
Frame ID: 85F08C2506D384CD46DE3D66FC25DB3B
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Frame ID: 19D9502305D54AF872AD0F63C99EAF17
Requests: 11 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Frame ID: EECFA7F17A6B305C9C34E04601B3E6EC
Requests: 6 HTTP requests in this frame

Frame: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FA4ED5F2A48880B0402EDDCD77091847
Requests: 22 HTTP requests in this frame

Frame: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C0E9BB912B5E4C4FAC4A2DCC44425A37
Requests: 22 HTTP requests in this frame

Frame: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B7F37CC52F4A625D7CDE01AE0330ED73
Requests: 22 HTTP requests in this frame

Frame: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1C0D14D7F74835B37F2287EC8B90B772
Requests: 22 HTTP requests in this frame

Frame: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C9CCDDC016BBCB4A1C97110F3B33F044
Requests: 22 HTTP requests in this frame

Frame: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 977F7540B408D2C3280496EF58C81E70
Requests: 22 HTTP requests in this frame

Frame: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7D09ED363A919F344EAB35A01C443EA7
Requests: 22 HTTP requests in this frame

Frame: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 46D031EC53EB3E030A190D86DBAABAC6
Requests: 22 HTTP requests in this frame

Frame: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 04A2F7AA235FAA7FA5D927599C2185ED
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 76D53B25BD73A51D5F53E6538EB03C35
Requests: 9 HTTP requests in this frame

Frame: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BAA22760230254521612D1CFE15E78C4
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4073367F5D94987A6493049059A1F3E7
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F0BA3DC767CD673A7F7EBF3F55D63A5D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 55B92E147AA53B87122ABDEE66D2E77B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B65CB2D94FC63E1CEF3319F8EF9E3167
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5EE34ACA306B2169174CD9F485595782
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FF02D710BB6BC620C74E1D550AC0E95B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 992498218D5E7D82C8B18BA6B0DFE960
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 86289A5A7275EDCA05C39DE091077582
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1DB8557ACCE1EF697D1BFDFC606E0FFA
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8691580890862885191/index.html?ev=01_250
Frame ID: EAFBBEDB70F72C714A7189999EFB47F8
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COemXhDLuHEYmYem-QEwAQ&v=APEucNVoikakHttllDcsDdQSpuNbDM4FgyLJhqZ5ap10Sq0DI1EaRG8BAf3e9gO_vgOWy8OfzntBinb-d9xBm-BsyuE9Xer7Tg
Frame ID: AE1678F1A3A2ABACE71A3466C298F45C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AA4FEA4516FE6A7B926E2E6DD1296F38
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5841D3AE89FC7EC21EE9B1CEC058B77C
Requests: 3 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 7B427185069AE4F56238AA68A9F1EB57
Requests: 32 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 542CC8B7B2F01C3BEFECA2F92DA80193
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: EC8FF4E8A4218EED268110B2D5FF24F3
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 950871EF1CF27A707A43A1FB85A9C27D
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: E4BD086E136409C846C83FA80AA5A6C2
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 3228AC13AC78E050FE1F813F02EE8C33
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 3DE6CD1045A65977BDB574CD90C67BCD
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 2BBF837389266187F355ED4404F290B9
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: E7CE4C36B8B29C08FBCAC6F500435A11
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Frame ID: 913E7454FF4CC68DE266BC0C41306F5D
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6509822421867355181/index.html?ev=01_250
Frame ID: E828AB21D018616DA6C318D57EFC173F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 147131532638DBE1834362A73E3B1B75
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: CCFCEBA918447C100D8AC8D5782D5DEC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: AEEEA9E65BD409851D921ACCDACC5765
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 2CE1B06B3770344B0E2B70C942BDD227
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 3D06393CB7EB78283C6CE202771C917A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: A790991DCE08023D40AA28441793D4D1
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: FBDD7318EF46A1623B523B75626C2627
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: BF018DC3C7CDB20C866950A8422DF9F0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 36899AE599356EA206AB4AD4BAD5D4AC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js
Frame ID: 16A0A92A3FD0493D615A40FD1D3AC997
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7660E553FA7E9B7441D79435DF090398
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B81AE4EA7C014C7C5F3C313587F82638
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EB5B2576B524A215846059BAF4762751
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 34F12A5A5F46A2C654080052DFC200E0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B99F7A60318C34DD536C4793E197B3A5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 64A91285F61B215035BB950C89C1A03F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3AD69006A260B38646CC712D42D4534B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D64A29589A72A4D932766677AF92A799
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2FCB87DCE790C68BF57D117D12C8EFA8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 39C22664B3A3226A64C2723A462988BA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BC33EAC9AAA53F0FDB8ABD66D349C51A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI&co=aHR0cHM6Ly9mb2xrZC5jb206NDQz&hl=de-CH&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=3vzm63sl12x3
Frame ID: 3455690E534E6BE2DC1CFEFA039D9D21
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4391C9617E8D54E6A4D0C7586B81EA33
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A34103914633DE01754598E87D03E781
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI
Frame ID: 686C489BFA860A152B758175AE3C25BD
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Folkd | Home

Page URL History Show full URLs

https://www.folkd.com/submit/mybodygeometry.com/2023/11/16/%d0%b7%d0%b0%d0%b1%d0%be%d1%82%d0%b0-%d... HTTP 307
https://folkd.com/submit/mybodygeometry.com/2023/11/16/%d0%b7%d0%b0%d0%b1%d0%be%d1%82%d0%b0-%d... HTTP 308
https://folkd.com/submit/mybodygeometry.com/2023/11/16/%d0%b7%d0%b0%d0%b1%d0%be%d1%82%d0%b0-%d... HTTP 301
https://folkd.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

773
Requests

85 %
HTTPS

0 %
IPv6

83
Domains

114
Subdomains

67
IPs

12
Countries

13493 kB
Transfer

32306 kB
Size

92
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://gotrangtri.vn/danh-muc/love-house/tap-de/

Search URL Search Domain Scan URL

URL: https://ruouvn.com/ruou-the-glenlivet

Search URL Search Domain Scan URL

URL: https://shop.japanbiz.vn/collections/tat-quan

Search URL Search Domain Scan URL

URL: https://uniks.ac.id/index.php?pilih=forum&modul=yes&action=viewthread&forum_id=0&thread_id=3327

Search URL Search Domain Scan URL

URL: https://oze6868x.com/nap-tien-oze6868/

Search URL Search Domain Scan URL

URL: https://cruisepassenger.com.au/reviews/viva-prima-we-road-test-norwegians-newest-ship/

Search URL Search Domain Scan URL

URL: https://mycitymagazine.org/

Search URL Search Domain Scan URL

URL: https://ruouvn.com/ruou-johnnie-walker

Search URL Search Domain Scan URL

URL: https://www.morningtonpeninsulasheds.com.au/our-range/sheds/

Search URL Search Domain Scan URL

URL: https://www.flickr.com/photos/199269958@N07/53286436996/in/dateposted-public/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.folkd.com/submit/mybodygeometry.com/2023/11/16/%d0%b7%d0%b0%d0%b1%d0%be%d1%82%d0%b0-%d0%be-%d1%81%d0%b2%d0%be%d0%b5%d0%b9-%d0%be%d1%81%d0%b0%d0%bd%d0%ba%d0%b5-%d0%bc%d0%b8%d1%84%d1%8b-%d0%b8-%d1%84%d0%b0%d0%ba%d1%82%d1%8b-%d0%b4%d0%be%d1%81// HTTP 307
https://folkd.com/submit/mybodygeometry.com/2023/11/16/%d0%b7%d0%b0%d0%b1%d0%be%d1%82%d0%b0-%d0%be-%d1%81%d0%b2%d0%be%d0%b5%d0%b9-%d0%be%d1%81%d0%b0%d0%bd%d0%ba%d0%b5-%d0%bc%d0%b8%d1%84%d1%8b-%d0%b8-%d1%84%d0%b0%d0%ba%d1%82%d1%8b-%d0%b4%d0%be%d1%81// HTTP 308
https://folkd.com/submit/mybodygeometry.com/2023/11/16/%d0%b7%d0%b0%d0%b1%d0%be%d1%82%d0%b0-%d0%be-%d1%81%d0%b2%d0%be%d0%b5%d0%b9-%d0%be%d1%81%d0%b0%d0%bd%d0%ba%d0%b5-%d0%bc%d0%b8%d1%84%d1%8b-%d0%b8-%d1%84%d0%b0%d0%ba%d1%82%d1%8b-%d0%b4%d0%be%d1%81/ HTTP 301
https://folkd.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/qey3VsRgsd2YHJiuCwsn432e7-E/x-H4zg../logo+gtt+-+400x400.png HTTP 303
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/qey3VsRgsd2YHJiuCwsn432e7-E/x-H4zg../logo%20gtt%20-%20400x400.png

Request Chain 96

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/I0dZhgwrNZG8enHLv9gyh72ihE0/KmTSeA../ruouvncom.png HTTP 303
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/I0dZhgwrNZG8enHLv9gyh72ihE0/KmTSeA../ruouvncom.png

Request Chain 232

https://google-bidout-d.openx.net/w/1.0/pd?plm=5 HTTP 302
https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

Request Chain 251

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2391635941405129718

Request Chain 252

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=d1cb45ec-3506-841a-b51b-63b1a3ed2303 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=d1cb45ec-3506-841a-b51b-63b1a3ed2303&dcc=t

Request Chain 255

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOr6YTGWhcsdhz8gyU7i7D4&google_cver=1

Request Chain 257

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7qU3P1M5i8H0VjN_LlweA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7qU3P1M5i8H0VjN_LlweA&google_cver=1&C=1

Request Chain 258

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVbiVn6vJ.E59nNqoqPXFQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7qU3P1M5i8H0VjN_LlweA&google_cver=1&google_hm=2

Request Chain 344

https://ad.doubleclick.net/ddm/activity/src=8050383;type=advie0;cat=advie0;u42=377464435;u43=569126766;u44=201452149;u45=30748521;u46=4047736;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8050383;dc_pre=CNqO3PmPyoIDFSVMHgIdPGgOXg;type=advie0;cat=advie0;u42=377464435;u43=569126766;u44=201452149;u45=30748521;u46=4047736;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=8050383;dc_pre=CNqO3PmPyoIDFSVMHgIdPGgOXg;type=advie0;cat=advie0;u42=377464435;u43=569126766;u44=201452149;u45=30748521;u46=4047736;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 358

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEII8y_X_5Fej2qD347bdoyQ&google_cver=1&google_push=AXcoOmSrAj5lVX6BRg2CGjGfKtJwkQ2X5aVHcVssRYvcnZPogFZLrN4-AIUnjz-tV2riaUYpt-lLojlMqF1NWqgCTifNwsS56gpO HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=7355b6b0f8a1848&is_secure=true&networkId=14000&version=1&google_gid=CAESEII8y_X_5Fej2qD347bdoyQ&google_cver=1&google_push=AXcoOmSrAj5lVX6BRg2CGjGfKtJwkQ2X5aVHcVssRYvcnZPogFZLrN4-AIUnjz-tV2riaUYpt-lLojlMqF1NWqgCTifNwsS56gpO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIY6Qykz9GoQNE9JLmAAAAAAA&expiration=1700279256&google_cver=1&is_secure=true&google_gid=CAESEII8y_X_5Fej2qD347bdoyQ&google_push=AXcoOmSrAj5lVX6BRg2CGjGfKtJwkQ2X5aVHcVssRYvcnZPogFZLrN4-AIUnjz-tV2riaUYpt-lLojlMqF1NWqgCTifNwsS56gpO

Request Chain 359

https://um.simpli.fi/gp_match?google_gid=CAESEAPPH1DGnFlX5LPMX0IFI50&google_cver=1&google_push=AXcoOmTa1_pKa7-hvxy1RIHv-bvi0bUSCmV8_LDEsDrE43n0iO_XyUDZVal0stApoxh6sL2j3-KF-orz0rG27z-0-3wknDnnb_lPIw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=09C14A6836C34EC980F73ECBFA698BA8&google_push=AXcoOmTa1_pKa7-hvxy1RIHv-bvi0bUSCmV8_LDEsDrE43n0iO_XyUDZVal0stApoxh6sL2j3-KF-orz0rG27z-0-3wknDnnb_lPIw

Request Chain 360

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEF7wlSf_Rzk9WZY7dAX5UYk&google_cver=1&google_push=AXcoOmSEuLP3Iw78Z-ed46zVM_aoYYGDvvbXQwCOWVmb6zq0Is6yMhvQxhHAjuOw_3Tnie1SgNNcYQZ6qyuHVfvD5WsCd7UYqXFkog HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853308099231&us_privacy=1---

Request Chain 361

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSjHNDOwSPahWfEY6w1mlTezHBlrZD8jy3ImRxdROPTY1XI2-pDdvYTWBfXCZ95Q9jJOcJMfgJH0RcaH98nD-kpBOGQRzZv&google_gid=CAESEAYNz7szyXa3jB-1z4s-Cak&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-F2MzbzHo4PDP4ik66ChkVhSSVnn0cxBjDGys2Q&google_push=AXcoOmSjHNDOwSPahWfEY6w1mlTezHBlrZD8jy3ImRxdROPTY1XI2-pDdvYTWBfXCZ95Q9jJOcJMfgJH0RcaH98nD-kpBOGQRzZv

Request Chain 362

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF3pHaZ2ZMRFzot7eVoZiII&google_cver=1&google_push=AXcoOmS8IZ2E5fOZ0NtEMY-6t1_k_ED8qkIzY5EZbvr1SGGxMSj66thiU9ZJJQNzaGNPkbkourlvaYZnQAsQQPqRh2JCJQfe83UC HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF3pHaZ2ZMRFzot7eVoZiII&google_cver=1&google_push=AXcoOmS8IZ2E5fOZ0NtEMY-6t1_k_ED8qkIzY5EZbvr1SGGxMSj66thiU9ZJJQNzaGNPkbkourlvaYZnQAsQQPqRh2JCJQfe83UC&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7eIFABbLQ0iHChHTL7lcJA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmS8IZ2E5fOZ0NtEMY-6t1_k_ED8qkIzY5EZbvr1SGGxMSj66thiU9ZJJQNzaGNPkbkourlvaYZnQAsQQPqRh2JCJQfe83UC

Request Chain 363

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGn4mnRpXBoA0q3vKqi9KQo&google_cver=1&google_push=AXcoOmSte0G6GHpWND3na-jUu4K31wjQXUiOsPoDO2Ze9KfaSmsHlPSPZgC1uvwmamkq3XLqMEvhCcOS913CpjJSP4SgjQuoBCVTTQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MTFjNTVjNmUtYWU3NS00N2Q4LTk4N2ItM2RmMzdjYTM1MjUy&google_push=AXcoOmSte0G6GHpWND3na-jUu4K31wjQXUiOsPoDO2Ze9KfaSmsHlPSPZgC1uvwmamkq3XLqMEvhCcOS913CpjJSP4SgjQuoBCVTTQ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 367

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEESb250TaWnpur2qUOJqnkQ&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEESb250TaWnpur2qUOJqnkQ%26google_cver%3D1

Request Chain 368

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgxOTk1NzE3NzUwMDA4OTg0OA%3D%3D

Request Chain 369

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOr6YTGWhcsdhz8gyU7i7D4&google_cver=1

Request Chain 370

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTU3MmVhNWItZTBkYi02MTQ0LTYwZjUtYmI5ZjAxM2MyNjgz

Request Chain 371

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEmbmih9QO-e2AKnNSw35Ss&google_cver=1&google_push=AXcoOmSVhrFYcZ6axHINOBuEp_2PHADVlpaLo1rqP-Dd1edy5UT3AKqrrONrzTdfLVaIzxJnRkzr-M5Mhl2QkfXtwgndfHDOgMBT HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEmbmih9QO-e2AKnNSw35Ss&google_cver=1&google_push=AXcoOmSVhrFYcZ6axHINOBuEp_2PHADVlpaLo1rqP-Dd1edy5UT3AKqrrONrzTdfLVaIzxJnRkzr-M5Mhl2QkfXtwgndfHDOgMBT HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=52827b17-f6f5-467b-b1e6-f576ede294f0&gdpr=&gdpr_consent= HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=52827b17-f6f5-467b-b1e6-f576ede294f0&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=5c82f8d4-7312-4720-85a8-28a92128cd5c&ssp=google&expires=30&user_group=5&bsw_param=52827b17-f6f5-467b-b1e6-f576ede294f0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=UoJ7F_b1Rnux5vV27eKU8A== HTTP 302
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEEmbmih9QO-e2AKnNSw35Ss&google_cver=1

Request Chain 372

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECc9TIn8f2JYt7eMj4TE1-s&google_cver=1&google_push=AXcoOmRioujSG7qkgpSU5jNoB-cY1ebGSP-BqSztMNUEmE7OUDAKGJKJ_Btz0fyGUaii8IMBprjtWNcqDckq7PaWGZnnQ2iKqRC_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRioujSG7qkgpSU5jNoB-cY1ebGSP-BqSztMNUEmE7OUDAKGJKJ_Btz0fyGUaii8IMBprjtWNcqDckq7PaWGZnnQ2iKqRC_&google_hm=eS1pOEJfUnRwRTJwRlowMmV6NEUwWGNBSlNiWkFvM01sT35B

Request Chain 373

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_cver=1&google_push=AXcoOmSgm9qziMUC-jr8NhGkr6ck1nluy3hTicj5FYS-kSPA_Q6DyHhZE5Yn6kNwYHGyOCOXzEMBkLs6DMwYAugw9COENLYzwuod HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmSgm9qziMUC-jr8NhGkr6ck1nluy3hTicj5FYS-kSPA_Q6DyHhZE5Yn6kNwYHGyOCOXzEMBkLs6DMwYAugw9COENLYzwuod

Request Chain 374

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmTgUl1SaVcQ8cwmUg18k82UJfLATj08biNucK0MmDxNNIYOPRnPa6_qBVoHIF_0vNjJZ2pu43oyl5SYhNZdzcAijXrcMoTC HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmTgUl1SaVcQ8cwmUg18k82UJfLATj08biNucK0MmDxNNIYOPRnPa6_qBVoHIF_0vNjJZ2pu43oyl5SYhNZdzcAijXrcMoTC&sovrn_retry=true

Request Chain 375

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELO23NwseXIIs9ImSz9RnCM&google_cver=1&google_push=AXcoOmRIBi74iFMAuYTpczZSy3OS1nvjO1TMk_S7KiJhdmk4B385O8XZ9eUw6rfMPH_E-ZI47dX1vl_Mg0ItBTIJ9RAVzIwJ-WeE HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRIBi74iFMAuYTpczZSy3OS1nvjO1TMk_S7KiJhdmk4B385O8XZ9eUw6rfMPH_E-ZI47dX1vl_Mg0ItBTIJ9RAVzIwJ-WeE&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1700192856103 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-e55f2322-1ed7-42aa-ae45-e5732d15ff2c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRIBi74iFMAuYTpczZSy3OS1nvjO1TMk_S7KiJhdmk4B385O8XZ9eUw6rfMPH_E-ZI47dX1vl_Mg0ItBTIJ9RAVzIwJ-WeE%26google_hm%3DA-VfIyIe10KqrkXlcy0V_yw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRIBi74iFMAuYTpczZSy3OS1nvjO1TMk_S7KiJhdmk4B385O8XZ9eUw6rfMPH_E-ZI47dX1vl_Mg0ItBTIJ9RAVzIwJ-WeE&google_hm=A-VfIyIe10KqrkXlcy0V_yw

Request Chain 376

https://cs.media.net/cksync?type=g&google_gid=CAESEIbMnkMHIGP-ifCkLTxpekA&google_cver=1&google_push=AXcoOmTZwk49A3th4adMHxpioDWe40S4RPkfTkHMrWQVNvzhlcsU9KfqhjWdqwuFmdxsUX_42lUA4gI1OPQLQntcYmhXYnNOrA8O HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMTk0NDU2NjIyMzIyNDAwMFYxMA%3d%3d&mn_hm=MzQzMTk0NDU2NjIyMzIyNDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTZwk49A3th4adMHxpioDWe40S4RPkfTkHMrWQVNvzhlcsU9KfqhjWdqwuFmdxsUX_42lUA4gI1OPQLQntcYmhXYnNOrA8O&gdpr=&gdpr_consent=

Request Chain 377

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEESCGl7mW0AVY97L1MezgBQ&google_cver=1&google_push=AXcoOmQvDIBvYOtC3kGn4I35L-jLFRj29xV91ty5jF-kEz0AtTecHzys3l2fO3RuRN0ikqD-_ddmb9_SebpMLwTunD6KsuDOKuEckw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQvDIBvYOtC3kGn4I35L-jLFRj29xV91ty5jF-kEz0AtTecHzys3l2fO3RuRN0ikqD-_ddmb9_SebpMLwTunD6KsuDOKuEckw HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 379

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEmbmih9QO-e2AKnNSw35Ss&google_cver=1&google_push=AXcoOmSAe_l7KNV6guVxXdkq8QcNxvo0bJ2gpqUiCHQLKsDd2emeFFUBFNfeIF8lU4UrGHL2ZUvmSFC9BoNxfVyLTdCzD4PIO1yklQ HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEmbmih9QO-e2AKnNSw35Ss&google_cver=1&google_push=AXcoOmSAe_l7KNV6guVxXdkq8QcNxvo0bJ2gpqUiCHQLKsDd2emeFFUBFNfeIF8lU4UrGHL2ZUvmSFC9BoNxfVyLTdCzD4PIO1yklQ HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=9d999e81-3487-4ade-a589-a0a19b90fd13&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQFvQBGj-YQciMhUOTpmFRhZmkwFTBFUgVcsXrCFvYJcLPICXovpyUNH5ndfimmZ5Ctx-JvpWmhJa-vGfIUF4YdW7JHP24&google_hm=UoJ7F_b1Rnux5vV27eKU8A==

Request Chain 380

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECc9TIn8f2JYt7eMj4TE1-s&google_cver=1&google_push=AXcoOmQw7PUgw5oHk3oC_Ek58GfUXPBHZWPneAo5t7PhwgMmqUZZB8gZobO_mfry0jpWd6p_vGgJP_MnKc6sse1H5ZSbjrWFxVic_w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQw7PUgw5oHk3oC_Ek58GfUXPBHZWPneAo5t7PhwgMmqUZZB8gZobO_mfry0jpWd6p_vGgJP_MnKc6sse1H5ZSbjrWFxVic_w&google_hm=eS1PM2tPeEloRTJwRkpNeE14dFFRVG91SHRTV3ZXTVNVNn5B

Request Chain 381

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF3pHaZ2ZMRFzot7eVoZiII&google_cver=1&google_push=AXcoOmTD7cfkE8NjqbYJuNyt8VKI1KL9OG1Ix5MdtFylbFlPO6f0Z8ZkDMiZpWY2esnm-sA0OVgN-cdZ1AaRmcUaQV_IprUDqxLm HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF3pHaZ2ZMRFzot7eVoZiII&google_cver=1&google_push=AXcoOmTD7cfkE8NjqbYJuNyt8VKI1KL9OG1Ix5MdtFylbFlPO6f0Z8ZkDMiZpWY2esnm-sA0OVgN-cdZ1AaRmcUaQV_IprUDqxLm&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lucv95ilSfWKo8mq88iAzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTD7cfkE8NjqbYJuNyt8VKI1KL9OG1Ix5MdtFylbFlPO6f0Z8ZkDMiZpWY2esnm-sA0OVgN-cdZ1AaRmcUaQV_IprUDqxLm

Request Chain 382

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_cver=1&google_push=AXcoOmSSseb-Pd5pN-kYd-ZYen-Qf8qlm_3_McekRQajwQxQhU8jBgOXvNuW2T7gtl0N2kKrBTrU83-xIGZYL9L6QomJ1EtbGV7YAg HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmSSseb-Pd5pN-kYd-ZYen-Qf8qlm_3_McekRQajwQxQhU8jBgOXvNuW2T7gtl0N2kKrBTrU83-xIGZYL9L6QomJ1EtbGV7YAg

Request Chain 383

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmTXjgSMHysEMizCyIEuBYH-tObBwhbegORI-WYYkjKRaX7G23I17I_8ehBFTFYiu6708yDXtpEj6BcQHyE9gxvGXqQaLXSNQw HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmTXjgSMHysEMizCyIEuBYH-tObBwhbegORI-WYYkjKRaX7G23I17I_8ehBFTFYiu6708yDXtpEj6BcQHyE9gxvGXqQaLXSNQw&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTXjgSMHysEMizCyIEuBYH-tObBwhbegORI-WYYkjKRaX7G23I17I_8ehBFTFYiu6708yDXtpEj6BcQHyE9gxvGXqQaLXSNQw&google_hm=Hq1jJGZH-vtU6kVSQC6kqh_W

Request Chain 384

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELO23NwseXIIs9ImSz9RnCM&google_cver=1&google_push=AXcoOmTchuy3d-E2ZyIu7Ct3qTYOLV3yq7p_G-y0e9MotnL8z63KMLE3s89WnT_J9PkSdqkQ7A7YAud_454dzoXMeUMlTQT-xTHzlQ HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTchuy3d-E2ZyIu7Ct3qTYOLV3yq7p_G-y0e9MotnL8z63KMLE3s89WnT_J9PkSdqkQ7A7YAud_454dzoXMeUMlTQT-xTHzlQ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1700192856105 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-e55f2322-1ed7-42aa-ae45-e5732d15ff2c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTchuy3d-E2ZyIu7Ct3qTYOLV3yq7p_G-y0e9MotnL8z63KMLE3s89WnT_J9PkSdqkQ7A7YAud_454dzoXMeUMlTQT-xTHzlQ%26google_hm%3DA-VfIyIe10KqrkXlcy0V_yw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTchuy3d-E2ZyIu7Ct3qTYOLV3yq7p_G-y0e9MotnL8z63KMLE3s89WnT_J9PkSdqkQ7A7YAud_454dzoXMeUMlTQT-xTHzlQ&google_hm=A-VfIyIe10KqrkXlcy0V_yw

Request Chain 385

https://cs.media.net/cksync?type=g&google_gid=CAESEIbMnkMHIGP-ifCkLTxpekA&google_cver=1&google_push=AXcoOmRxc3f2KYG6xBT92Kj4NPaKvpaIkw21QdedlyEwPpaChTG5Q7J0BJCak9jOWXv__9dKEu0lizoX-_AKr5sQ6P1CsUvhW0-y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMTk0NDU2NjIyMzI4NTAwMFYxMA%3d%3d&mn_hm=MzQzMTk0NDU2NjIyMzI4NTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRxc3f2KYG6xBT92Kj4NPaKvpaIkw21QdedlyEwPpaChTG5Q7J0BJCak9jOWXv__9dKEu0lizoX-_AKr5sQ6P1CsUvhW0-y&gdpr=&gdpr_consent=

Request Chain 388

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECc9TIn8f2JYt7eMj4TE1-s&google_cver=1&google_push=AXcoOmTI79_jyrA38WcrcFggVPlUfdH6GvrAxHGiNZYwmm9TMZfPZeD6gPCXckvv_SXI0Txtk_l3v_WWw0qoXe3W2XDLqX0T1DtE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTI79_jyrA38WcrcFggVPlUfdH6GvrAxHGiNZYwmm9TMZfPZeD6gPCXckvv_SXI0Txtk_l3v_WWw0qoXe3W2XDLqX0T1DtE&google_hm=eS0xV0hSOEZ0RTJwR2VWX2R3SFI1WjhsQ1dqRndieHdlY35B

Request Chain 389

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF3pHaZ2ZMRFzot7eVoZiII&google_cver=1&google_push=AXcoOmRix3nHh3TkD_v14KifayGzbKbjnPxcPwN4op2w17vzHuV3FV94hLnjNFojRgvzqKJRoII3MsG7Qpoo8qBah3_7qRfud-k HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF3pHaZ2ZMRFzot7eVoZiII&google_cver=1&google_push=AXcoOmRix3nHh3TkD_v14KifayGzbKbjnPxcPwN4op2w17vzHuV3FV94hLnjNFojRgvzqKJRoII3MsG7Qpoo8qBah3_7qRfud-k&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hyHMbz7LTbOvckUB-cq6Uw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRix3nHh3TkD_v14KifayGzbKbjnPxcPwN4op2w17vzHuV3FV94hLnjNFojRgvzqKJRoII3MsG7Qpoo8qBah3_7qRfud-k

Request Chain 390

https://ads.yieldmo.com/exptsync?google_gid=CAESEHZwoabV9kh5aIK-ias_kiM&google_cver=1&google_push=AXcoOmTZCqQIlKEJUVCz2EediWssiod8ePteJR0ruN-O0pU5lxbkwbMIi9mPvvVPsV0Zd-PmRqk817v8bBKhFG4_VyQISXEblUE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTZCqQIlKEJUVCz2EediWssiod8ePteJR0ruN-O0pU5lxbkwbMIi9mPvvVPsV0Zd-PmRqk817v8bBKhFG4_VyQISXEblUE&google_hm=M0ZNeU83N2RkNDdTeWNSaldPWmM=

Request Chain 391

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMzrRbVVCw-AKrI1HMbQ5Sg&google_cver=1&google_push=AXcoOmTfSYkpQdBXRmdEocDpj3pdzI3jmtx7N_A0c3ZZSKmG2TbZJHL7ccRSJ-9B3F9SUlXLWHTGDeqLqDLGPrXuPDf3igOjYMIY HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTfSYkpQdBXRmdEocDpj3pdzI3jmtx7N_A0c3ZZSKmG2TbZJHL7ccRSJ-9B3F9SUlXLWHTGDeqLqDLGPrXuPDf3igOjYMIY&google_gid=CAESEMzrRbVVCw-AKrI1HMbQ5Sg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAxNzE0MDIxNDAwNjAxMTkzODc3Mg%3D%3D&google_push=AXcoOmTfSYkpQdBXRmdEocDpj3pdzI3jmtx7N_A0c3ZZSKmG2TbZJHL7ccRSJ-9B3F9SUlXLWHTGDeqLqDLGPrXuPDf3igOjYMIY

Request Chain 392

https://cs.media.net/cksync?type=g&google_gid=CAESEIbMnkMHIGP-ifCkLTxpekA&google_cver=1&google_push=AXcoOmQwkDFe_xMS-9ekmvzgYF9O740n3rKefU8T_NsN3ejnygYBWCuPGrmv-OepM8cUOwx_rXPyA-Hee1yZC1j_aTpU6aAxcwyL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMTk0NDU2NjIyMzI4MzAwMFYxMA%3d%3d&mn_hm=MzQzMTk0NDU2NjIyMzI4MzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQwkDFe_xMS-9ekmvzgYF9O740n3rKefU8T_NsN3ejnygYBWCuPGrmv-OepM8cUOwx_rXPyA-Hee1yZC1j_aTpU6aAxcwyL&gdpr=&gdpr_consent=

Request Chain 393

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEESCGl7mW0AVY97L1MezgBQ&google_cver=1&google_push=AXcoOmRF59MhhvcrQZnzxwHt5PwymsTt6DRY36bGUq3t1iz3Qn0ykyko0ZNAhOtX6WIPbkHbimkP4HevTqBDO0AXzH3u5iL3sZrFlQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRF59MhhvcrQZnzxwHt5PwymsTt6DRY36bGUq3t1iz3Qn0ykyko0ZNAhOtX6WIPbkHbimkP4HevTqBDO0AXzH3u5iL3sZrFlQ HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 395

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPmynMnbkBI8FZFapd3EOdw&google_cver=1&google_push=AXcoOmTUHRpN7g36EMks3L9ivu3_Fg4B1Jbx248Z0aiMFmqUM8-Hoiporg2TiD4E4kG9bFxBS78MGyfl63U_YOVD5-M30tAlqYJN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjI3MjcxMzQxNDUzOTQwNg%3D%3D&google_push=AXcoOmTUHRpN7g36EMks3L9ivu3_Fg4B1Jbx248Z0aiMFmqUM8-Hoiporg2TiD4E4kG9bFxBS78MGyfl63U_YOVD5-M30tAlqYJN

Request Chain 396

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEmbmih9QO-e2AKnNSw35Ss&google_cver=1&google_push=AXcoOmQFvQBGj-YQciMhUOTpmFRhZmkwFTBFUgVcsXrCFvYJcLPICXovpyUNH5ndfimmZ5Ctx-JvpWmhJa-vGfIUF4YdW7JHP24 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEmbmih9QO-e2AKnNSw35Ss&google_cver=1&google_push=AXcoOmQFvQBGj-YQciMhUOTpmFRhZmkwFTBFUgVcsXrCFvYJcLPICXovpyUNH5ndfimmZ5Ctx-JvpWmhJa-vGfIUF4YdW7JHP24 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQFvQBGj-YQciMhUOTpmFRhZmkwFTBFUgVcsXrCFvYJcLPICXovpyUNH5ndfimmZ5Ctx-JvpWmhJa-vGfIUF4YdW7JHP24&google_hm=UoJ7F_b1Rnux5vV27eKU8A==

Request Chain 397

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_cver=1&google_push=AXcoOmS5XdZalLVXwlXsRfOp3hVGWziu-5FhTc5eoyewDn_bIxRw7X3aDqv2-_1BuhBVIbsLcnXtaMB333gCyp8Wjc1y6uOxyJV2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmS5XdZalLVXwlXsRfOp3hVGWziu-5FhTc5eoyewDn_bIxRw7X3aDqv2-_1BuhBVIbsLcnXtaMB333gCyp8Wjc1y6uOxyJV2

Request Chain 398

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmQ-To5krsbiqmgNyT2mGGFviXzH_BS3jdNgjKxxD43_4yDZmNHRYr9LxzF08OlH7RQqoGA5PajC0fBtzXvDEo4cajMGF2TH HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmQ-To5krsbiqmgNyT2mGGFviXzH_BS3jdNgjKxxD43_4yDZmNHRYr9LxzF08OlH7RQqoGA5PajC0fBtzXvDEo4cajMGF2TH&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ-To5krsbiqmgNyT2mGGFviXzH_BS3jdNgjKxxD43_4yDZmNHRYr9LxzF08OlH7RQqoGA5PajC0fBtzXvDEo4cajMGF2TH&google_hm=Hq1jJGZH-vtU6kVSQC6kqh_W

Request Chain 399

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELO23NwseXIIs9ImSz9RnCM&google_cver=1&google_push=AXcoOmS7EB2f4H7vWF05lWJH4WKUdhmJtf1tKo5Qex9MuiYNN_KgU1mCCyHgSWtl8Ud-uBoq0kOt-cjBwTfj5QPhoBbK7erWm2xI HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmS7EB2f4H7vWF05lWJH4WKUdhmJtf1tKo5Qex9MuiYNN_KgU1mCCyHgSWtl8Ud-uBoq0kOt-cjBwTfj5QPhoBbK7erWm2xI&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1700192856104 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-e55f2322-1ed7-42aa-ae45-e5732d15ff2c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmS7EB2f4H7vWF05lWJH4WKUdhmJtf1tKo5Qex9MuiYNN_KgU1mCCyHgSWtl8Ud-uBoq0kOt-cjBwTfj5QPhoBbK7erWm2xI%26google_hm%3DA-VfIyIe10KqrkXlcy0V_yw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmS7EB2f4H7vWF05lWJH4WKUdhmJtf1tKo5Qex9MuiYNN_KgU1mCCyHgSWtl8Ud-uBoq0kOt-cjBwTfj5QPhoBbK7erWm2xI&google_hm=A-VfIyIe10KqrkXlcy0V_yw

Request Chain 400

https://cs.media.net/cksync?type=g&google_gid=CAESEIbMnkMHIGP-ifCkLTxpekA&google_cver=1&google_push=AXcoOmTIgrdJPHZAkpRXMTHyRloOgzySAOxgfrcVuTMyJikbVHzrEM1ngah7Gno5wvtz3wYHh1N3jFlk80tPTJsT63UaMrCszznn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMTk0NDU2NjIyMzI0MDAwMFYxMA%3d%3d&mn_hm=MzQzMTk0NDU2NjIyMzI0MDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTIgrdJPHZAkpRXMTHyRloOgzySAOxgfrcVuTMyJikbVHzrEM1ngah7Gno5wvtz3wYHh1N3jFlk80tPTJsT63UaMrCszznn&gdpr=&gdpr_consent=

Request Chain 403

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPmynMnbkBI8FZFapd3EOdw&google_cver=1&google_push=AXcoOmShc5q2JYw0Z_1_siPyZDHjEtwDfO1nK9Bu0JGMU1G2QNHgX0upG0hlqShTi5AzKa-Gr5qgG6x8tZ1feuxM0G89jky5C_vp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjI3MjcxMzQxNTU4Nzk4OA%3D%3D&google_push=AXcoOmShc5q2JYw0Z_1_siPyZDHjEtwDfO1nK9Bu0JGMU1G2QNHgX0upG0hlqShTi5AzKa-Gr5qgG6x8tZ1feuxM0G89jky5C_vp

Request Chain 404

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECc9TIn8f2JYt7eMj4TE1-s&google_cver=1&google_push=AXcoOmS8iG-zoHdqTMmyj6HuXYVLbslirhRwxGIcW4LJ8N5V9ZyElDNDiq7RhsY_SKD6wnCLJohCW8qjU2KUtF_5OgO6Dq0pCBtv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS8iG-zoHdqTMmyj6HuXYVLbslirhRwxGIcW4LJ8N5V9ZyElDNDiq7RhsY_SKD6wnCLJohCW8qjU2KUtF_5OgO6Dq0pCBtv&google_hm=eS1ab3BKV0dGRTJwR2JjelZZYkM4M3FLVlBBYmFWMWxiNX5B

Request Chain 405

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQ29gDVzDq0KDeQqQHuegjaKEl8W941XKf_R8nUqdwTcOMH13644j9u-8fE_M77D28NIg64VZk5xrHQVWJvxeeDWJP3d_2x%26google_hm%3D%5BUID%5D&google_gid=CAESELad2UZst1-7hRixvmQEBXc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQ29gDVzDq0KDeQqQHuegjaKEl8W941XKf_R8nUqdwTcOMH13644j9u-8fE_M77D28NIg64VZk5xrHQVWJvxeeDWJP3d_2x&google_hm=7f2fa5b2-ba8f-410d-aeb7-da7c5ce33b33

Request Chain 406

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmQ7p3UCywB8ISRdabCX9cYS-EFxdcUSCyzKdzcVOSMFROUOLHK7gLMSKZ7Ux6X3VMH4MKMTIyCViOONcok_V2v6M8CguZNR HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmQ7p3UCywB8ISRdabCX9cYS-EFxdcUSCyzKdzcVOSMFROUOLHK7gLMSKZ7Ux6X3VMH4MKMTIyCViOONcok_V2v6M8CguZNR&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ7p3UCywB8ISRdabCX9cYS-EFxdcUSCyzKdzcVOSMFROUOLHK7gLMSKZ7Ux6X3VMH4MKMTIyCViOONcok_V2v6M8CguZNR&google_hm=Hq1jJGZHpMOfVkwLT8-oZjUL

Request Chain 407

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELO23NwseXIIs9ImSz9RnCM&google_cver=1&google_push=AXcoOmTXwFCuL0JCOmTQX9wzTNY4LYtsS66Izz6T32_VFkPYeHh51uK3zTKEyBpL9esKUYRJDjeclqqQ2nYGNqjKh6aGLUO-A75g HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTXwFCuL0JCOmTQX9wzTNY4LYtsS66Izz6T32_VFkPYeHh51uK3zTKEyBpL9esKUYRJDjeclqqQ2nYGNqjKh6aGLUO-A75g&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1700192856103 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-e55f2322-1ed7-42aa-ae45-e5732d15ff2c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTXwFCuL0JCOmTQX9wzTNY4LYtsS66Izz6T32_VFkPYeHh51uK3zTKEyBpL9esKUYRJDjeclqqQ2nYGNqjKh6aGLUO-A75g%26google_hm%3DA-VfIyIe10KqrkXlcy0V_yw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTXwFCuL0JCOmTQX9wzTNY4LYtsS66Izz6T32_VFkPYeHh51uK3zTKEyBpL9esKUYRJDjeclqqQ2nYGNqjKh6aGLUO-A75g&google_hm=A-VfIyIe10KqrkXlcy0V_yw

Request Chain 408

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMzrRbVVCw-AKrI1HMbQ5Sg&google_cver=1&google_push=AXcoOmRFOk0Yk4_OOFbeujNiLRokQoRMgBMGOrrsDSGK8wZw0ejxdwiOR6n5aU3VSuYaEdyqGPfCD8fBGIDU1k8bFD5m-0F2wqE HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRFOk0Yk4_OOFbeujNiLRokQoRMgBMGOrrsDSGK8wZw0ejxdwiOR6n5aU3VSuYaEdyqGPfCD8fBGIDU1k8bFD5m-0F2wqE&google_gid=CAESEMzrRbVVCw-AKrI1HMbQ5Sg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAxNzE0MDIxNDAwNjAxMTkzODc3Mg%3D%3D&google_push=AXcoOmRFOk0Yk4_OOFbeujNiLRokQoRMgBMGOrrsDSGK8wZw0ejxdwiOR6n5aU3VSuYaEdyqGPfCD8fBGIDU1k8bFD5m-0F2wqE

Request Chain 439

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECc9TIn8f2JYt7eMj4TE1-s&google_cver=1&google_push=AXcoOmRXmQJc8-dgKGZiAa0V1C2SsNj1yFEFEm5FQf4qrvAzQk1XQtDvwgO-lyNmCrBQ6gKkaWn1YvEZKhZm8PBN87LM-btWQ-6nlw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRXmQJc8-dgKGZiAa0V1C2SsNj1yFEFEm5FQf4qrvAzQk1XQtDvwgO-lyNmCrBQ6gKkaWn1YvEZKhZm8PBN87LM-btWQ-6nlw&google_hm=eS15SGJWWlZKRTJwR1dVZm1vckp4QkVsaFVCM0hpZXBjUn5B

Request Chain 440

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF3pHaZ2ZMRFzot7eVoZiII&google_cver=1&google_push=AXcoOmT2D2R5qNSKKj7MLpTbuTJj80u-48eUXpxpbGo81FI5MfWEXnOBMXQh4U_iqTVitgDjNU84jHYN81BQkr9rpvkeC0rkyZ2ulQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lucv95ilSfWKo8mq88iAzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmT2D2R5qNSKKj7MLpTbuTJj80u-48eUXpxpbGo81FI5MfWEXnOBMXQh4U_iqTVitgDjNU84jHYN81BQkr9rpvkeC0rkyZ2ulQ

Request Chain 441

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_cver=1&google_push=AXcoOmQU1lbsOVmMVlpb9-7HWAjNJgG34e0VdDJxKKMzrBZlRrx2oEZIjXcfEmKOsUNanEmSY-ZcgiWFp9GS1jDWP0IlMn5cIwYfvg HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmQU1lbsOVmMVlpb9-7HWAjNJgG34e0VdDJxKKMzrBZlRrx2oEZIjXcfEmKOsUNanEmSY-ZcgiWFp9GS1jDWP0IlMn5cIwYfvg

Request Chain 442

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQLrhhyOyvId4-w84FDshMTlXR62-A11fz_2roto-SncMulOiNqNacqCfvJT1hp4Oh0NnJ8UdjgRGiH-CFXLqi3HRT0ZFjRDg%26google_hm%3D%5BUID%5D&google_gid=CAESELad2UZst1-7hRixvmQEBXc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQLrhhyOyvId4-w84FDshMTlXR62-A11fz_2roto-SncMulOiNqNacqCfvJT1hp4Oh0NnJ8UdjgRGiH-CFXLqi3HRT0ZFjRDg&google_hm=100169fe-2035-4fef-938a-5a3d7edc73ae

Request Chain 443

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmQi2KNciutIXpWS-fXWoROqtm73lMUD-CJeF8CgLGv_06fnZ06N5g8q3ddKDZ63vLOLOFKARjmrw0TQhFFXmceVi24mn7b2GA HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmQi2KNciutIXpWS-fXWoROqtm73lMUD-CJeF8CgLGv_06fnZ06N5g8q3ddKDZ63vLOLOFKARjmrw0TQhFFXmceVi24mn7b2GA&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQi2KNciutIXpWS-fXWoROqtm73lMUD-CJeF8CgLGv_06fnZ06N5g8q3ddKDZ63vLOLOFKARjmrw0TQhFFXmceVi24mn7b2GA&google_hm=Hq1jJGZH-vtU6kVSQC6kqh_W

Request Chain 444

https://cs.media.net/cksync?type=g&google_gid=CAESEIbMnkMHIGP-ifCkLTxpekA&google_cver=1&google_push=AXcoOmTByI5sxL9BbbMIoVHoTxS-1a6wvauvj537CypHRMPT1kGwXpyxhJqiJ96xnuEkpmqNU4v2ivDq-0rQ8EBonHoPIsVhzUYZvg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMTk0NDU2NjIyMzI0MDAwMFYxMA%3d%3d&mn_hm=MzQzMTk0NDU2NjIyMzI0MDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTByI5sxL9BbbMIoVHoTxS-1a6wvauvj537CypHRMPT1kGwXpyxhJqiJ96xnuEkpmqNU4v2ivDq-0rQ8EBonHoPIsVhzUYZvg&gdpr=&gdpr_consent=

Request Chain 468

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPmynMnbkBI8FZFapd3EOdw&google_cver=1&google_push=AXcoOmTI_Cyuo6higIToaRehyLJhHmRzmyuodqB-2FKqdCEi0s37jhATj9Zk-CKFXD9YSJM9UgmxzdYGlzYVUvry8AYIu30xPtRX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjI3MjcxMzQxNTU4Nzk4OA%3D%3D&google_push=AXcoOmTI_Cyuo6higIToaRehyLJhHmRzmyuodqB-2FKqdCEi0s37jhATj9Zk-CKFXD9YSJM9UgmxzdYGlzYVUvry8AYIu30xPtRX

Request Chain 469

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF3pHaZ2ZMRFzot7eVoZiII&google_cver=1&google_push=AXcoOmTJFNXQVb9n2z5fFpLupHhUqT7R-kNIpW01Ia7R2G7PcUPJr7p9Rs0KyXe4dZ-TQELkfRUSpe7KjTbIBnnZTDkllBWcNW1LEA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lucv95ilSfWKo8mq88iAzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTJFNXQVb9n2z5fFpLupHhUqT7R-kNIpW01Ia7R2G7PcUPJr7p9Rs0KyXe4dZ-TQELkfRUSpe7KjTbIBnnZTDkllBWcNW1LEA

Request Chain 470

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_cver=1&google_push=AXcoOmSnr6ymMcR_JwKEKT15avWQKvLNWemP7CuwlV40tjRh8hTabSdeNPkUrvO4mfIpGOABNEvFmpH9llaxPnvo69-1pLV-H9TEEQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmSnr6ymMcR_JwKEKT15avWQKvLNWemP7CuwlV40tjRh8hTabSdeNPkUrvO4mfIpGOABNEvFmpH9llaxPnvo69-1pLV-H9TEEQ

Request Chain 471

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmTzkclKMVOCxE3AbYSzjO5fh3P6HH2El7KarW-O5C6Q4TSq72OHniJa_r6UYcLLVDsydkTC9G0enc6iv9-2cgOtWh009FmbWg HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmTzkclKMVOCxE3AbYSzjO5fh3P6HH2El7KarW-O5C6Q4TSq72OHniJa_r6UYcLLVDsydkTC9G0enc6iv9-2cgOtWh009FmbWg&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTzkclKMVOCxE3AbYSzjO5fh3P6HH2El7KarW-O5C6Q4TSq72OHniJa_r6UYcLLVDsydkTC9G0enc6iv9-2cgOtWh009FmbWg&google_hm=Hq1jJGZH-vtU6kVSQC6kqh_W

Request Chain 472

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMzrRbVVCw-AKrI1HMbQ5Sg&google_cver=1&google_push=AXcoOmSlsKORnKnuCuRg0Bh7ovMcIcCN8jS0CFzeoPhhZft0t0VEUbnV5umWeTzncKpGxYpyT-ZMxyioryhBmB6XfiECmTYDykxI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAxNzE0MDIxNDAwNjAxMTkzODc3Mg%3D%3D&google_push=AXcoOmSlsKORnKnuCuRg0Bh7ovMcIcCN8jS0CFzeoPhhZft0t0VEUbnV5umWeTzncKpGxYpyT-ZMxyioryhBmB6XfiECmTYDykxI

Request Chain 473

https://cs.media.net/cksync?type=g&google_gid=CAESEIbMnkMHIGP-ifCkLTxpekA&google_cver=1&google_push=AXcoOmS4j_xQCsQqNegyBNO2kO6n-MV6rxiYD1PS4LZ5lM6PF_dMoJ65J-e09Ga1YnHGMD2kOPNVA2Uzuqi17Cwo12QHyKGNa0Hu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMTk0NDU2NjIyMzI0MDAwMFYxMA%3d%3d&mn_hm=MzQzMTk0NDU2NjIyMzI0MDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmS4j_xQCsQqNegyBNO2kO6n-MV6rxiYD1PS4LZ5lM6PF_dMoJ65J-e09Ga1YnHGMD2kOPNVA2Uzuqi17Cwo12QHyKGNa0Hu&gdpr=&gdpr_consent=

Request Chain 474

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEESCGl7mW0AVY97L1MezgBQ&google_cver=1&google_push=AXcoOmRqe2bFs7p3CYEZwi9k4qVB64JzOrAGbtyrKWZHRQqTX_o5pTIlBjfUALcdljlxjduUHsfYFO-G3sXtFzVDPZOLW6ZoSmk7ito HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRqe2bFs7p3CYEZwi9k4qVB64JzOrAGbtyrKWZHRQqTX_o5pTIlBjfUALcdljlxjduUHsfYFO-G3sXtFzVDPZOLW6ZoSmk7ito HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 484

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECc9TIn8f2JYt7eMj4TE1-s&google_cver=1&google_push=AXcoOmTO5riAYAkz0umDpOB_ECIUhLGKaXXqFAx-HL9jbYM62m-IQZ0NSh6FP319JaGHdoNYkenBTA_AeUzuk-iyADGnRoZsVinEdA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTO5riAYAkz0umDpOB_ECIUhLGKaXXqFAx-HL9jbYM62m-IQZ0NSh6FP319JaGHdoNYkenBTA_AeUzuk-iyADGnRoZsVinEdA&google_hm=eS1pOEJfUnRwRTJwRlowMmV6NEUwWGNBSlNiWkFvM01sT35B

Request Chain 485

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_cver=1&google_push=AXcoOmRzvJrndNQIP92UrzLtiJbxJ5UwsZaIUjuWbTB3zKOoWLMw8yexV4siH7OJq5oomymfbSJln0n0g8cwcCGQC8LEGc86vBg45w HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmRzvJrndNQIP92UrzLtiJbxJ5UwsZaIUjuWbTB3zKOoWLMw8yexV4siH7OJq5oomymfbSJln0n0g8cwcCGQC8LEGc86vBg45w

Request Chain 486

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmTjFckMdrHXxobaS9HSPL4AblOhANxETC1kz4Qnn_7jAvFmNx7o_uIJjRSIiulHoPGzkGhYxER2YhTti5ZSuEp7EL1msB5evA%26google_hm%3D%5BUID%5D&google_gid=CAESELad2UZst1-7hRixvmQEBXc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTjFckMdrHXxobaS9HSPL4AblOhANxETC1kz4Qnn_7jAvFmNx7o_uIJjRSIiulHoPGzkGhYxER2YhTti5ZSuEp7EL1msB5evA&google_hm=c974fa89-24da-44b8-8670-81bbd8b41d1a

Request Chain 487

https://ads.yieldmo.com/exptsync?google_gid=CAESEHZwoabV9kh5aIK-ias_kiM&google_cver=1&google_push=AXcoOmT1rj_54mF3qSL1kdIvahf3qASPhO8VhvcNx7CL9RARuZc4TAVA5ZGPorXpBrdTmzlIxgTWdi69DbHIlWNGMYerPzCssWT8jg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmT1rj_54mF3qSL1kdIvahf3qASPhO8VhvcNx7CL9RARuZc4TAVA5ZGPorXpBrdTmzlIxgTWdi69DbHIlWNGMYerPzCssWT8jg&google_hm=M0ZNeU83N2RkNDdTeWNSaldPWmM=

Request Chain 488

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEESCGl7mW0AVY97L1MezgBQ&google_cver=1&google_push=AXcoOmTp0vfsJ8PE_C-aHWPZ5tgGG5qRRF6Io6YunJujjokJlSMv8Be_B8V68NEogz4-L-khIwWE4thMYIJx31bAqVU3cNHLi945TH4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTp0vfsJ8PE_C-aHWPZ5tgGG5qRRF6Io6YunJujjokJlSMv8Be_B8V68NEogz4-L-khIwWE4thMYIJx31bAqVU3cNHLi945TH4 HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 489

https://trace.mediago.io/cs/google?google_gid=CAESEDBsM703hnw_wQIOuRImbKM&google_cver=1&google_push=AXcoOmQKimb_jjVrnM-5xsU-CfrvtJX5BYZSxFsUKeGJNMmBQvRmtL2JHCwpKkczx9izZUxjNX41nv1ak0HNgEhpwAbgHeXHy9ggdCM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQKimb_jjVrnM-5xsU-CfrvtJX5BYZSxFsUKeGJNMmBQvRmtL2JHCwpKkczx9izZUxjNX41nv1ak0HNgEhpwAbgHeXHy9ggdCM&google_hm=f34e9699882611da106svw00lp22xggl

Request Chain 498

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEElULNDrKtz_L_lM2CuBlvI&google_cver=1&google_push=AXcoOmTLrOgFZMEHoh2WWM1CV8XU6B-73ZN3n9oZHbPJAtd2gwRiVtKlfi6rjE-qNqrNctwmdbPMEXUxXF87Q7PlxJMufn6aBOrA HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmTLrOgFZMEHoh2WWM1CV8XU6B-73ZN3n9oZHbPJAtd2gwRiVtKlfi6rjE-qNqrNctwmdbPMEXUxXF87Q7PlxJMufn6aBOrA&google_hm=t76ThnX0JyYPHfihoVkzIw

Request Chain 499

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPmynMnbkBI8FZFapd3EOdw&google_cver=1&google_push=AXcoOmS4hgY-a6lVeviikUb0y5ad1PQBAhVulTPuSSNFREPgmbl3kvFWxeZn3dOuwa2PdrdGAz3LAkuB1lA1qbUnGeIcJJWcIgc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjI3MjcxMzQxNTU4Nzk4OA%3D%3D&google_push=AXcoOmS4hgY-a6lVeviikUb0y5ad1PQBAhVulTPuSSNFREPgmbl3kvFWxeZn3dOuwa2PdrdGAz3LAkuB1lA1qbUnGeIcJJWcIgc

Request Chain 500

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF3pHaZ2ZMRFzot7eVoZiII&google_cver=1&google_push=AXcoOmRYaKZRWuacGTrOE6VMQba9tl7id2kjLT2E6BwYursI_XhHcMrGkxGgpQ83kvnXmi6DSRzm4IqJZKBI-cIXiY-ysqIiBYg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lucv95ilSfWKo8mq88iAzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRYaKZRWuacGTrOE6VMQba9tl7id2kjLT2E6BwYursI_XhHcMrGkxGgpQ83kvnXmi6DSRzm4IqJZKBI-cIXiY-ysqIiBYg

Request Chain 501

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_cver=1&google_push=AXcoOmRAm2GUJkTnog57Mn-zztbYX7SAF6KDrWbVrTX7-uyceoGggRWGEjOIAK3mSxYyXhzxaLClSh0hYsrEbnOuSLnKQj6oYFE HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmRAm2GUJkTnog57Mn-zztbYX7SAF6KDrWbVrTX7-uyceoGggRWGEjOIAK3mSxYyXhzxaLClSh0hYsrEbnOuSLnKQj6oYFE

Request Chain 502

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmT_5txnI_5JPUpROl79e3-vxWWkZLtPcR_QPXFzEhZdEB5tzljzI9wgktGo85MpgFbEPjqn3FpHYtCyFupxkzDyIC67tsqd%26google_hm%3D%5BUID%5D&google_gid=CAESELad2UZst1-7hRixvmQEBXc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmT_5txnI_5JPUpROl79e3-vxWWkZLtPcR_QPXFzEhZdEB5tzljzI9wgktGo85MpgFbEPjqn3FpHYtCyFupxkzDyIC67tsqd&google_hm=07413442-8e7f-41e1-900f-ccbf6ecbef54

Request Chain 503

https://ads.yieldmo.com/exptsync?google_gid=CAESEHZwoabV9kh5aIK-ias_kiM&google_cver=1&google_push=AXcoOmS06GcymjBKvXAlucSZBCpYmHJwXxaqRJueQOb7RpB3za8ZVfKpQa2bp-RlhQXs_9ZNF-awiDfjUksLI1f3jbDV9Il7WWA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmS06GcymjBKvXAlucSZBCpYmHJwXxaqRJueQOb7RpB3za8ZVfKpQa2bp-RlhQXs_9ZNF-awiDfjUksLI1f3jbDV9Il7WWA&google_hm=M0ZNeU83N2RkNDdTeWNSaldPWmM=

Request Chain 504

https://trace.mediago.io/cs/google?google_gid=CAESEDBsM703hnw_wQIOuRImbKM&google_cver=1&google_push=AXcoOmQRHSsv9omgJNhY_iHinNUc9kJBuCmO5BIvUnZPw_kvgOycsIfXcfhYrdPJEXfKwOqkrDI1P-F00egdxw_BU9Qs6qAvL957 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQRHSsv9omgJNhY_iHinNUc9kJBuCmO5BIvUnZPw_kvgOycsIfXcfhYrdPJEXfKwOqkrDI1P-F00egdxw_BU9Qs6qAvL957&google_hm=f34e9699882611da1m3z2600lp22xggl

Request Chain 513

https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy= HTTP 302
https://ads.yieldmo.com/v000/sync?userid=TjyFp9y1uOZ3&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0

Request Chain 516

https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3FMyO77dd47SycRjWOZc HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3FMyO77dd47SycRjWOZc

Request Chain 518

https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
https://ads.yieldmo.com/v000/sync?userid=3819957177500089848&pn_id=an

Request Chain 520

https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3FMyO77dd47SycRjWOZc&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58259&ovsid=3FMyO77dd47SycRjWOZc&redir=true

Request Chain 521

https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=2710938951

Request Chain 522

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c HTTP 302
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEKqnBlHvr_iDjtR6M0qa6vM&google_cver=1

Request Chain 524

https://dis.criteo.com/dis/usersync.aspx?r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=d8818009-ef52-488a-809a-2bd806bad6fa

Request Chain 526

https://x.bidswitch.net/sync?ssp=yieldmo HTTP 302
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=yieldmo&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=yieldmo&gdpr=0&user_id=VD8upgc4LqhPPir2Bms2qFdsfvZPPCulUjjA0q6n

Request Chain 527

https://u.openx.net/w/1.0/cm?id=d4c5257e-828d-4b73-90b8-97929e02d6c9&r=https%3A%2F%2Fsync-openx.ads.yieldmo.com%2Fsync%3Fpn_id%3Dopenx%26id%3D HTTP 302
https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=ed16aa8c-bba8-05c1-2870-fd483735fd7d

Request Chain 530

https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1 HTTP 302
https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=716c97bbadd01848&is_secure=true&networkId=42851&version=1

Request Chain 538

https://c1.adform.net/serving/cookie/match?party=1283 HTTP 302
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=2391635941405129718

Request Chain 549

https://ad.doubleclick.net/ddm/activity/src=8050383;type=advie0;cat=advie0;u42=377464441;u43=569125530;u44=201451651;u45=30748521;u46=4047736;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8050383;dc_pre=CM-hnPqPyoIDFQxnGQodk8YHDA;type=advie0;cat=advie0;u42=377464441;u43=569125530;u44=201451651;u45=30748521;u46=4047736;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=8050383;dc_pre=CM-hnPqPyoIDFQxnGQodk8YHDA;type=advie0;cat=advie0;u42=377464441;u43=569125530;u44=201451651;u45=30748521;u46=4047736;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 550

https://um.simpli.fi/gp_match?google_gid=CAESEAPPH1DGnFlX5LPMX0IFI50&google_cver=1&google_push=AXcoOmRRHN0Dk_Kw2_1XBR3dXelezCncLOVNU4iH43b-5N2TioJy2_yU6-px5St_Vfqkfb3kEd-TobEKW0t-iPusSF8moUN3Xrf9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=09C14A6836C34EC980F73ECBFA698BA8&google_push=AXcoOmRRHN0Dk_Kw2_1XBR3dXelezCncLOVNU4iH43b-5N2TioJy2_yU6-px5St_Vfqkfb3kEd-TobEKW0t-iPusSF8moUN3Xrf9

Request Chain 551

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPmynMnbkBI8FZFapd3EOdw&google_cver=1&google_push=AXcoOmT0pxucgQsBXnG4yDeD3xHHJ55zFqAdhHGWwT_gJ0E50lTSKtyg4WWEq5FLoVDW1bv6kC3WjI2V8ZyZf4lWHy1wQcjfh9-L6A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjI3MjcxMzQxNTU4Nzk4OA%3D%3D&google_push=AXcoOmT0pxucgQsBXnG4yDeD3xHHJ55zFqAdhHGWwT_gJ0E50lTSKtyg4WWEq5FLoVDW1bv6kC3WjI2V8ZyZf4lWHy1wQcjfh9-L6A

Request Chain 552

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF3pHaZ2ZMRFzot7eVoZiII&google_cver=1&google_push=AXcoOmTghQDQh46mGVT_BvTMOnHbcOpZ2eWZcsnV-xSznL8ggvfc0cZkj7AeB3cxKEr3CZvlduS_pI2JN82ViM5FLwdK9E51IH-6sw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lucv95ilSfWKo8mq88iAzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTghQDQh46mGVT_BvTMOnHbcOpZ2eWZcsnV-xSznL8ggvfc0cZkj7AeB3cxKEr3CZvlduS_pI2JN82ViM5FLwdK9E51IH-6sw

Request Chain 553

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESENyay5iq7I6yRpxgmLlSweg&google_cver=1&google_push=AXcoOmRNpyEWzHZ9zilsM7qzT_-Q6IXDntukFvdjRNfAPC7N5ZImQrpaCXpbU3W909xFL9LWV1CuTxnfWethTSu0jTMtrxlG-JhJLQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=IkzCtiDAWzpXS6-M6AaDBR-l1zg&google_push=AXcoOmRNpyEWzHZ9zilsM7qzT_-Q6IXDntukFvdjRNfAPC7N5ZImQrpaCXpbU3W909xFL9LWV1CuTxnfWethTSu0jTMtrxlG-JhJLQ

Request Chain 554

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMzrRbVVCw-AKrI1HMbQ5Sg&google_cver=1&google_push=AXcoOmQh6WRvGWhcgRjvd91-s2C8W6qNMnEhDg0rbqqbg9HuopprW8qhWqIiOTBYVy_VSRmfGvyngMOqP7oEisX57tUfB4re_51dfA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAxNzE0MDIxNDAwNjAxMTkzODc3Mg%3D%3D&google_push=AXcoOmQh6WRvGWhcgRjvd91-s2C8W6qNMnEhDg0rbqqbg9HuopprW8qhWqIiOTBYVy_VSRmfGvyngMOqP7oEisX57tUfB4re_51dfA

Request Chain 556

https://trace.mediago.io/cs/google?google_gid=CAESEDBsM703hnw_wQIOuRImbKM&google_cver=1&google_push=AXcoOmSryvV7co65d3vtFDMlsi4PZrmvLSu_DULvQzekxV7CW6718o-p4PujjyHMDkC81xXhgHv2zFPeOq3fJsTkqBKyjUxzLBDYrc0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSryvV7co65d3vtFDMlsi4PZrmvLSu_DULvQzekxV7CW6718o-p4PujjyHMDkC81xXhgHv2zFPeOq3fJsTkqBKyjUxzLBDYrc0&google_hm=f34e9699882611da1eb9g100lp22xggm

Request Chain 578

https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=eac573ef62d837726f6e HTTP 302
https://sb.scorecardresearch.com/p2?c1=8&c2=18969557&ns_ap_it=b&rn=eac573ef62d837726f6e

Request Chain 764

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=BA67A30D98194F518B791D7386D10AF8&RedC=c.clarity.ms&MXFR=242E3C589A736B0D011A2F949E7365B8 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BA67A30D98194F518B791D7386D10AF8&MUID=3A5906996A36630333B115556B8F62C0

773 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
folkd.com/
Redirect Chain

https://www.folkd.com/submit/mybodygeometry.com/2023/11/16/%d0%b7%d0%b0%d0%b1%d0%be%d1%82%d0%b0-%d0%be-%d1%81%d0%b2%d0%be%d0%b5%d0%b9-%d0%be%d1%81%d0%b0%d0%bd%d0%ba%d0%b5-%d0%bc%d0%b8%d1%84%d1%8b-%...
https://folkd.com/submit/mybodygeometry.com/2023/11/16/%d0%b7%d0%b0%d0%b1%d0%be%d1%82%d0%b0-%d0%be-%d1%81%d0%b2%d0%be%d0%b5%d0%b9-%d0%be%d1%81%d0%b0%d0%bd%d0%ba%d0%b5-%d0%bc%d0%b8%d1%84%d1%8b-%d0%b...
https://folkd.com/submit/mybodygeometry.com/2023/11/16/%d0%b7%d0%b0%d0%b1%d0%be%d1%82%d0%b0-%d0%be-%d1%81%d0%b2%d0%be%d0%b5%d0%b9-%d0%be%d1%81%d0%b0%d0%bd%d0%ba%d0%b5-%d0%bc%d0%b8%d1%84%d1%8b-%d0%b...
https://folkd.com/

17 KB
8 KB

393ms
392ms

Document
text/html

76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

1b5d12e46a4838498d352d4025bbd9800fc6457dee5965736c505707b23431da

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 8274fe1a4aed5d55-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Fri, 17 Nov 2023 03:47:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6q%2Bou9hx8siBiAm2o7Bx7sduR5puSk8YLixN0Ri%2BljAoYTc7q%2FyH%2BAra1%2FbcyqFuPPl3EWtvz6DcKs928YpMC0peI1hsG3eI2trmFk185gFwdtknneUgXOnsISCKPgwTHbBu9aUHXUJffu5oJQVFFBuxXNlayJZRnFHNJGwfj4igtbQaXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: Vercel
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-bubble-capacity-limit: 0 ms slower
x-bubble-capacity-used: 0.141 unit-seconds used
x-bubble-perf: {"total":117.8,"percents":{"top":{"bubble_cpu":52,"block":46.7,"capacity_rl":0,"other_pause":0,"pre_fiber":0.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":59.8,"appserver_cache_misses_time":0,"redis":59.8,"fiber_queue":2.4,"capacity_wait":2.5}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":5,"derived_cache_memory_misses":5,"serverjson":121,"appserver_cache_attempts":3,"appserver_mem_cache_hits":0,"appserver_cache_hits":3,"appserver_cache_misses":0,"redis":68,"fiber_queue":58,"blocks":57},"misc":{"userdb_results":1,"userdb_data":629,"spent_time":9193364}}
x-coalias-cache: MISS
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-vercel-id: fra1::cqf8g-1700192848993-f3e89e8b5ff8

Redirect headers

cache-control: no-store
cf-ray: 8274fe19c94ef17c-CDG
content-length: 0
content-type: text/plain;charset=UTF-8
date: Fri, 17 Nov 2023 03:47:28 GMT
location: /
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVsqvIisJ9YDZnROM4kAX3UMN%2FTc7rNyFcA5zcrqSX%2Btp3EhwlslINoAXthNYMN1QBebmG2r3DHphOlutxChJdyM91wyAhpHLMJm%2BKvsIhPtlKYhxUDkhnMmWoA75ZbN9jzMe1cvChwnq2R6u3VCrmfzsytbQM1Cqp7myY12K05nlBcLhg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: Vercel
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-vercel-id: fra1::cqf8g-1700192848890-ae8c1c8db6be

GET
H2 200 coalias_meta.js Show response
folkd.com/ 2 KB
1 KB 54ms
40ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/coalias_meta.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

63048d3da9b8ef24703db0cb353c4bec041d9acc3575b407755a5affda7eb9db

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:29 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1:fra1:fra1::cspwr-1700192849413-69d4e5b07070
age: 794519
etag: W/"162388d1b605b8c339e98419fcdfbb9d"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="coalias_meta.v1.min.js"

GET
H2 200 coalias_page_logic.js Show response
folkd.com/ 1 KB
709 B 58ms
45ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/coalias_page_logic.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

09fa48367ecdb31ccbb365e0428d3d7bd7f32f48890b84d2e6c6ab9d2b12e3f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:29 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1:fra1:fra1::gp475-1700192849418-94d2e83abed2
age: 234332
etag: W/"c01471c249877474d63c6beba5d7cb51"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="coalias_page_logic.v1.min.js"

GET
H2 200 coalias_static_rewrite.js Show response
folkd.com/ 616 B
806 B 53ms
41ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/coalias_static_rewrite.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

18a847f8474bbd62b4a8e5d7fc404c2d3863b05bd4e940750f7bf3fb31c78430

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1:fra1:fra1::cqf8g-1700192849418-99b442fc506c
age: 794536
etag: "142bd05e9b948e2640c9647c7734ee4b"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="coalias_static_rewrite.v1.min.js"
accept-ranges: bytes
content-length: 616

GET
H2 200 early.js Show response
folkd0612.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/ 24 KB
9 KB 425ms
32ms Script
application/javascript 104.16.204.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://folkd0612.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.204.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:29 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":12.6,"percents":{"top":{"bubble_cpu":35.6,"block":48,"capacity_rl":0,"other_pause":0,"pre_fiber":4.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":14,"fiber_queue":3.4,"capacity_wait":32.2}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":4,"fiber_queue":5,"blocks":4},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":675629}}
server: cloudflare
age: 790300
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.01 unit-seconds used
timing-allow-origin: *
cf-ray: 8274fe1f2aae01e7-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 run.css
folkd0612.bubbleapps.io/package/run_css/9fb589894c6054d97d4193ccbac081765ec214105b70ec438441ebf05c19faaf/folkd0612/live/index/xfalse/xfalse/ 628 KB
42 KB 431ms
38ms Stylesheet
text/css 104.16.204.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://folkd0612.bubbleapps.io/package/run_css/9fb589894c6054d97d4193ccbac081765ec214105b70ec438441ebf05c19faaf/folkd0612/live/index/xfalse/xfalse/run.css
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.204.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7fe686d98f9082ebd917492c9b1faf52494e8a56c575dcc402430155e63508b5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:29 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":32,"percents":{"top":{"bubble_cpu":39,"block":59.5,"capacity_rl":0,"other_pause":0,"pre_fiber":1.6},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":38.9,"appserver_cache_misses_time":0,"redis":49.7,"fiber_queue":5.9,"capacity_wait":5.2}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":13,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":18,"fiber_queue":23,"blocks":22},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1870473}}
age: 16767
cf-polished: origSize=799884
x-powered-by: Express
x-bubble-capacity-used: 0.029 unit-seconds used
cf-bgj: minify
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
cf-ray: 8274fe1f3fef01f8-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 pre_run_jquery.js Show response
folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/ 88 KB
32 KB 425ms
33ms Script
application/javascript 104.16.204.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.204.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:29 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":7,"percents":{"top":{"bubble_cpu":23.7,"block":64.9,"capacity_rl":0,"other_pause":0,"pre_fiber":5.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":64.6,"fiber_queue":2,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":3,"fiber_queue":4,"blocks":3},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":248641}}
server: cloudflare
age: 790300
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.004 unit-seconds used
timing-allow-origin: *
cf-ray: 8274fe1f2aaa01e7-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 run.js Show response
folkd0612.bubbleapps.io/package/run_js/8a89108b2f22e0725d4c116c621d497656d0c3b2caca40f92d7e8d3414855d3a/xtrue/x21/ 4 MB
812 KB 445ms
53ms Script
application/javascript 104.16.204.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://folkd0612.bubbleapps.io/package/run_js/8a89108b2f22e0725d4c116c621d497656d0c3b2caca40f92d7e8d3414855d3a/xtrue/x21/run.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.204.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b0c53713037732287a7208b6be42d56387d61895cb5c6aa3b8131884af590982

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:29 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":6.6,"percents":{"top":{"bubble_cpu":36,"block":37.4,"capacity_rl":0,"other_pause":0,"pre_fiber":5.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":23.9,"fiber_queue":3,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":2,"fiber_queue":5,"blocks":4},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":355072}}
server: cloudflare
age: 19252
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.005 unit-seconds used
timing-allow-origin: *
cf-ray: 8274fe1f2aab01e7-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 static.js Show response
folkd0612.bubbleapps.io/package/static_js/83f7ade1ceccfa704709e54ed1f2ff37e619452bc6006a543cf757f451c31b9e/folkd0612/live/index/xnull/xfalse/xfalse/xtrue/ 1 MB
116 KB 431ms
41ms Script
application/javascript 104.16.204.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://folkd0612.bubbleapps.io/package/static_js/83f7ade1ceccfa704709e54ed1f2ff37e619452bc6006a543cf757f451c31b9e/folkd0612/live/index/xnull/xfalse/xfalse/xtrue/static.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.204.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9ebdca8d12ecd966a87e3ea10f97022f0fdb6d6301343bd966cad1800f9d8d3f

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:29 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":123.7,"percents":{"top":{"bubble_cpu":45.9,"block":53.4,"capacity_rl":0,"other_pause":0,"pre_fiber":0.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":123.8,"appserver_cache_misses_time":0,"redis":113.8,"fiber_queue":7,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":57,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":62,"fiber_queue":38,"blocks":37},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":8515593}}
server: cloudflare
age: 19252
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.131 unit-seconds used
timing-allow-origin: *
cf-ray: 8274fe1f2aad01e7-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 dynamic.js Show response
folkd0612.bubbleapps.io/package/dynamic_js/5103147c848345de85a4b4051ec0c14c91cae4bba6e765f2f70d79829c3c98f8/folkd0612/live/index/xnull/xfalse/xtrue/en_us/xfalse/xfalse/ 2 MB
210 KB 438ms
48ms Script
application/javascript 104.16.204.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://folkd0612.bubbleapps.io/package/dynamic_js/5103147c848345de85a4b4051ec0c14c91cae4bba6e765f2f70d79829c3c98f8/folkd0612/live/index/xnull/xfalse/xtrue/en_us/xfalse/xfalse/dynamic.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.204.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 07a10e3912e7a681e810c7cc0cfb13868b18acd4feb6ba57c90598a22fdc9d11

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:29 GMT
content-encoding: br
cf-cache-status: HIT
x-bubble-perf: {"total":163.3,"percents":{"top":{"bubble_cpu":8.8,"block":90.7,"capacity_rl":0,"other_pause":0,"pre_fiber":0.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":3.2,"appserver_cache_misses_time":0,"redis":3.6,"fiber_queue":0.4,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":6,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":2159225}}
server: cloudflare
age: 19251
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-bubble-capacity-used: 0.033 unit-seconds used
timing-allow-origin: *
cf-ray: 8274fe1f2ab001e7-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 iziToast.min.css
cdnjs.cloudflare.com/ajax/libs/izitoast/1.4.0/css/ 41 KB
10 KB 403ms
35ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/izitoast/1.4.0/css/iziToast.min.css

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1311154
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9391
last-modified: Mon, 04 May 2020 16:11:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ebd-a221"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s72t%2FN%2BcvCpsV4BKxBkjSAMdi%2FvcYV%2BeHq0pWRCJHL2ctBpljcV2RBYL2ymAoCI6GJAx%2Fv%2FAeX7K6jrgLCWe0mB6hRq44tpik6uLlRPwqWhAMKiDBbv7GhNCLAGNUX%2BMvx0hwOia"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8274fe1f1cd42355-ZRH
expires: Wed, 06 Nov 2024 03:47:29 GMT

GET
H2 200 iziToast.min.js Show response
cdnjs.cloudflare.com/ajax/libs/izitoast/1.4.0/js/ 18 KB
5 KB 405ms
39ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/izitoast/1.4.0/js/iziToast.min.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1298744
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4440
last-modified: Mon, 04 May 2020 16:11:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ebd-4836"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AghtbZoZw%2FdaO7LBdRh4kH7igF8kl%2B0bgW5Z0%2B0Eo8AgnRF7tHp4TtV5j1A1Yt1EIiH5LtxpBNzbTGXdurBatKV4C54WG951nmoaPTr%2Fix%2F6oMSDnUEpSZOVAB%2BCFS1DIm80Ubts"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8274fe1f1cd52355-ZRH
expires: Wed, 06 Nov 2024 03:47:29 GMT

GET
H2 200 openbuild.css
cdn.jsdelivr.net/gh/matmaz99/openbuild-core@latest/ 2 KB
1 KB 407ms
35ms Stylesheet
text/css 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/matmaz99/openbuild-core@latest/openbuild.css

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce658fec86c1f9a68dfdfcd3a26f13e51f5e6002c96fbfe1010b72810aa6bea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15176
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230124-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"610-Hhq7J7BAZ2hStZBftPx+L7C331g"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLZZaPXICsOAXJx7irnYIn96IrMbq2WVXiP4v8lT9krfJ1VEKlSTdB0NVxJ1%2BgwxMecMP8tCfga%2BvQQDkxnIwISvt5aGWL%2FV0JKMZTd5M3RPXALzgIff5vHxceH4%2BiAwnc8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8274fe1f1c9724c0-ZRH

GET
H2 200 xano.min.js Show response
cdn.jsdelivr.net/npm/@xano/js-sdk/dist/ 32 KB
10 KB 408ms
37ms Script
application/javascript 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

745097fdeb0ffd3d61c322f951065a79ea6cde580a5746b312028d2ab4995dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9804
x-jsd-version: 1.0.21
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220060-FRA, cache-mxp6944-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"816c-y4fQWjEhnwuADXqNUiHMJJo4LgE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vX8ZEYelocZNQtMhpb3R%2BgRGXbfYlIWrWUuC%2FaYn6hjAgs3OkZrvQuN1Lov74qBMwK14XOy2%2BIw5kXMFEEhyM5AboacuflwqR7oWQ9dJpuUSpBOVUf2%2Fn3Moapi7q3VWgEg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8274fe1f1c9a24c0-ZRH

GET
H/1.1 200
OK 65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js Show response
monu.delivery/site/5/d/ 50 KB
13 KB 1049ms
606ms Script
application/javascript 185.3.92.76
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.92.76 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: nb-185-3-92-76.tc.nodebalancer.linode.com
Software: nginx /
Resource Hash: 5505fbb873ff896ee9a3e5ba9067bc6426a727a9de638be644152bba351e8cf4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:30 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPok8NY3L7QTi5JgQi37WHAouZdW2GAlx7w_lLkl61yUUG-JRSpTbvx822H8DNtAM4x0KCc
transfer-encoding: chunked
x-cache: EXPIRED
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
connection: close
server: nginx
vary: Accept-Encoding
x-goog-generation: 1700159538674813
content-type: application/javascript
x-goog-hash: crc32c=Vh7Bwg==, md5=AkvbtmKYvklzuH9UDe7CIw==
cache-control: max-age=7200
x-goog-stored-content-length: 50755
expires: Fri, 17 Nov 2023 05:47:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
80 KB 465ms
70ms Script
application/javascript 216.58.212.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7BR5TDFFPC

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f168.1e100.net

Software

Google Tag Manager /

Resource Hash

0a16a0833c0a79ac8c7a3fe2ce1f1f0b782b487e2ad8e4d4b3a85d2ff7c32864

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81091
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 Nov 2023 03:47:30 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 554 KB
154 KB 135ms
37ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f27e9ca75db1b778e94c55ffb6a1f471a2fab0761034b9ce0a233bc0866e6cc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 Nov 2023 03:47:29 GMT
via: 1.1 varnish
age: 48
x-cache: HIT
content-length: 157145
x-request-id: 7cf52443-7fa1-4f4a-a897-991bb2bdb682
x-served-by: cache-fra-eddf8230113-FRA
last-modified: Thu, 16 Nov 2023 21:51:24 GMT
server: Fastly
etag: "735677db1390373c37dfd0233c992727"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 css
fonts.googleapis.com/ 20 KB
2 KB 440ms
46ms Stylesheet
text/css 172.217.23.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f10.1e100.net

Software

ESF /

Resource Hash

391745d698a9b473b2246c5c425b2c0eefd8afeddb702284646be40f6f70d57c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 03:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 03:47:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 03:47:30 GMT

GET
H2 200 data Show response
folkd.com/api/1.1/init/ 706 B
2 KB 271ms
270ms XHR
text/plain 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/api/1.1/init/data?location=https%3A%2F%2Ffolkd.com%2F

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

ca40055530f1468bde44b940278ab91bf0d1b2935874a2e6830757d9577b2750

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://folkd.com/
x-coalias-route: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzAwMTkyODQ5fQ.g1nWWZG7qIkjL6_9rdlNjgdBd1n8bZIkQ0NOUKZvwzI
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:30 GMT
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: Vercel
x-coalias-cache: MISS
x-bubble-perf: {"total":21.7,"percents":{"top":{"bubble_cpu":28.4,"block":66.3,"capacity_rl":0,"other_pause":0,"pre_fiber":3.1},"sub":{"pp_userdb":13.8,"pp_wait_userdb":0,"http_request":0,"serverjson":11,"appserver_cache_misses_time":0,"redis":34.9,"fiber_queue":19.9,"capacity_wait":0}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":8,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":14,"fiber_queue":15,"blocks":14},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":6927750}}
x-vercel-id: fra1::k6s9z-1700192849836-125dcce289da
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pY3mM7vXf4ky6VbFbtd5mTF%2BR0Z03h0stpZ1O2S3wPM432GfCj7eUrtGGzGF9Yf2KR7ys1so0c4qSFzl%2B6OX2plLaZYCvkG9Jnp4TnV%2BaibmVbaQCPKFn0EGhM28sSVofpOj7E5dtPV2zHCsPgsmkqoNOWh0iJS%2BejrDK1Whu1ggf9kzZA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
x-bubble-capacity-used: 0.107 unit-seconds used
cf-ray: 8274fe1f8dc118b5-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 486ms
43ms Script
text/javascript 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/dynamic_js/5103147c848345de85a4b4051ec0c14c91cae4bba6e765f2f70d79829c3c98f8/folkd0612/live/index/xnull/xfalse/xtrue/en_us/xfalse/xfalse/dynamic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

GSE /

Resource Hash

13a98b9416e587b6aac281b68031fbc9fdfcc4e6870925efcf7416251f0ea912

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 17 Nov 2023 03:47:30 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.0/ 50 KB
15 KB 33ms
32ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.0/moment.min.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c42c23a0a15b19aa34fbf250c2ef3717f98169f8f123875936de604ca03070a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 698886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15241
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-c9b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ndhJYPGhga4YVaBdkFDDhfBKxV9wpHuULouo5ddkuhwZp%2BU1IGWjXwiA1WxPxj7LXn1DcaxHtaxeqA06os4a2UkTH81PQQZ2V0NwmmxqX7kVlm0NIFFHFX0DKFs6kaxh6ol%2BBD2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8274fe238a3f2355-ZRH
expires: Wed, 06 Nov 2024 03:47:30 GMT

GET
H2 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
24 KB 546ms
84ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:regular%7CInter:300%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:regular%7CInter:500%7CInter:500%7CInter:600%7CInter:700%7CLato:regular%7CLato%7CNoto+Sans:regular%7CPublic+Sans:regular%7CPublic+Sans:500%7CUrbanist:500%7CUrbanist:600%7CUrbanist:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:33:06 GMT
x-content-type-options: nosniff
age: 108864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23880
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 21:33:06 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 567ms
105ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 20:16:09 GMT
x-content-type-options: nosniff
age: 27081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 20:16:09 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 565ms
104ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 07:52:57 GMT
x-content-type-options: nosniff
age: 244473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Nov 2024 07:52:57 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v34/ 14 KB
14 KB 570ms
109ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v34/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

55ed173209f7ec86b28240d8c2ecebe894742cffefed38a4de734d35bbf8d9f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:33:05 GMT
x-content-type-options: nosniff
age: 108865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14276
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 19:35:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 21:33:05 GMT

GET
H2 200 ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2
fonts.gstatic.com/s/publicsans/v15/ 26 KB
26 KB 563ms
103ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/publicsans/v15/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

432501d7bf47b128295c61f72eeee2e5c2d33755f85db43ba89188408ab9389d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 21:52:07 GMT
x-content-type-options: nosniff
age: 539723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26244
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:34:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 21:52:07 GMT

GET
H2 200 L0x-DF02iFML4hGCyMqlbS0.woff2
fonts.gstatic.com/s/urbanist/v15/ 27 KB
27 KB 551ms
91ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/urbanist/v15/L0x-DF02iFML4hGCyMqlbS0.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

84221e6c0c5f950b44d38a40bc19ffa9a340b2a5d207cb6f6461b84d474f2555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 10:35:07 GMT
x-content-type-options: nosniff
age: 321143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27824
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:09:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 10:35:07 GMT

GET
H/1.1 200
OK xdomain_cookie.min.js Show response
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ 5 KB
2 KB 49ms
48ms Script
application/javascript 185.3.92.76
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.92.76 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: nb-185-3-92-76.tc.nodebalancer.linode.com
Software: nginx /
Resource Hash: 7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:30 GMT
content-encoding: gzip
age: 920
x-guploader-uploadid: ABPtcPpkIQCbjEefXvOmvUOec6yr-OCHMk6mnFi6eGxa_4W1WiSY7OXMdqgo6sLcl6EPLO7jvddEbQcxyw
transfer-encoding: chunked
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
connection: close
last-modified: Tue, 25 Aug 2020 07:36:03 GMT
server: nginx
vary: Accept-Encoding
x-goog-generation: 1598340963244234
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
cache-control: max-age=31104000, public
x-goog-stored-content-length: 4733
expires: Mon, 11 Nov 2024 03:47:30 GMT

GET
H2 200 hysaayfb9e Show response
www.clarity.ms/tag/ 650 B
1010 B 592ms
121ms Script
application/x-javascript 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/hysaayfb9e
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 817b1a21fbaf46209f1e92fc83c6ac62d94cecdf641d967823970c0e8060d630

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
date: Fri, 17 Nov 2023 03:47:30 GMT
x-azure-ref: 0UuJWZQAAAACPsbl083OTQpyt7NHRKDLOWlJIRURHRTEzMTYANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 650
expires: -1

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK 65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js Show response
monu.delivery/sitesplit/d3/0.9.2/5/d/ 560 KB
159 KB 615ms
170ms Script
application/javascript 185.3.92.76
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/sitesplit/d3/0.9.2/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.92.76 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: nb-185-3-92-76.tc.nodebalancer.linode.com
Software: nginx /
Resource Hash: 240c743c0bc735cb070b66bc92aac213ebb0e46e349b6f6a76967631ec929d79

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:31 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPqvv-FzL1Fu-l_fpPaHXTegbJRLLGGzJMmmwE1ajvWdkwUqGxen9odUt768Vooc_vgcUak
transfer-encoding: chunked
x-cache: MISS
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
connection: close
server: nginx
vary: Accept-Encoding
x-goog-generation: 1700159543301721
content-type: application/javascript
x-goog-hash: crc32c=f9fkjQ==, md5=UnkoI+4mWBEzR8Mk97dUKg==
cache-control: max-age=7200
x-goog-stored-content-length: 573233
expires: Fri, 17 Nov 2023 05:47:31 GMT

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame A1AF 200 B
841 B 35ms
35ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5984572
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 17 Nov 2023 03:47:30 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 558380
x-content-type-options: nosniff
x-request-id: b477d202-dbbd-451c-9ce3-402bdd66a670
x-served-by: cache-fra-eddf8230113-FRA

OPTIONS
H2 200 me
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/ Frame 0
0 647ms
292ms Preflight
text/html 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/me

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-data-source
Access-Control-Request-Method: GET
Origin: https://folkd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 03:47:31 GMT
expires: Tue, 19 Nov 2013 03:47:31 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

OPTIONS
H2 200 suggestedTagsNew
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ Frame 0
0 631ms
291ms Preflight
text/html 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/suggestedTagsNew?perPage=10

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-data-source
Access-Control-Request-Method: GET
Origin: https://folkd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 03:47:31 GMT
expires: Tue, 19 Nov 2013 03:47:31 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

GET
H2 200 fontawesome-webfont.woff2
folkd0612.bubbleapps.io/static/fonts/ 75 KB
76 KB 41ms
40ms Font
font/woff2 104.16.204.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd0612.bubbleapps.io/static/fonts/fontawesome-webfont.woff2

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_css/9fb589894c6054d97d4193ccbac081765ec214105b70ec438441ebf05c19faaf/folkd0612/live/index/xfalse/xfalse/run.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.204.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://folkd0612.bubbleapps.io/package/run_css/9fb589894c6054d97d4193ccbac081765ec214105b70ec438441ebf05c19faaf/folkd0612/live/index/xfalse/xfalse/run.css
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:30 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-bubble-perf: {"total":8.4,"percents":{"top":{"bubble_cpu":22,"block":71.2,"capacity_rl":0,"other_pause":0,"pre_fiber":4.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":52.2,"fiber_queue":4.8,"capacity_wait":13.3}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":4,"fiber_queue":6,"blocks":5},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":277299}}
age: 1308435
x-powered-by: Express
x-bubble-capacity-used: 0.004 unit-seconds used
content-length: 77160
server: cloudflare
etag: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8274fe2548bb01e7-ZRH
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 logo-40px.svg
1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1676897406070x914614085739208700/ 2 KB
1 KB 237ms
165ms Image
image/svg+xml 104.16.224.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1676897406070x914614085739208700/logo-40px.svg

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.224.78 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b26090b7c2ddac21b5731cd0dc5ada44fd88d3b7ee421dd8ddc0a7db2b12c70

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:31 GMT
x-amz-version-id: NoYri7j3dqGJ_o.0cuCTxKXFnTaBUSkL
content-encoding: br
cf-cache-status: REVALIDATED
content-security-policy: script-src 'none'
x-amz-request-id: ESVZW6HVHCQ6FV34
x-amz-server-side-encryption: AES256
x-amz-meta-app-version: test
x-amz-id-2: cV3/G8OwA020CO8bvlY8MjSnYzoZkPZMnUS8rCdNa+1YgW3Gi1Uhzh3Ml4rj9OIbRhIXx25R1jo=
x-amz-meta-appname: folkd0612
last-modified: Mon, 20 Feb 2023 12:50:07 GMT
server: cloudflare
etag: W/"98bcc0ebb1abcca0eceef4c5f8ed8d71"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=86400
cf-ray: 8274fe26addf0229-ZRH

GET
H2 200 me Show response
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/ 162 B
690 B 337ms
337ms XHR
application/json 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/auth/me

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

b924c0f3cca5409ff9a2c9641e5610cee45e81ae4d315dc6bfa594dd0d5ca663

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Data-Source: live
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
Authorization: Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;
x-app: hit
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: deny
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: *
expires: Tue, 19 Nov 2013 03:47:31 GMT

GET
H2 200 suggestedTagsNew Show response
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ 4 KB
2 KB 338ms
336ms XHR
application/json 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/suggestedTagsNew?perPage=10

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

a9131688b6006c13fb5534ff475af1cb1b399b391df4455f6b4c62fc8838e246

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Data-Source: live
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
Authorization: Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;
x-query-cache: 1
x-app: hit
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: deny
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: *
expires: Tue, 19 Nov 2013 03:47:31 GMT

POST
H2 200 hi Show response
folkd.com/user/ 57 B
1 KB 308ms
308ms XHR
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/user/hi

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

bb4137a98f20600cbb4cb7ea06f44e75781f21e67898a5a3b9ae5d33780177ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

X-Bubble-Epoch-Name: Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID: 1700192850487x106106918227710780
X-Bubble-Fiber-ID: 1700192851007x828732038672341800
X-Bubble-PL: 1700192849192x677
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://folkd.com/
cache-control: no-cache
Referer: https://folkd.com/
X-Requested-With: XMLHttpRequest
x-coalias-route: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzAwMTkyODQ5fQ.g1nWWZG7qIkjL6_9rdlNjgdBd1n8bZIkQ0NOUKZvwzI
X-Bubble-Breaking-Revision: 5

Response headers

date: Fri, 17 Nov 2023 03:47:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf: {"total":15.3,"percents":{"top":{"bubble_cpu":18.1,"block":71.4,"capacity_rl":0,"other_pause":0,"pre_fiber":5.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":3.4,"appserver_cache_misses_time":0,"redis":37.6,"fiber_queue":4,"capacity_wait":30.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":7,"fiber_queue":8,"blocks":7},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":415203}}
strict-transport-security: max-age=63072000
x-bubble-appname: folkd0612
x-powered-by: Express
x-bubble-capacity-used: 0.006 unit-seconds used
x-coalias-cache: MISS
server: Vercel
x-vercel-id: fra1::l2pgl-1700192851030-46c3a022ed2a
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IctUqy2LanGHp2cntaEjgdhD0HJ5L076TzrietjuQFsYAC%2FDVF%2FpmgNb4Uj58gKwONglgv9H0PyM5s3Ezd%2BGoz1Km5kH%2BjLa6G4wxn%2FCzak6D%2BTXHL2tdTBjrga5FbT2p3u52%2B%2Bj0gDKF5pwWuXLrO6lD7uLfHlm6TrE6j%2BM7VUFbnf6%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-bubble-request-took: 15
cache-control: no-cache
cf-ray: 8274fe2709ff3a78-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
998 B 397ms
40ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531654
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQg3zOasdWgwjJWH6PK%2Fw32CJ2JoZe9kFz3BEUz2oOT8GgBluJA1nTDtZ%2BMrjGMmiV6ajQZkhj9%2FEIa0b1CBhfFB5VJ%2F8plJcax1uJNkoxqmULVOfbQt5iZ4YC8kyFC4teA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe292c9c24be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
546 B 349ms
44ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531654
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CdSz6DHcZ545W%2FxTd8WfFGmeU0q1uNbRKBUP5XUavhwGSYpzChtZ1Y8wGQ8q4pITrMUP6FEeHfY6ApEhzSsBozmOu2cAaW8VpWKxsZL9N7RAHEcwlOltT2Bs1%2F%2Fg8Qe6P00%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe292ca324be-ZRH

GET
H2 200 link.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
560 B 323ms
45ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/link.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

200dc7bef742f1444cb61f8815c670559515190e8c26b22d2321d97f0b9f772b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 783232
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-7SIfGbMr0v+LWC1mugpE30WyzaY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTeqnoDyh3a4yf3RwH%2FyOiBsehFP7VEo7%2FxOOxBoE%2B6mOkpVhXD9cYvwDRdpx6%2FL6RN%2FDiNfvxCvJfM6tg8tzPW5K7%2FlpByKcCva5BZhflOReH9%2BtzWOk5BS93yb6IZjkDA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe292ca824be-ZRH

GET
H2 200 arrow-right.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 238 B
538 B 316ms
42ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-right.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c47b5a01db671339098d535f5e4ba9b1aea4e8f6a587115f3c5fb1c5f536c026

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 784997
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230112-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"ee-sKiN6U34uU57BENu+Y1GOws6S4A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQpg12BeMmvgMqILRzd1LEojKXHniVhbNSg7dNMiYLQbIqmvnnyasS0WyWJL%2FZUNyTcSM1xYEWXx9%2BVw2p39%2FwOX4EuC1eZIgwHxUBOUFRiWjTc2BZbobTxstZ5rsRGGb8w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe292c9f24be-ZRH

GET
H2 200 link.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
498 B 314ms
51ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/link.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

200dc7bef742f1444cb61f8815c670559515190e8c26b22d2321d97f0b9f772b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 783232
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-7SIfGbMr0v+LWC1mugpE30WyzaY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSZTY%2F4YrMJVoDPTsKW22ymGDDXVHrJJwDU99Hm0Bms1ZbThM9M8eobfMLbTQwp%2BSyahdH1f%2BhGh7ksgLLuvwZZd2uW1giAgvPYUITEUfr1rG47Thx83BpeTev7kzhgBeNk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe292ca424be-ZRH

GET
H2 200 arrow-right.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 238 B
456 B 310ms
47ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-right.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c47b5a01db671339098d535f5e4ba9b1aea4e8f6a587115f3c5fb1c5f536c026

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 784997
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230112-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"ee-sKiN6U34uU57BENu+Y1GOws6S4A"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gb8tzSnH3Kthpxb6JZ2bxQ1u3CjEYqNdZBwPA1uUHYtIl8Bj9SfkzjCRmZfZoNvJSXa5gCmdwFumAa8ADuujrye7Zy9NpAGVwqefJe5qg03EZEU4mhQIAnUNjXC%2B2Z4dR6I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe292ca224be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
548 B 307ms
49ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531654
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSIBx7WTZIT0prvFBjo%2FnwpOLRAVxLsx8em%2B8P1fB%2Fia9AAV0MqXImO49FUK5zQE6nGqsLqNrKHZTQdRoGugPcHm2mmgDMCt%2BSG88dMsw6XghVkMVdVAWpocAwL2njcLk9A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe292ca024be-ZRH

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A1AF 631 B
557 B 33ms
33ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 17 Nov 2023 03:47:31 GMT
via: 1.1 varnish
age: 1459747
x-cache: HIT
content-length: 399
x-request-id: 81d7e174-ccb4-433e-89fd-5efc5328b57d
x-served-by: cache-fra-eddf8230113-FRA
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Fastly
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 532576

POST
H2 200 csp-report
q.stripe.com/ Frame A1AF 0
717 B 695ms
220ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 17 Nov 2023 03:47:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700192851730316
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1700192851729974
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame A1AF 0
716 B 701ms
227ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 17 Nov 2023 03:47:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700192851732071
x-envoy-upstream-service-time: 8
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1700192851729965
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

OPTIONS
H2 200 post_index_feed
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ Frame 0
0 352ms
291ms Preflight
text/html 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=1&latestDate=1700192851187

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-data-source
Access-Control-Request-Method: GET
Origin: https://folkd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 03:47:31 GMT
expires: Tue, 19 Nov 2013 03:47:31 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

GET
H2 200 post_index_feed Show response
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ 31 KB
8 KB 337ms
335ms XHR
application/json 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=1&latestDate=1700192851187

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

f9f2900bcb7d5616b3dd3b7faa526c7157c444d98112eb56a2185dd2f940dfc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Data-Source: live
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
Authorization: Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;
x-query-cache: 1
x-app: hit
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: deny
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: *
expires: Tue, 19 Nov 2013 03:47:31 GMT

GET
H2 200 recaptcha__de_ch.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 468 KB
188 KB 404ms
31ms Script
text/javascript 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de_ch.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

14f58d534c595bf9b24e8f67fbfba7a9213884866ed47888cc10ec5525b41777

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 07:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192023
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 07:57:17 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.18/ 59 KB
20 KB 34ms
34ms Script
application/javascript 13.107.246.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.18/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/hysaayfb9e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:30 GMT
content-encoding: br
last-modified: Thu, 16 Nov 2023 12:21:47 GMT
x-azure-ref-originshield: 0yjNWZQAAAACZNAdgjXNbTp20+Y7VL2lHRlJBMjMxMDUwNDE3MDM3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "0x8DBE69E9A6E7807"
x-azure-ref: 0U+JWZQAAAABiK3/GrEi8QaCZ3oxC9A7sWlJIRURHRTEzMTYANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 90cf2ce0-001e-0069-7b95-181797000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 9E39 930 B
1 KB 89ms
73ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 150
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 17 Nov 2023 03:47:31 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 28
x-content-type-options: nosniff
x-request-id: 55832d6b-070b-48f1-9270-b4ab10822a7a
x-served-by: cache-fra-eddf8230113-FRA
x-timer: S1700192851.258612,VS0,VE0

GET
H/1.1 200
OK xdomain_cookie.html Show response
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame C0D1 3 KB
2 KB 439ms
47ms Document
text/html 185.3.92.76
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by: Host: monu.delivery
URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.3.92.76 London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: nb-185-3-92-76.tc.nodebalancer.linode.com
Software: nginx /
Resource Hash: 2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-origin: *
age: 0
cache-control: max-age=31104000 public
connection: close
content-encoding: gzip
content-type: text/html
date: Fri, 17 Nov 2023 03:47:31 GMT
expires: Mon, 11 Nov 2024 03:47:31 GMT
last-modified: Tue, 25 Aug 2020 07:36:09 GMT
server: nginx
transfer-encoding: chunked
vary: Accept-Encoding
x-cache: HIT
x-goog-generation: 1598340969597109
x-goog-hash: crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3440
x-guploader-uploadid: ABPtcPoWHMTjqfe4WNH0SeMSE6TZhnTGRKmj3WW9YhOy3YqPFL_WRWVcyLO3eIihEJK9UQu_Ww-CHjFBig

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 444ms
46ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7BR5TDFFPC&gtm=45je3b81v9135293448&_p=1700192850453&gcd=11l1l1l1l1&dma=0&cid=1635225448.1700192851&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700192851&sct=1&seg=0&dl=https%3A%2F%2Ffolkd.com%2F&dt=Folkd%20%7C%20Home&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1218
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7BR5TDFFPC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://folkd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/ 402 KB
84 KB 431ms
44ms Script
text/javascript 104.18.43.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Requested by: Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba10a73faf039a64fd927b4e59e13c91a5d60d5225063dfae2501d00da112995

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 17 Nov 2023 00:27:10 GMT
server: cloudflare
x-amz-request-id: JC41VASDAXNQT19R
age: 20
etag: W/"e8a9cc0dc37ce71eda867e5a31f17e02"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 8274fe2afe0d23df-ZRH
alt-svc: h3=":443"; ma=86400
x-amz-id-2: rBeGP/QbrSyAaoz9PGyIRTA247e13y/XvLZWb1GfBpqd2otXdWAEawoMYBZOL4JllEilveWvEfY=

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 101 KB
31 KB 426ms
52ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: monu.delivery
URL: https://monu.delivery/site/5/d/65a9fa-c3bc-4e73-b569-1a8af1e68dc7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c1522e43d0ee0f8e622fd34e86c35758e1725b107762e5cfb5d4dc216395030f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31630
x-xss-protection: 0
server: cafe
etag: 825 / 19678 / m202311090101 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 03:47:31 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 9E39 0
490 B 478ms
221ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 17 Nov 2023 03:47:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700192851730867
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1700192851730268
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 9E39 87 KB
15 KB 36ms
36ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Fri, 17 Nov 2023 03:47:31 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 94
x-cache: HIT
content-length: 15509
x-request-id: cb6e7dce-576a-4818-a8a7-097d00f8e924
x-served-by: cache-fra-eddf8230113-FRA
server: Fastly
x-timer: S1700192851.387548,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 24

POST
H2 200 m Show response
folkd.com/user/ 4 B
846 B 579ms
578ms XHR
text/plain 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/user/m

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

X-Bubble-Fiber-ID: 1700192851457x974253839727803500
X-Bubble-PL: 1700192849192x677
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://folkd.com/
cache-control: no-cache
Referer: https://folkd.com/
X-Requested-With: XMLHttpRequest
x-coalias-route: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzAwMTkyODQ5fQ.g1nWWZG7qIkjL6_9rdlNjgdBd1n8bZIkQ0NOUKZvwzI
X-Bubble-Breaking-Revision: 5

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: Vercel
x-coalias-cache: MISS
x-bubble-perf: {"total":12.3,"percents":{"top":{"bubble_cpu":23.8,"block":48.2,"capacity_rl":0,"other_pause":0,"pre_fiber":7.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":46.2,"fiber_queue":2.8,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":6,"fiber_queue":7,"blocks":6},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":439113}}
x-vercel-id: fra1::kd96n-1700192851475-72b3318a4801
x-powered-by: Express
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RY%2FEzQHMBw0hDUQaQr0M76YqnYgHylaGCmT%2FdWF8KCFv8iZMasD3rfP0ttsxuP1UbJfi1CI3iN1%2BQaBjo0ytXmpA8NBC3N25jlNNoxjdocvW%2Flk2TbTsQxVeAe5SwXDcZNsqllZcvmcuPOz%2BRfuvSthT1aS035hrKldaXtiI44kZ3mJTXA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
x-bubble-capacity-used: 0.007 unit-seconds used
cf-ray: 8274fe29ea91655d-AMS
x-bubble-capacity-limit: 0 ms slower

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
289 B 1120ms
850ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://folkd.com
Date: Fri, 17 Nov 2023 03:47:32 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

POST
H2 200 6 Show response
m.stripe.com/ Frame 9E39 156 B
668 B 676ms
221ms XHR
application/json 54.201.135.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.201.135.255 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-201-135-255.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

659c7af42145807dac44cfac25b1cbcbfd5a05ffe06a76b31200a1bb8bdd3053

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700192852128942
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1700192852128540
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
535 B 89ms
26ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=a32bdd38-457f-4e83-87a9-b0fd5484cba7&a=p.d.l&u=JYM01M&d=%7B%22b%22%3A%22chrome%22%2C%22c%22%3A%22CH%22%2C%22r%22%3A%22ZH%22%2C%22p%22%3A%22%2F%22%7D
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 01:42:22 GMT
age: 698709
x-guploader-uploadid: ABPtcPpCkonmBGjk2dfiQa2Hgo3mEfBmcptQk_6vFkluw7dOFBMkIE8fNVKxW9vwBa_JDINMl-T2rh3GKAzhRv97Ly1w76nqU0GE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Fri, 08 Nov 2024 01:42:22 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 429 KB
135 KB 30ms
30ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 10:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60805
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137535
x-xss-protection: 0
server: cafe
etag: 18342593356503948095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 15 Nov 2024 10:54:06 GMT

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 264 KB
84 KB 37ms
36ms Script
application/javascript 104.18.43.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.43.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:31 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Oct 2023 16:04:16 GMT
server: cloudflare
x-amz-request-id: V56T6WNWVZ98A02D
age: 792749
etag: W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 8274fe2b9ebb23df-ZRH
alt-svc: h3=":443"; ma=86400
x-amz-id-2: g9yZ2ceZ5NsRJ5Fk/EJ1qEJkIKPIU7jlfU671KpXAwP+Idw05wEbM2Slau5BhJPxmqLbrqrVOdU=

GET
H2 200 mmt.gif
imps.monu.delivery/ 37 B
99 B 28ms
27ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=a32bdd38-457f-4e83-87a9-b0fd5484cba7&a=s.d&u=28f81968-7637-4e59-b276-64fe8525c1dc
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 01:42:22 GMT
age: 698709
x-guploader-uploadid: ABPtcPpCkonmBGjk2dfiQa2Hgo3mEfBmcptQk_6vFkluw7dOFBMkIE8fNVKxW9vwBa_JDINMl-T2rh3GKAzhRv97Ly1w76nqU0GE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Fri, 08 Nov 2024 01:42:22 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
776 B 48ms
46ms Script
application/javascript 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 32043
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJ7X7i%2B%2FFu%2F6q%2Bgg7gZwuh8P3pHAocW72OneSqaK245UdFInNIjsJVadgb7R6I3SrzG9hjcRt95MFj9SVjTXa0WyznjB%2FJg%2FvV0AU7P1jzLVLYf0KcMH74cH8YZoxb54YP4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8274fe2c1ee624c0-ZRH

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 155 KB
34 KB 476ms
96ms Script
text/javascript 104.22.53.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

902f47bc9eeb026da8cbcef8c7ec51aaa1f73bf7ca587c8694cceb36ff91a92e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Nov 2023 09:30:02 GMT
server: cloudflare
x-amz-request-id: 1K4S9QM1WKMB6VZD
age: 1084
etag: W/"5cdc7028bae687cbffcc9d7982dd9ad5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8274fe2e8ee60e57-MXP
x-amz-id-2: fhjXCwsEVsMJKslVZflQN7Sx1yjdz14B9j7ccinbOVY/drq3v2zLdC6qBnwym/qZBSmyjYICjuM=

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 129ms
26ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 02:25:20 GMT
content-encoding: gzip
age: 523331
x-guploader-uploadid: ABPtcPqiDS5tBwV0QLZmyML_yzcPEQr3nc6FLNBQrfNVEH6ZBn0MtJkPczDlDTsLPVZ_9cVT-HNMmDk9RmaQll4t4L8-LQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sun, 10 Nov 2024 02:25:20 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 479ms
78ms Script
text/javascript 178.250.1.3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 18 Nov 2023 03:47:32 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 150ms
43ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:38:20 GMT
content-encoding: gzip
via: 1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 72552
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: Kmje0yru8VjbB4OYx4a1rnMrQwSIxwBo_slPPQimatDa_Fg6mZta9Q==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 477ms
67ms Script
text/javascript 18.66.129.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.129.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-129-71.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Thu, 16 Nov 2023 06:17:34 GMT
Via: 1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 77399
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: TeBJW7YtFSQ2Wof3kFz_QgZNTZUk_GHXtxj8qoFd_nEsnAboY_nVwQ==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 163ms
58ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:31 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 7fafbd84fe61029f09c4d3d861255d78
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 141 KB
50 KB 299ms
299ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4226459497899632&correlator=574956757091911&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDW.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700192851832&lmt=1700192851&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1635225448.1700192851&ga_sid=1700192852&ga_hid=958004963&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9K6Q270xSABSAghkEhkKCnB1YmNpZC5vcmcY866Q270xSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGPSukNu9MUgAUgIIZBIUCgVvcGVueBj0rpDbvTFIAFICCGQSGQoKdWlkYXBpLmNvbRj0rpDbvTFIAFICCGQSFwoIcnRiaG91c2UY9K6Q270xSABSAghkEhsKDGlkNS1zeW5jLmNvbRj0rpDbvTFIAFICCGQ.&dlt=1700192849382&idt=988&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse&adks=3006380593&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ed0bc3d7dd78d88761b920160741a1673167933759b1fe4fdaf4f2bb9ab80003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51144
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 41A2 6 KB
3 KB 520ms
43ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 03:47:32 GMT
expires: Sat, 16 Nov 2024 03:47:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 39 KB
14 KB 39ms
38ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48906
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13750
x-xss-protection: 0
server: cafe
etag: 15254217830347453119
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 15 Nov 2024 14:12:25 GMT

OPTIONS
H2 200 post_index_feed
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ Frame 0
0 171ms
170ms Preflight
text/html 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=2&latestDate=1700192851187

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-data-source
Access-Control-Request-Method: GET
Origin: https://folkd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 17 Nov 2023 03:47:32 GMT
expires: Tue, 19 Nov 2013 03:47:32 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

GET
H2 200 post_index_feed Show response
xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/ 35 KB
9 KB 263ms
263ms XHR
application/json 35.193.186.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xeqe-t3lw-i7hv.n7.xano.io/api:uGe_9mSq/post_index_feed?pageNumber=2&latestDate=1700192851187

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@xano/js-sdk/dist/xano.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.193.186.65 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.186.193.35.bc.googleusercontent.com

Software

Resource Hash

b091745c11ed4c226cfd74a0e854f4778a14e03faa6ca569208cbb6a3c149ed8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
X-Data-Source: live
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
Authorization: Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.zl4iyT2FEhZ7t_GtvctvloHg6DaXYVJ5wyHcn0xNZKPmYoq5wLzHtArlDd-1I7pZ6rcajjTMjm_yxA2Le6fHai2Ytw3x5RkU.9c6mnVGI41WO7f4429nOgw.q-7MJ7mvni-ZViGR6vc7vP21iy5LrQEb0vDnuLc6Jg7rtlhy2DGeiH5eXnj-c9tv7SiU56HyBymP1uTq2k9ABS8P0biOl3r0cxT1r4xPTbjJ7MdNOukofnRFopXiGa42lEB9K_PFgLA1KyXMp-_2Ww.syJUo0JCMR2wnkaD_XNmtg0BKkyii5wtQVaYadM1FoY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains;
x-query-cache: 1
x-app: hit
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: deny
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: *
expires: Tue, 19 Nov 2013 03:47:32 GMT

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 32ms
31ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=a32bdd38-457f-4e83-87a9-b0fd5484cba7&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:53:14 GMT
age: 420858
x-guploader-uploadid: ABPtcPpY7imjaJdnkVO6i_GPmBn6c-3SbFw2xaTZmP6AKmYYtgiU0vX7WBCsegBLkONR-PrN1G9PaH6m7PoEZgyzttlU3A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Mon, 11 Nov 2024 06:53:14 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 390ms
390ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4226459497899632&correlator=1000782902824988&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700192852164&lmt=1700192852&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=132&ohw=0&ga_vid=1635225448.1700192851&ga_sid=1700192852&ga_hid=958004963&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9K6Q270xSABSAghkEjsKCnB1YmNpZC5vcmcSJDc5MGNiZjhiLTMzNDQtNGFlNS1iOWIzLWU4ZmU0OGQwMGYxZRihsJDbvTFIABIdCg5lc3AuY3JpdGVvLmNvbRj0rpDbvTFIAFICCGQSFwoIcnRiaG91c2UY9K6Q270xSABSAghkEhQKBW9wZW54GPSukNu9MUgAUgIIZBIZCgp1aWRhcGkuY29tGPSukNu9MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y9K6Q270xSABSAghk&dlt=1700192849382&idt=988&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D3_ZH_chrome%26browser_hour_refresh%3Dchrome_3_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=1010671418&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

f03302eb2e39ce0d26c41751d41a7ca791f13cf2ef74205ad4632450d099cdf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23414
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 24ms
23ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=a32bdd38-457f-4e83-87a9-b0fd5484cba7&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.2
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:53:14 GMT
age: 420858
x-guploader-uploadid: ABPtcPpY7imjaJdnkVO6i_GPmBn6c-3SbFw2xaTZmP6AKmYYtgiU0vX7WBCsegBLkONR-PrN1G9PaH6m7PoEZgyzttlU3A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Mon, 11 Nov 2024 06:53:14 GMT

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 24ms
24ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=a32bdd38-457f-4e83-87a9-b0fd5484cba7&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.3
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:53:14 GMT
age: 420858
x-guploader-uploadid: ABPtcPpY7imjaJdnkVO6i_GPmBn6c-3SbFw2xaTZmP6AKmYYtgiU0vX7WBCsegBLkONR-PrN1G9PaH6m7PoEZgyzttlU3A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Mon, 11 Nov 2024 06:53:14 GMT

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 24ms
24ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=a32bdd38-457f-4e83-87a9-b0fd5484cba7&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.4
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:53:14 GMT
age: 420858
x-guploader-uploadid: ABPtcPpY7imjaJdnkVO6i_GPmBn6c-3SbFw2xaTZmP6AKmYYtgiU0vX7WBCsegBLkONR-PrN1G9PaH6m7PoEZgyzttlU3A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Mon, 11 Nov 2024 06:53:14 GMT

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 25ms
25ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=a32bdd38-457f-4e83-87a9-b0fd5484cba7&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.5
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:53:14 GMT
age: 420858
x-guploader-uploadid: ABPtcPpY7imjaJdnkVO6i_GPmBn6c-3SbFw2xaTZmP6AKmYYtgiU0vX7WBCsegBLkONR-PrN1G9PaH6m7PoEZgyzttlU3A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Mon, 11 Nov 2024 06:53:14 GMT

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 25ms
25ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=a32bdd38-457f-4e83-87a9-b0fd5484cba7&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.6
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:53:14 GMT
age: 420858
x-guploader-uploadid: ABPtcPpY7imjaJdnkVO6i_GPmBn6c-3SbFw2xaTZmP6AKmYYtgiU0vX7WBCsegBLkONR-PrN1G9PaH6m7PoEZgyzttlU3A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Mon, 11 Nov 2024 06:53:14 GMT

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 25ms
25ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=a32bdd38-457f-4e83-87a9-b0fd5484cba7&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.7
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:53:14 GMT
age: 420858
x-guploader-uploadid: ABPtcPpY7imjaJdnkVO6i_GPmBn6c-3SbFw2xaTZmP6AKmYYtgiU0vX7WBCsegBLkONR-PrN1G9PaH6m7PoEZgyzttlU3A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Mon, 11 Nov 2024 06:53:14 GMT

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 25ms
25ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=a32bdd38-457f-4e83-87a9-b0fd5484cba7&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.8
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:53:14 GMT
age: 420858
x-guploader-uploadid: ABPtcPpY7imjaJdnkVO6i_GPmBn6c-3SbFw2xaTZmP6AKmYYtgiU0vX7WBCsegBLkONR-PrN1G9PaH6m7PoEZgyzttlU3A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Mon, 11 Nov 2024 06:53:14 GMT

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 26ms
26ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=a32bdd38-457f-4e83-87a9-b0fd5484cba7&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.9
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:53:14 GMT
age: 420858
x-guploader-uploadid: ABPtcPpY7imjaJdnkVO6i_GPmBn6c-3SbFw2xaTZmP6AKmYYtgiU0vX7WBCsegBLkONR-PrN1G9PaH6m7PoEZgyzttlU3A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Mon, 11 Nov 2024 06:53:14 GMT

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 26ms
26ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=a32bdd38-457f-4e83-87a9-b0fd5484cba7&a=s.d&u=5327c943-1992-4d6a-a6d8-9b7622d89dab.10
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:53:14 GMT
age: 420858
x-guploader-uploadid: ABPtcPpY7imjaJdnkVO6i_GPmBn6c-3SbFw2xaTZmP6AKmYYtgiU0vX7WBCsegBLkONR-PrN1G9PaH6m7PoEZgyzttlU3A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Mon, 11 Nov 2024 06:53:14 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2
fonts.gstatic.com/s/inter/v13/ 78 KB
78 KB 33ms
32ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

a2bfd9fe607d28fd07b05046e622818b8b5b94a358d53853a0d3f03e597cdc71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:33:07 GMT
x-content-type-options: nosniff
age: 108865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79940
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:22:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 21:33:07 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2pL7SUc.woff2
fonts.gstatic.com/s/inter/v13/ 10 KB
10 KB 34ms
33ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2pL7SUc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

15df7612b2f445f4d18846aed403d0ca0947b3f8dead95d4b167621f5faaba57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 22:33:32 GMT
x-content-type-options: nosniff
age: 18840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10540
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:48:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 22:33:32 GMT

GET
H2 200 L0x-DF02iFML4hGCyMqrbS10ig.woff2
fonts.gstatic.com/s/urbanist/v15/ 16 KB
16 KB 41ms
41ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/urbanist/v15/L0x-DF02iFML4hGCyMqrbS10ig.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

9ac86f9bf7cddd7963a2df2dfd00d5bae17aff357eeee30a091c3160d86f4202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:33:17 GMT
x-content-type-options: nosniff
age: 108855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16284
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:09:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 21:33:17 GMT

GET
H2

200

logo%20gtt%20-%20400x400.png
storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/qey3VsRgsd2YHJiuCwsn432e7-E/x-H4zg../
Redirect Chain

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/qey3VsRgsd2YHJiuCwsn432e7-E/x-H4zg../logo+gtt+-+400x400.png
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/qey3VsRgsd2YHJiuCwsn432e7-E/x-H4zg../logo%20gtt%20-%20400x400.png

26 KB
26 KB

1202ms
816ms

Image
image/png

172.217.18.123
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/qey3VsRgsd2YHJiuCwsn432e7-E/x-H4zg../logo%20gtt%20-%20400x400.png
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Server: 172.217.18.123 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f123.1e100.net
Software: UploadServer /
Resource Hash: 7e22c77ea79cac11d9f561675afc18cda3a563013bb51eb9b887f8dc2f1bc657

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:34 GMT
x-guploader-uploadid: ABPtcPoeHrNNRZ1IVKUYXEC83r71C2JyB2za2FeB9TExkTe1ZBhYiW9T34wd042sQacjfI6FWv0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26276
last-modified: Tue, 31 Oct 2023 23:20:28 GMT
server: UploadServer
etag: "e730ab7336d58e5d41d6dabaa6f054e2"
x-goog-generation: 1698794428768263
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=SbYQwA==, md5=5zCrczbVjl1B1tq6pvBU4g==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 26276
accept-ranges: bytes
expires: Fri, 17 Nov 2023 04:47:34 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
access-control-allow-methods: GET, OPTIONS
content-type: text/html; charset=UTF-8
location: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/qey3VsRgsd2YHJiuCwsn432e7-E/x-H4zg../logo%20gtt%20-%20400x400.png
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Cache-Control, Content-Type, Content-Length, Authorization, Accept, Accept-Encoding, User-Agent, X-Requested-With
x-xss-protection: 1; mode=block
expires: Sat, 18 Nov 2023 03:47:33 GMT

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
809 B 33ms
33ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1374615
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GKv5b29VBxgEh7LN7qXZXFz0AfNs1DAjZb1wDvo6T76pEG4Ce0d2zLAD3WL%2F1gVhGCHJaHYUBIQ952ya7hCkNrYB6y%2FGURV8anZ5ISnn8MeavoOIlp8%2FJDNlqAh%2FdTVhOEM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe328ace24be-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
707 B 33ms
33ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 784996
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nPigj4DQTH9Lk8Onyifh43%2Bc0ZqQVwS3LrxYJHTr2wnZ3H77LslpHsmz4YlzDyBQX0atpgupdQtrOjNmB%2FW6TuwpciKYKbjeGI6xhn2IpwA81fwiyl0Dg3OrQaZ4W1Z8M3g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe328ad724be-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
601 B 37ms
37ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1304365
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eu%2F4HF3msMsvwLIwRktifYacWtmOuYKLIm9SHG61hRUrL3Q3psjMsfOXhMIr3m7wA6Tr%2BEfcHvLzSm7e%2FMAD40PlCGCPR%2Bj%2FVXJQvKfpz2MO0Py9lft2%2FerPJYKWUxc22Ig%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe329ae124be-ZRH

GET
H2

200

ruouvncom.png
storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/I0dZhgwrNZG8enHLv9gyh72ihE0/KmTSeA../
Redirect Chain

https://xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/I0dZhgwrNZG8enHLv9gyh72ihE0/KmTSeA../ruouvncom.png
https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/I0dZhgwrNZG8enHLv9gyh72ihE0/KmTSeA../ruouvncom.png

93 KB
94 KB

427ms
42ms

Image
image/png

172.217.18.123
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/I0dZhgwrNZG8enHLv9gyh72ihE0/KmTSeA../ruouvncom.png
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Server: 172.217.18.123 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f123.1e100.net
Software: UploadServer /
Resource Hash: fefecdb2eea635721f84d884e178b820fa48f145dae48b515185fb1a0c5aa239

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:49:32 GMT
age: 3481
x-guploader-uploadid: ABPtcPpkiugb7XGSbiIzBa1IAxQ4m5y9PEYASrZOAa2NDfDRGewY99bRg4Juacyo-DnUnkSHM2U
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95472
last-modified: Sat, 11 Nov 2023 02:23:52 GMT
server: UploadServer
etag: "1484998c1e0bd0893eb2b0a15bda0d4e"
x-goog-generation: 1699669432152853
x-goog-hash: crc32c=aXbXQA==, md5=FISZjB4L0Ik+srChW9oNTg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 95472
accept-ranges: bytes
content-type: image/png
expires: Fri, 17 Nov 2023 03:49:32 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-frame-options: deny
access-control-allow-methods: GET, OPTIONS
content-type: text/html; charset=UTF-8
location: https://storage.googleapis.com/xeqe-t3lw-i7hv.n7.xano.io/vault/maTYhyTw/I0dZhgwrNZG8enHLv9gyh72ihE0/KmTSeA../ruouvncom.png
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Cache-Control, Content-Type, Content-Length, Authorization, Accept, Accept-Encoding, User-Agent, X-Requested-With
x-xss-protection: 1; mode=block
expires: Sat, 18 Nov 2023 03:47:33 GMT

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
554 B 30ms
29ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1374615
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oSq3kVMaGW8DEUbSAWrzk1s7cnB7BtsOsXZ14NjM%2FOVummkbtZ0Ucloizfc6CvMHALkEYwOXbYcn%2BroIHv6dwOyJYKSAnJb1rNvwELShnjoMDOkV7xR9E%2Bd0Ku744NS6yk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe329afa24be-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
518 B 38ms
38ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 784996
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2VUco7fhJEih0HnQ8RdEiResF82qOXJjNgmyxxnoSgvOkDqg0TIgulh1c60iNW61ppGcUmEZWNcG9R6%2BR2akOcsh%2BCF1nKphgovswNzyS4SoAMhOug5J692RQ7yuHCciPk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe32ab1424be-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
507 B 37ms
36ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1304365
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVsU9fybl5IqUMEz0SIxeB4Mt5UM0SPTYe41chQ4eUHCn6xoALXXvGH1KLDCU6PrUGuNqAJzBe1rk1GFKd1y2dvLnVpZmJIE3ANUEysYoHtuPIbkhFWVdN2M5bio7sCrtwQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe32ab1524be-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
530 B 41ms
41ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1374615
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2F%2FHZsgJeTftBWKdcS2nat8cApe1l84eEjsxvapxblNDG9lDfl%2FYlGC9N%2BiOie8QM6fU7vHfvZfz7tFafws9Pq%2BL9%2Fx2ZkA8wf8rPmhnwra1duriMasxQe2PZLsbZe3VoAs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe32bb3124be-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
523 B 48ms
48ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 784996
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUgZWq6IKEYq%2BHtFdjBo6yo45LkZWhOj3Sj9PvtUpYTSd4jhUoLlXoygrjn9nMj1K1dPNq44ax25qpsDmGrXX3wsInGeARz%2Fw3EvfFTtATlXQBLufyyEXZ3xlyg%2BQjQkmik%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe32bb3424be-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
751 B 38ms
38ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1304365
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSmT2XNXGuWPlPmsE9ii4gAN1APksNHEOsI2WcV5ZRzPu4ZX5cvDwmQp2sqIZKyUAz6Hi5az2WPng3AMwYXqjk6x2pXZQ1vNfY48cynE6Qu2YiSAh6QtXTDKhV6mNbDe9yk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe32bb3624be-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
685 B 42ms
42ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1374615
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5b6a83D6p%2Bk2FJSz%2FtIS4SqkqynmyyJ92eiKtrDRulKm3QAt5nGqzdfKBFpO%2FxsfguF4w%2BoBgFBg6kC1F4aCBfH7MT2FeCQ%2BrVCqhnXa5mDf04lncWXdfx5LlQsTxPdS%2BnA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe32db7c24be-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
599 B 42ms
42ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 784996
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxLtWPxhFJAMGN7Mi7ZjoCRsbm%2BuHfpXqAcf1kmHtmqfY1EyBMxbPa89aAnUqVD7cgCKJM5AZijt%2FzWFLrM44m5oRRNbqB7Yq4qjH6BxtjjntcTvoucxJ5aFtxKeRRa4h0A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe32db7f24be-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
582 B 48ms
48ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1304365
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3THTQA15xedJErHUPdjPRfvNUnEMRhemwPyD0Gtw1bmEX1ylOxQwjXlhIYKY5YgBKlcUEkQHiJjMeg3Z9nrvjmYg2LdKBU1wqcI7nPR3skYZ2ejG4LSwC%2Fk3KDzMDMPWyY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe32db8324be-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
556 B 38ms
38ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1374615
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1ORH6P7xlo74IHhDKmxnrz8Z%2BkLwuaiBKm2rglqKYhayY9I16f0QM%2Bl7nf1z9poqlMgRpdJxH9CO3euv%2Fy98t%2FBJQoEx%2FgELOHKZhiKl5sr8UNH2K4zE0wOwt3CYrWDGHo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe32eb8924be-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
527 B 43ms
42ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 784996
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sU0%2F6KmVTtHbo9m2uM%2BNkNSulvYMRcXXlzIS9rIQb7HSBmIw5szivIkJxiEjTqZ7SGLAoNeuNMhmfovls1tak9rHkZMOfOHqiO%2BMBkIPjYW%2Frwiw%2FNylqfi%2BSdx0OMn5iZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe32eb8e24be-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
515 B 46ms
44ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1304365
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPX4Y4MKi2nTr5ETPjh0z3m6ZsSj%2BFnlBy150%2B4LNfxZoz8Hm%2BU0v1hPusJcdLLxZORWoUP%2BTLx1p92c%2Fm1qlchmsNhGSCcWFFhMQ0V9BLqHQ%2FU0QtcrufGX1oRDuKwYwxI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe32eb9124be-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
770 B 34ms
33ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1374615
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gDLigMOL091KqaLDBSwJgY77iZEnNCjxAVWOlr%2FDv9bpVkdXvwiz0Or%2FAddRK7GajHcW3OGTm9E4zRTGnjE%2Bgtnxoe8MtpZQnKwUg80k6J6fRliZpuV7vJmD21Q2smyKslk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe32eb9f24be-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
520 B 37ms
37ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 784996
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tfXHhR27Ak3gDRAwx%2F1ALYgJc12i0mUhE2RsKaxik%2Fa74MZA3bYxyeFYJuLlRgYSE1aYQFKaYuLiHz6lAXoFJ5TEeCBPcF5ZAVSrXENqTHQ0PPXtDtzcmWSQLlQmKrcsFQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe32fbb424be-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
521 B 37ms
36ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1304365
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nnL8pkktV0s3vWw%2BaseFoRPjYyooa3gfWlPikQyOWXeT4Lv%2FQRJyclkzqRv9hMew6YQnNmRXJr1bSWIaqxscAt%2Bdj8DbvQwBwcSnjA8uWmUxFxYd5pOASZN2JmughnfINGU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe32fbb924be-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
680 B 29ms
28ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1374615
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=duLrmvLU4d6IxEysKXIwWaANxwN9U4wU5wYQZDEYNoQ8N3tiJu9KBxh4OZunn8IflNbwJgw426Cls3cKx2wUfI3bMYCsYLm83WMaBUmcUlwNinF1PyLU0X%2B3URUI7gTkMWI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe32fbba24be-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
592 B 28ms
28ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 784996
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hnPvdGCViRTK8uPkX%2F%2BS7Q6sdAysAthBjAUYVSDNq0RclYLIjvKCew33aJc1gn5ZJhjN2UGUqNmEc18%2BZsJycEA4vzPFzGqf8hDejKzRPtFDtktz0xCakgrHEensmZYciU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe330bc124be-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
584 B 32ms
32ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1304365
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2Fnk4TWF0MyWfeGhzZa2aakOHdJVEzQnMULgs%2BRQa6UajTAu%2BZOt9rjdBFHpYQOUt82jhM3v3d26Bd2CBwKz2Tco1k4vvbRowJk9M6JanAZfd8Af1%2Frl6IgeiL9Io45%2FSxs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe330bd524be-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
558 B 34ms
34ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1374615
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4bwhXhGk9x8jEd%2BBwgkInKypSLuVdl1PgKKsjzu0fRX7JxgQSk%2FQBAV3KKql9C%2BGOvqtNsG028DwtJF8gmaKSdO6kTfu%2FOdnwms2REI0bXu25rp%2FJhl4u2RCQubyS%2F7Y5Gw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe331be624be-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
764 B 34ms
34ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 784996
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUetxQsLWWIpW%2BN3eJURSggc2e0llrIYHUryW9Yx7Qkg3MIZ%2FtT7Oty776q7eH%2B0jcwTmriq58Y3hGYxNq66uavfn3eaiT%2BQuIGxwrXmuq12Q6pAP8cK7HTOahb43bhOGSU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe331c0b24be-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
627 B 45ms
44ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1304365
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yov0D0%2FG4Mo30wVQVOOZf6XgZ4ZIbZwtktpbnX%2BaOhEpx7GTbnsQFKpqZst8bB1Nrna37gcvU3BwMvRtLB2leVIaub0NZbEghhI6IxJw8dPh1HBJucwVnox88BWvQ33xkX8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe331c0e24be-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
528 B 32ms
32ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1374615
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ls1VZKpUeg18c8HoR0ojXfty6Z5piSprxGPYdWHm36YI70mtkCGhHCHrdxStXs0rYzBHr7qOERKCrBoboUif2%2FXYk5jrZ8NAf%2Bk%2BXBWy4gNfwNJ1e2CQrsxuJPYmZgsivy8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe332c2924be-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
521 B 33ms
33ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 784996
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WlIRoC8g%2FnABQPXRXpucaby1zeKYUqpVQ0%2B6TX2Eimw3JsLMFcooJ3DK0Hdw3cvmxpaPToB0mmnij1NbFqJs6NQrIVp2KCePP5yFi4G2NXjLGa6UdKZ2d%2Bqb%2BaBb175paDc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe332c2d24be-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
524 B 29ms
29ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1304365
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8IXhe%2BhP%2Bk1F8xGxyrTLPrTTm8i4Bh2fYxcl6xOrNIvB7%2B64PRNmw37wIJTVKI44kPD1DnFVftRGF9k0CIlc%2FYqQ1LMtYwTYVHx61%2B%2FPo2D0ocoPmK2NhNQjovXN01t1eo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe333c3124be-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
587 B 34ms
34ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1374616
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kmv%2BicTDnBZaI7KOgJrfeLsxi%2Be3Jw3NxtNdywn26kDoYHFB3f82fU7Rq1zmoPjE3GfnqGUlGcVuVKB6t5YtwHOSOoFDj3IhVcdrgaZq3d7gQiVjrCdQQlkIXnvOKblFduE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe334c4a24be-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
593 B 40ms
40ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 784997
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OU9kwIguw46l7og8FPMYtOAY7p36Z2qdP6%2FgPvswXjE61hDJUnMLGsR1YszjD6xwVhQQkKtEfxmgYVnD1SBp9PJhm5Tcjp3kr2vLwRGxMGRKDUWSKMEj%2BCxWKHrVv3n0HkM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe335c5c24be-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
589 B 46ms
45ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1304366
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hG7Q95iLA%2BJKewr6ka%2F%2BNANwqIW7WjTfYwWBAsZd5ZCzH%2FZra6r5vuyoi1CEA6I3llMKhDOB2sCyRf8lvJ38b2q4IGxTiSPBhqwW0CQNB3pCd8Ivjm%2F%2FEQb%2BLew1skJ0JMA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe335c5e24be-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
775 B 31ms
30ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1374616
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BkAHvBdP9GsyD73RYYdMkFaOsrXLfvBND7msuTPWe4Qijae%2B4k48tO4onkF9WGz2ufD5aFchXWmC%2FWyhF4alWU6pAZVNM2YDNeJNcB7LdKfjjFeqWlSF%2BttuVhHRvHOisw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe338c9924be-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
522 B 31ms
31ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 784997
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o68GiDRgMqNGz2gKtxe%2B8qXHpv1epcG7MOsOmP45J7TuLKgM3pmTj%2FaoMd4LbP%2Bm8qberqBozzqLvMM9NcYb5004Nrs4WUon9k%2Bb6poN2Y7DKkvbQhaq8%2FaNZK7a2Fia8oI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe338c9a24be-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
630 B 40ms
39ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1304366
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJSQTVng7ics2Wp%2Fd0Xyjok6wik5TkMSES2MwaVvo1zwMD%2Bo9nEYkH2XwQjd4T1LBohtp7Hq1aoWPFhxME4m%2F3fIPile4p29kSY7upkkc%2B95zon5tbwIpn%2FsXhFbZtSuyxo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe339cb224be-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
534 B 36ms
36ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1374616
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JPJ%2BoWeGjH6kf83NNW9X1EV6GQDzX28daR9IguV030y%2FK%2FnqFBrmzRycT2ufywSgRoRZ8vVHR%2FTIm806%2Fcm3%2F1CT7tDYVTpQCHLDGBxTYoxibIX83XJ2LjoikKUxQbyv1MY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe33acd424be-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
523 B 42ms
41ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 784997
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JruU4rEH9iXz2wD%2Bq4%2Fi1eoEVbXIzIlV1viIY6MelIWo0F1j2eoDD3kmdjvSceU3Hh%2BkwNAjmkWkmMThagFYfi7SHW4G0eG%2F%2BQxREJAIj8MtqJ9oku4lIruiti8snLuKWmg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe33acd924be-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
546 B 37ms
37ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1304366
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DqY%2FO9j7B5l%2B2RD61XJ5Fm1Y6vohQATAbgC6ANDd33zEboEGqJXbjWICrZGZSxo1fCpfe5kaA0WZa9T9Zb45rez78MFFKvI%2F9kjG47x6lCwvTJjsV8n5G2gxI%2Ffgg6gEO4g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe33acda24be-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
575 B 35ms
35ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1374616
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgKkMVB4yX1RwxzGhAWhgX%2BXNrPfSpxBB%2BUQDpLFGvzYK5tyFvlccK1AeFobQnivMO%2BwR%2FUpYSAZCGyYrSlI%2Fv%2BsZWZum0SjUxqrzkyoNe7Rf9X%2FgCNqXV9UGrVK%2FuThqu0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe33bcf324be-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
812 B 41ms
40ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 784997
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8kh87pt8204S32n%2BNGuniYtOEzcUaSjtsVZdX6C9WrGmbjvAfcJtEaJ4TD8WJIpazCzP6j2edRBNVqtAm80OScZ3GP6syeJhK5YCODQ3rFskV%2FvIiXFrCZ3CAX3L%2BkXFKU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe33bcf524be-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
589 B 35ms
35ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1304366
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMCZyNfVABzsiWM6ycHqymi54Scw8ggz6NgxxKhI%2BBgrlB5j3%2BRWpDG1mRyDuDMSNrzSzjKz09KQDVNS%2BhM7qvOqWzxCSY22hsEe%2B3YW00T%2BDTmflRGNp%2FzcOgYaRCmXSyg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe33bcf624be-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
676 B 33ms
32ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1374616
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RLoICaHg9SixYZYm%2BkvYGiMd%2FMq1iCTQ8Ipm7v%2FPmYt6ksMYe0Q%2FHVGdf6eUZVrwE9KrgfPj9dc7YB6ACvNBkbAN8lkLaS6s6FUH9nKpNT6%2FptVsE3oO9%2BSOEmAZMqQQMKU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe33cd1a24be-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
554 B 34ms
34ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 784997
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qK%2F2JJgrNHeUFty5%2FaAfCw8RdD3E7MT5EOedBNfGSlYN1eAfyN39qiquVgiR%2BMSUo5MCqSrqs4w1nFg8PDNNjEmgcOsttjzBUVbyiB6ebCExkpAaKMV2gOElIRRvEa8MQOs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe33cd1d24be-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
516 B 31ms
30ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1304366
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wbabj0GvQ75M5j4rIaOyeNMnrOmJxvt35%2FsVswRaweO%2FVAeJeS3zB%2BlNmxWnPR66FJ6R1k50yesNAcwws%2BUlL7fBG8bJQwcsX2sZU3bDTXRNpjwzX%2BCFw%2FU5F1CJzPCT9h0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe33cd2024be-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
565 B 47ms
46ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1374616
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5eDsZZ8ZBcjyCkg8iIhaCv8rgkRjUCGFiMzby9ar2WtQEGqxDlDBV8%2BMwezU%2BC6t4wlDl4kpyzQcShD4itiMRdmteyPFo1re6BmvhIdSFXUtyPDmNEv1X%2B68gKVZ69NERU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe33dd4524be-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
518 B 30ms
30ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 784997
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAd3QAV5r5RivkGdrDzYrHF1eOnltWhmRSfLaAPSrqz4opGMIpFcocMifz%2FWHPK4qwQzTEpjRfmQJpEGmEW2toCBrztb8jQyCDHioEouFJ7nXkyYKfqsii2ydQCq78bIArw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe33dd4824be-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
507 B 33ms
33ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1304366
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecbq0gC%2FhHEV5vDGxrFhPamxjLuVoSm526YsCrJ2432QkTq9bFH9LQxj3lnAdNE2tACUEJc8zO4igBBnQOhvzef3XfD7nbRM0ScY5COOMsi2jiawCOc1h0PpSSPQcin99LU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe33dd4924be-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
531 B 35ms
35ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1374616
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIZKT2M1sSvzDLA7HZqGeB9pzlgnDOjJ96PxCe4UTnU3knyFmRn6UEn0VujKcQYONpc1WFUeUHeYO1VM0qFAP2JhDIZsrnCn%2FdRFr%2B%2FvWb9nVFZKdpIgciyvX3PwPAUlgUE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe33fd6124be-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
811 B 39ms
39ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 784997
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4YZzXv6yaPRrn21YT5GeaDGbcpT4aoSAtUxubl%2F05XvK2LboP5i3HTim9n2IxxSR1GGRvaCgwlJ0rqJzSBYJdNAOQNw5cv0UxqyQX69v0NPAes90u25%2FMHdWL%2Bp6wjrcj8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe340d7c24be-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
585 B 40ms
40ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1304366
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGppKbQCU4RsEfrf9osL9c9kx3MgVMlv%2BLHm7B2Pci%2FjwWFoIIGwP%2ByYsnGUncNobmpNdT2pM81O8xI5ImB32H%2BshqRKxZP3kprudiOGCAOIntdIS%2BkxALrCITCSkANCaQg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe340d7d24be-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
667 B 31ms
31ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1374616
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JdsrSipWNtuPUJQOCSnGD90F69r8t5riFL4fy5JLgWE7ncbqNJOoD9iPKxgLKVIUP32eoBiNHbAesA9vzSPf42m%2BwMuK1g6iBMS5bq4oby6C6IXvFwjdr7qrbdq4BdREDZA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe340d8924be-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
551 B 39ms
37ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 784997
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsuG5ZmQISlZJr7omdiu5UrySOwiAIwCvoUBrCQq0rtlSfEDz6eBsYE66gFdH2kNRARXOA5opATMMP1G5Mm5BPcfhvsha6wd%2FFQDdG67Yzn6EVC0IhfboHm5U6OjXm2hnpk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe341da024be-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
510 B 38ms
38ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1304366
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40T6%2FahFTeA%2FOgsQgVM2N0hxiS4vT2LbN7JC8NQsjv0Jo9DeDjYQyUeDvIgUtWqjFVBiTF9LqvEUafusMwqzkkCP5K4YWUD08yRCoNuP1Qc39v3RHprdBroO23JDhpQLhd0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe341da224be-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
564 B 39ms
39ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1374616
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjY97m2NjXAifM7sBuk%2FAo8gS5RKhWxzV4uc0TZeEpMClHU4E%2FAQknN7AjjlnMCMzyVjfopM1uu7ylxezWvaO7OMx3Iv7IMpQSZXeQDbU4pMxQoCBNPw00W1vOD8KFGNnl0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe342dba24be-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
816 B 41ms
41ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 784997
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9jXeSKVWSMkpM2qe0EKkEcJEdFJt1YHHFNGCIxwtVKqNNPLSGS2UJJlYlVo4Iliz6b1Ug3wk8gAPaWsI%2FZtt%2Bq9BSODGadybRY%2FpPh6bCvKLSt%2F%2BIZ2CbHSFigk40RFNRs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe342dbb24be-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
511 B 36ms
36ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1304366
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qKQTQSm8ddUaLVW84QcDHOWvxL28Yw2TO8B08kzU1bDErrJVQacdMxz6zLft%2FcrXN8q61SMYMYUCh9xbMGnP4Rtkg4fOp%2Fqj7ikiuB8URkmyw6SzDAazyVrOogvDQzbAJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe342dbe24be-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
526 B 35ms
35ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1374616
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZNpzRYFfZSa1uSv5eQkrHP8qsO0YcOi4CpAv7nJK6sTLhTDAe8pi3wOoHvIKVXdMVi0%2FYMAkjZmHDvq8EaCkVEVnvUfEn9fMvpspWH5L4gk8oE306bzrPGdRAvU5QKxrhk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe343dd124be-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
522 B 33ms
33ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 784997
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWC5XDrtGExhW4aQRULTN4VOoPMgIl9e2JCEyF5wnpXUjituwzr%2FtjtfpCjF0G6ZsxCkUD%2BTjZkdRlKDmiD1QdKVpfUWOowjKvSJPRb863%2Fe1zE5ru5oi6mX9CLL8DeM5Uc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe343dd324be-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
699 B 34ms
34ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1304366
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1HpxAvqFHGwRtNfyZ20jqL6i0Zy6kSTIB4ZADYe9zV91XzXl6Ntq6S%2B82A5BGBNtrr%2FRLYq9RGzqy9wDi8zKsiQmP0tLk3dStRh5bkOElSVBKlE4GHaJJpdt0PQZyKxuClI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe343dd724be-ZRH

GET
H2 200 heart.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 359 B
594 B 31ms
29ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/heart.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1374616
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230067-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"167-XUSVggk82C0V0HtWPg0AK9lCRUs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2KK3GqkilUK3w6hoHW%2BFk%2FsJfJmVUb8tH3%2BnUkDU4Z%2F37sIS79hXG0jYF6bfpWqPOF%2Bm%2Fk5nNywPQYgtv%2F%2BT4NexbjFwxNGXXJGvU8qSZp%2B1FGAJ6nYS3okf%2F7D1ja1DxNw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe344df324be-ZRH

GET
H2 200 arrow-path.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 365 B
531 B 30ms
30ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/arrow-path.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 784997
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230032-FRA, cache-mxp6925-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"16d-5gjrKYFCN4qpOVve52leQzYAEyY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EZWQTvNP3SYHT0HIcOfVevb5KKkb7iZziFIbxI0Ocna7mfKTM258HXSH3NRw2vK8T%2B2xJsmISw7OhrQWegf9SiADwCyD5V0mizEpvahsR%2BeJnJ4pk%2B6OjqzWvf3N51P9YYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe344df724be-ZRH

GET
H2 200 bookmark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 330 B
509 B 33ms
32ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/bookmark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1304366
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-mxp6978-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"14a-/VPkmS8SX9IReuItjq/7vLbJjQs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwzS6Z%2BsliedKKwUMRD8ycRYdTf0tTJge2xfasKGIHEOwCY9E5dQFt5zJRSqVXMDesZmLpJmH7SEp2cxV0Y0tHDio6EW8zJOVWJTWPljPxuB49aLR5ePCh9jsmlVCE07GVk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe344df824be-ZRH

GET
H/1.1 200
OK tap-de-6.jpg
gotrangtri.vn/wp-content/uploads/2023/08/ 84 KB
84 KB 1352ms
342ms Image
image/jpeg 202.92.7.98
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gotrangtri.vn/wp-content/uploads/2023/08/tap-de-6.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 202.92.7.98 Hai Duong, Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: Apache /
Resource Hash: 0fe4cc41be62b03243ecc3a8d5ea6567dc5ebfad1500e6b753d2b4e513e748c1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 17 Nov 2023 03:47:34 GMT
Last-Modified: Mon, 21 Aug 2023 01:49:58 GMT
Server: Apache
Vary: User-Agent,Accept
Content-Type: image/jpeg
Cache-Control: max-age=180
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 86031
Expires: Fri, 17 Nov 2023 03:50:34 GMT

GET
H2 200 vang-nauna-schola-sarmenti.jpg
ruouvn.com/wp-content/uploads/2022/08/ 44 KB
45 KB 1287ms
641ms Image
image/jpeg 45.252.248.51
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ruouvn.com/wp-content/uploads/2022/08/vang-nauna-schola-sarmenti.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.252.248.51 Binh Duong, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 08862b24f27ecd5e33a8a710ffdf0b168e316878e4088ca41977a1e74bb6c8d1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:34 GMT
last-modified: Mon, 22 Aug 2022 08:33:23 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=10368000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 45324
expires: Sat, 16 Mar 2024 03:47:34 GMT

GET
H2 200 Huong-dan-chi-tiet-cach-nap-tien-vao-game-Oz6868-cho-newbie.png
oze6868x.com/wp-content/uploads/2023/10/ 317 KB
318 KB 455ms
47ms Image
image/png 104.21.79.59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oze6868x.com/wp-content/uploads/2023/10/Huong-dan-chi-tiet-cach-nap-tien-vao-game-Oz6868-cho-newbie.png
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.79.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e896ec3eedab353460068dd1fdb40cc8273f523144051c914662d9bbf8cedb49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2918
alt-svc: h3=":443"; ma=86400
content-length: 324219
last-modified: Sat, 14 Oct 2023 03:19:04 GMT
server: cloudflare
etag: "4f27b-652a08a8-3aa193c;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3GUtavozBNs5j%2FCSADeiSbF9h7sLn3PkFEQzs%2BLO2Sl1lG3VMFdV9j121m%2F6xJjLCYsl7iHuVuQXLo7DAouLWgqEbRHENLE1NGCCpKvHOYtY1PXANgi7GbpH402qVsM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8274fe36fe430a51-AMS
expires: Fri, 24 Nov 2023 02:58:55 GMT

GET
H2 200 Norwegian-Viva-scaled.jpg
cruisepassenger.com.au/wp-content/uploads/2023/08/ 214 KB
215 KB 448ms
58ms Image
image/webp 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cruisepassenger.com.au/wp-content/uploads/2023/08/Norwegian-Viva-scaled.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d51d83a7d8fd1fbaf21327e8691f32936368b7794f53f67ff1a123115d0ca9c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28869
alt-svc: h3=":443"; ma=86400
content-length: 219270
last-modified: Thu, 31 Aug 2023 05:27:58 GMT
server: cloudflare
etag: "64f024de-35886"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZI2%2BQ93eMox1DGRLVDfNCPGST8v6yhKrW%2BLGi31y%2FSdiKXyxaQupxTG8PJWrHYCCtVtojGGNoXI82v6mWSc7yQUAsNjUkwniijye%2B%2FiQfgBxSCUSGkr6aZW6CpOrDLdBnIosJWEDJU8"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8274fe36eca75a25-MXP
expires: Fri, 15 Nov 2024 19:46:24 GMT

GET
H2 200 favicon-32x32.png
mycitymagazine.org/assets/img/ 3 KB
3 KB 642ms
206ms Image
image/png 68.178.148.206
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mycitymagazine.org/assets/img/favicon-32x32.png
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.178.148.206 Mumbai, India, ASN398791 (GO-DADDY-COM-LLC, US),
Reverse DNS: 206.148.178.68.host.secureserver.net
Software: Apache /
Resource Hash: 82b9bca061d2104e6dbc3207062bb0a41832a4965d1a1655185fcc30cf1ede26

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
last-modified: Fri, 26 May 2023 14:03:45 GMT
server: Apache
accept-ranges: bytes
etag: "6601f0-c70-5fc993491351e"
content-length: 3184
content-type: image/png

GET
H2 200 Lich-su-hinh-ruou-Johnnie-Walker-554x400.jpg
ruouvn.com/wp-content/uploads/2023/08/ 39 KB
39 KB 1882ms
1236ms Image
image/jpeg 45.252.248.51
AZDIGI-AS-VN AZDI...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ruouvn.com/wp-content/uploads/2023/08/Lich-su-hinh-ruou-Johnnie-Walker-554x400.jpg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.252.248.51 Binh Duong, Viet Nam, ASN63760 (AZDIGI-AS-VN AZDIGI Corporation, VN),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 5bb2c76f96cf68ecc7506168a8e3bcdd0a7da90c1834de31b773b977921ad462

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:34 GMT
last-modified: Thu, 03 Aug 2023 07:53:23 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=10368000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 39883
expires: Sat, 16 Mar 2024 03:47:34 GMT

GET
H2 200 MPS-phone-icon.png
www.morningtonpeninsulasheds.com.au/wp-content/uploads/2018/08/ 710 B
1 KB 2656ms
624ms Image
image/png 103.146.112.163
HOST-AS-AP Host U...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.morningtonpeninsulasheds.com.au/wp-content/uploads/2018/08/MPS-phone-icon.png
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.146.112.163 , Australia, ASN136557 (HOST-AS-AP Host Universal Pty Ltd, AU),
Reverse DNS
Software: nginx /
Resource Hash: 9fc6f43c48b2377ba942b22838f3ee90dc78feb841d2675cb137335a67f06d8c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:35 GMT
last-modified: Thu, 27 Jul 2023 00:13:22 GMT
server: nginx
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 710
expires: Fri, 24 Nov 2023 03:47:35 GMT

GET
H2 200 53286436996_238b727ba1_b.jpg
live.staticflickr.com/65535/ 205 KB
206 KB 456ms
39ms Image
image/jpeg 143.204.89.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://live.staticflickr.com/65535/53286436996_238b727ba1_b.jpg

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-213.fra50.r.cloudfront.net

Software

Jubilee /

Resource Hash

59118c6e22cd96eba716035cd9bf7c5ae33b9feb3bde92390a758e1d9e2032e4

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:45:17 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
mib: 2
x-ttfb: 0.1815
x-amz-cf-pop: FRA50-C1
surrogate-control: public, max-age=31536000
ourvalues: Grow Together (#1 of 5)
x-env: a=live, b=jubilee, c=77f4af62, e=278c78e6352b54bc17e7efacf7ae9f30060b9fd8
p3p: CP="This is not a P3P policy. We respect your privacy."
streaming: false
edge-control: public, max-age=31536000
age: 136
x-cache: Hit from cloudfront
imageheight: 768
powered-by: Mutation/1.0
imagewidth: 1024
x-ttdb-l: 209731
x-request-id: d90211ac
last-modified: Thu, 26 Oct 2023 07:25:28 GMT
server: Jubilee
etag: "027e5a196b72e17323bbd16fa0eaa351.1"
x-frame-options: DENY
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
quote: "I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
access-control-allow-origin: *
cache-control: public, max-age=31536000
hiring: Change the world of photography with us. https://www.flickr.com/jobs/
origintype: D
x-amz-cf-id: 1pZZuRKxL9tIk6uf8F8yGY8Q8MJMR5YQ4mvwUNBofipIE4b9KkqX_A==
expires: Sat, 16 Nov 2024 03:45:17 GMT

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
603 B 38ms
38ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4YYc8nppNGFMkAiLhR1SdZ0ccfxtmdWbJBXr4O6Iow7yeVgX4OQ0aVzaGLWybF1LkliouYoyL%2FdC4g8%2FslRP9M69yyohZHyNNYu2%2BpZHXh3RX1h1hiURCfigtu7XP4qFCjM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe347e4b24be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
575 B 53ms
53ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3IuYDvtzR7TEQJ6A02qMRxBjBv5PzfX7S95mC5PgKMBK3s8YwkZfqg4hJDqDf7hnaoVOFssxC4XaEjvnZ1UMZ4J%2BqKxnXeZMuWjZiqw035RVoRYOZLUkLi5iLdINqoqG1As%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe349e6e24be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
766 B 43ms
43ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=puz0NhyV3ZiQdm41UYbK4MXn%2FMuk68DCvsACQ0XQfpSVoJjJHqj5Nh4NWDRhoffHernIGCMuXYMFHu1YrEuzupvKOKgYd6jTgIo06PXM5UFb1Z0bFkV1Y%2BVEQd5w1BbCXW4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe349e7124be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
550 B 40ms
40ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFJ%2FXkKElZThv9Ebpqduxw8yodlyHTBD9VqHLhsUabEaJOLw%2BOx1EofOm8fhLWnJRk9xLYkussSbWAdpznJAGO9fjQRGJSbBL4vvVZacXGJjr%2FEa9o8VZ3nGubH%2BoEwHgXw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe349e7224be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
547 B 39ms
38ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IbJz8w6wgCCxTKKVStYhRGpDlVvnLYnOEloX2Q8mnxCjpPPkQwLtltZulUTIEI%2B6fmO8PvZMoItGPFulFegkC17p1r06zwsiAj2jPw7aPOiwVwxBQqwEW%2FE1Sw6v5bknQX8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe349e7424be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
664 B 37ms
36ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygh7edqubeQ5TwRqtXY2CD%2B8HxttC6kXU3nFZ4uKD5Xl1nH2YzbN3JTAzu8g24mB%2FQphbh80VPa3Ci%2FzgiwdWNFV4hr5qnx0xQFKdxYwfAeV3Qc0eOdlqFBB9U%2FERC7mwoU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe349e7624be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
545 B 42ms
42ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSpeKLLwtd2wsaP07080OgSsFqcMBw%2FP%2Bi4HjZe8SwdjCVmBdZk8KG2VImfkcps41Yh%2FSsyW2jsR8QHp7OBsanBoHKgz90bE16iYRMUVThzNPf8LYKiUVMEYcE1L2qwqfR8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe34ae9e24be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
550 B 42ms
41ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqS%2BGpIY2w2Uo4b0bUcB6U8looS4gEI7OItEay3j3GDqUgw%2BZ0UaP8ceu8EH42ZiG2OhbzcrJJyCIvXJb8N%2B%2FDoHutKfL7HQATzjg%2FF83nVL3rprwvOsgoF2A%2BCh1trJKpI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe34aea024be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
551 B 36ms
35ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npRFPJ8tVBnQSddtOZABTdDcC9NqzRqPemW%2FgwPw%2FWf%2BxRVLeE%2FvW6meTAhDHBxXm1%2FWiyq5BP4BSAht6IcxiOlY6l1Z8eAJTK6Xsl3ehXrXleQmkjyHobey2%2BkLlRAcZxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe34aea124be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
613 B 38ms
38ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVc9z0wdPv3aEfP1tlSBLW1tQofnzxz7uRaxRVFa%2B4nUw1kVZeBR92u%2F4DRwlvZT0NgrxpFmBnqZsczFF7Sy1IueB7NDnKsS2zgy6vv%2BpXea4%2FFaF3RsTHLdnH0H76A5H38%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe34aea324be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
773 B 41ms
41ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FGy7L212%2FpYSZAPm%2FsgQM5NgYtDkMjQcTotoVAZEddnO120hEqtD1o09fHhXhH7vEvgAjn%2FXdsU1i%2FO3ikjj981MPJ%2BL3h5u%2F1njtO23BO%2BcFLkyXRqEiw%2Bcxzb3UcxZS0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe34beb224be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
770 B 32ms
32ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1iEV48XNtOWpR2nrfyA7qOk7DaP1JLi6ZURPjbWKu2n0FO%2BztjkmLo3aE6meV%2FFPptCpLTJEtiGAdivJkZ8L%2Bi39SbRt%2BmYbyxPJvpcFNLFqUYqmc7m%2FvoCLyhlvCH%2BTMw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe34beb424be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
580 B 36ms
36ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNtblCGiaPr2ZBB9Kchr7uxOYw%2B9RAED6YDu%2BPqWMhhVkGtpCOaE2efstdxBKz8fmbuLTb8TNgUzWVTSe76rrQTwzT1DJNxGOS3pFkTtSCkptWiU%2BTt8vSl1aV7ly6v39hs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe34beb624be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
551 B 34ms
33ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnpMD8k0YpCjVUKj%2Boj94KI%2F7epVBLD1CgNiyeen5wvYR%2BPSKpXR9xdV912I%2F7HHJsdE2VhAzGs7%2FZhcjAWvPCilFu8Bo%2Bwe76Ekvs4W95DTXjXeHgl6ZjT51E6KlBxpBVU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe34beb824be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
547 B 36ms
36ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGnaIopA3kRPDtqcP%2F0F0nrSvWCyYvYX7%2BsdC8ygZP7vAZLt3DhONHTjR2Km8SGZwg%2FbW8hh3amVfgGYmWIjyZ1l8CWLF6uobS941jSf5hsh50KcZy7MUANMTXLi1XLJWnc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe34bebb24be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
553 B 30ms
30ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTFt5bIs9X4f1qOlyFVHvcwk9lGyMjSpRTfEPzh5yI0wtqgaeFc3%2F%2F2gn22tkhKvENLcCw%2F8vjeO%2FWWfTQDfNsLg9w%2BZpZIA3fbmhCCDfsaI7HFZRV%2F%2FFp5w4VyJ8wbsplM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe34bebd24be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
547 B 33ms
33ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2rAdLcYXVwfLLiaSPoxVuiHVWBbPucz6wM0Ty1aKDtt9EFUDe8dfQv%2FLm6I7Yjo3dfvDKAVRoXVdduCYwgrzZalO9plJz1IVTg0WBzAk%2Fw%2BUK8g9%2Fht1As6IfmSg5cpU30%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe34bebe24be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
551 B 33ms
33ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7453bZkRLh0XJs6F1WFXzj9nccuC1a1k1F1J6w2gI42oUsXraX%2BHqNruZyQIXiuxZp%2FO%2BSgXulL6QYvEuZwYpRIw%2FG2BP2Xbz%2B7D7eJjyWVBrU6sulIC4aW3Ic2sdp9%2FLuo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe34bec624be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
621 B 34ms
34ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BnDoq6gOgJAbxeXWIZLCk%2BX%2FcV1BP8%2Bb6eh%2BNwxuti%2FiDQUvDHCnwd3traq0o5G2zsuHSQTuHeLOt38MOfzz5aRzzD9M2M0p%2BM9fYPQiWva%2B3KCccRmcUC%2BvifSLZZsGk%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe34bec724be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
665 B 30ms
30ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlrvNs%2F8BvvhNbVRQYqPfXb%2FtFCuVaKAbMtT5RZVYqm%2FpIVgaVSVCGdaoUX9YWzuDg8HNAIVgWVdfz7luJ6KSy3zJPp1RjmyGiIrI1fgN9kYv04lWEp8sBnpyhiBRTl85Iw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe34bec824be-ZRH

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 368ms
366ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4226459497899632&correlator=1225047101367725&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700192853241&lmt=1700192853&adxs=386&adys=1813&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1635225448.1700192851&ga_sid=1700192852&ga_hid=958004963&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9K6Q270xSABSAghkEjsKCnB1YmNpZC5vcmcSJDc5MGNiZjhiLTMzNDQtNGFlNS1iOWIzLWU4ZmU0OGQwMGYxZRihsJDbvTFIABIdCg5lc3AuY3JpdGVvLmNvbRj0rpDbvTFIAFICCGQSFwoIcnRiaG91c2UY9K6Q270xSABSAghkEhQKBW9wZW54GPSukNu9MUgAUgIIZBIZCgp1aWRhcGkuY29tGPSukNu9MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y9K6Q270xSABSAghk&dlt=1700192849382&idt=988&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D3_ZH_chrome%26browser_hour_refresh%3Dchrome_3_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=3986541890&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

2d3cb2be06b6d1693be3b0977fcc339b56a32331caecac6be1ddf0122f01f062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23445
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 391ms
389ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4226459497899632&correlator=4106873535558329&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700192853245&lmt=1700192853&adxs=386&adys=2195&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1635225448.1700192851&ga_sid=1700192852&ga_hid=958004963&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9K6Q270xSABSAghkEjsKCnB1YmNpZC5vcmcSJDc5MGNiZjhiLTMzNDQtNGFlNS1iOWIzLWU4ZmU0OGQwMGYxZRihsJDbvTFIABIdCg5lc3AuY3JpdGVvLmNvbRj0rpDbvTFIAFICCGQSFwoIcnRiaG91c2UY9K6Q270xSABSAghkEhQKBW9wZW54GPSukNu9MUgAUgIIZBIZCgp1aWRhcGkuY29tGPSukNu9MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y9K6Q270xSABSAghk&dlt=1700192849382&idt=988&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D3_ZH_chrome%26browser_hour_refresh%3Dchrome_3_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=3847355023&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

8dd1061459bc02272828879c808303b719ddc56f951dcac741b51f999e9ccd76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23427
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 339ms
337ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4226459497899632&correlator=219683815382382&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700192853250&lmt=1700192853&adxs=386&adys=2620&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1635225448.1700192851&ga_sid=1700192852&ga_hid=958004963&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9K6Q270xSABSAghkEjsKCnB1YmNpZC5vcmcSJDc5MGNiZjhiLTMzNDQtNGFlNS1iOWIzLWU4ZmU0OGQwMGYxZRihsJDbvTFIABIdCg5lc3AuY3JpdGVvLmNvbRj0rpDbvTFIAFICCGQSFwoIcnRiaG91c2UY9K6Q270xSABSAghkEhQKBW9wZW54GPSukNu9MUgAUgIIZBIZCgp1aWRhcGkuY29tGPSukNu9MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y9K6Q270xSABSAghk&dlt=1700192849382&idt=988&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D3_ZH_chrome%26browser_hour_refresh%3Dchrome_3_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=1577968766&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

bc6cc80c7efb876ae0441132213ea15bf5fda7c24ca60a10767716524ce1e168

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23263
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
21 KB 406ms
404ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4226459497899632&correlator=617574554524525&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700192853254&lmt=1700192853&adxs=386&adys=3462&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1635225448.1700192851&ga_sid=1700192852&ga_hid=958004963&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9K6Q270xSABSAghkEjsKCnB1YmNpZC5vcmcSJDc5MGNiZjhiLTMzNDQtNGFlNS1iOWIzLWU4ZmU0OGQwMGYxZRihsJDbvTFIABIdCg5lc3AuY3JpdGVvLmNvbRj0rpDbvTFIAFICCGQSFwoIcnRiaG91c2UY9K6Q270xSABSAghkEhQKBW9wZW54GPSukNu9MUgAUgIIZBIZCgp1aWRhcGkuY29tGPSukNu9MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y9K6Q270xSABSAghk&dlt=1700192849382&idt=988&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D3_ZH_chrome%26browser_hour_refresh%3Dchrome_3_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2031985588&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9b52e0d99a1793e38b790693f2cad99c741f8194d236e7694521f49831f04f65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21582
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 378ms
376ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4226459497899632&correlator=1886244662636914&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700192853263&lmt=1700192853&adxs=386&adys=4347&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1635225448.1700192851&ga_sid=1700192852&ga_hid=958004963&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9K6Q270xSABSAghkEjsKCnB1YmNpZC5vcmcSJDc5MGNiZjhiLTMzNDQtNGFlNS1iOWIzLWU4ZmU0OGQwMGYxZRihsJDbvTFIABIdCg5lc3AuY3JpdGVvLmNvbRj0rpDbvTFIAFICCGQSFwoIcnRiaG91c2UY9K6Q270xSABSAghkEhQKBW9wZW54GPSukNu9MUgAUgIIZBIZCgp1aWRhcGkuY29tGPSukNu9MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y9K6Q270xSABSAghk&dlt=1700192849382&idt=988&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D3_ZH_chrome%26browser_hour_refresh%3Dchrome_3_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=1876406810&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

fe4f1d0413bca8434c0e6ac44558878403e3b6d6e301b54cc9bd484de1c5dc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23231
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 375ms
373ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4226459497899632&correlator=2225378866212019&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=8&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700192853267&lmt=1700192853&adxs=386&adys=5232&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1635225448.1700192851&ga_sid=1700192852&ga_hid=958004963&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9K6Q270xSABSAghkEjsKCnB1YmNpZC5vcmcSJDc5MGNiZjhiLTMzNDQtNGFlNS1iOWIzLWU4ZmU0OGQwMGYxZRihsJDbvTFIABIdCg5lc3AuY3JpdGVvLmNvbRj0rpDbvTFIAFICCGQSFwoIcnRiaG91c2UY9K6Q270xSABSAghkEhQKBW9wZW54GPSukNu9MUgAUgIIZBIZCgp1aWRhcGkuY29tGPSukNu9MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y9K6Q270xSABSAghk&dlt=1700192849382&idt=988&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D3_ZH_chrome%26browser_hour_refresh%3Dchrome_3_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=2971132554&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

195f9ca06d2110519bdc91aac25905b23c740817de711e535f8612a7c2da9d47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23219
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 366ms
365ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4226459497899632&correlator=3811559303219520&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=9&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700192853271&lmt=1700192853&adxs=386&adys=6098&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=7&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1635225448.1700192851&ga_sid=1700192852&ga_hid=958004963&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9K6Q270xSABSAghkEjsKCnB1YmNpZC5vcmcSJDc5MGNiZjhiLTMzNDQtNGFlNS1iOWIzLWU4ZmU0OGQwMGYxZRihsJDbvTFIABIdCg5lc3AuY3JpdGVvLmNvbRj0rpDbvTFIAFICCGQSFwoIcnRiaG91c2UY9K6Q270xSABSAghkEhQKBW9wZW54GPSukNu9MUgAUgIIZBIZCgp1aWRhcGkuY29tGPSukNu9MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y9K6Q270xSABSAghk&dlt=1700192849382&idt=988&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D3_ZH_chrome%26browser_hour_refresh%3Dchrome_3_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=352790384&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

5a9df795f52ac0c6dcaa85bc20da0bade8f553dc6f4341cdf730efc1e22804fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23425
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 396ms
395ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4226459497899632&correlator=1985263436510062&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=10&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700192853274&lmt=1700192853&adxs=386&adys=6983&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=8&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1635225448.1700192851&ga_sid=1700192852&ga_hid=958004963&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9K6Q270xSABSAghkEjsKCnB1YmNpZC5vcmcSJDc5MGNiZjhiLTMzNDQtNGFlNS1iOWIzLWU4ZmU0OGQwMGYxZRihsJDbvTFIABIdCg5lc3AuY3JpdGVvLmNvbRj0rpDbvTFIAFICCGQSFwoIcnRiaG91c2UY9K6Q270xSABSAghkEhQKBW9wZW54GPSukNu9MUgAUgIIZBIZCgp1aWRhcGkuY29tGPSukNu9MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y9K6Q270xSABSAghk&dlt=1700192849382&idt=988&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D3_ZH_chrome%26browser_hour_refresh%3Dchrome_3_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=3218107066&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9f8021f5290b17ec941740cae5ec378ca4ef8317f3b3203dc6ab7f085a913953

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23317
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
23 KB 391ms
390ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4226459497899632&correlator=2479547867858595&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDI.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=11&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1700192853277&lmt=1700192853&adxs=386&adys=7865&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=9&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&ga_vid=1635225448.1700192851&ga_sid=1700192852&ga_hid=958004963&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9K6Q270xSABSAghkEjsKCnB1YmNpZC5vcmcSJDc5MGNiZjhiLTMzNDQtNGFlNS1iOWIzLWU4ZmU0OGQwMGYxZRihsJDbvTFIABIdCg5lc3AuY3JpdGVvLmNvbRj0rpDbvTFIAFICCGQSFwoIcnRiaG91c2UY9K6Q270xSABSAghkEhQKBW9wZW54GPSukNu9MUgAUgIIZBIZCgp1aWRhcGkuY29tGPSukNu9MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y9K6Q270xSABSAghk&dlt=1700192849382&idt=988&prev_scp=pos%3D1%26monu%3D728x90_A1%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D3_ZH_chrome%26browser_hour_refresh%3Dchrome_3_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=3269151347&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

0ffe09a27dee83e9a009cd98003d22c4a82d0ecfd5de870b46e669a9dd6bdcd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: 121759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23409
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 445089
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4FA9 6 KB
3 KB 32ms
31ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 03:47:32 GMT
expires: Sat, 16 Nov 2024 03:47:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 apm Show response
folkd.com/user/ 4 B
943 B 938ms
937ms XHR
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/user/apm

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

X-Bubble-Fiber-ID: 1700192853389x447380486810624560
X-Bubble-PL: 1700192849192x677
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://folkd.com/
cache-control: no-cache
Referer: https://folkd.com/
X-Requested-With: XMLHttpRequest
x-coalias-route: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzAwMTkyODQ5fQ.g1nWWZG7qIkjL6_9rdlNjgdBd1n8bZIkQ0NOUKZvwzI
X-Bubble-Breaking-Revision: 5

Response headers

date: Fri, 17 Nov 2023 03:47:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf: {"total":31.6,"percents":{"top":{"bubble_cpu":17.9,"block":38.9,"capacity_rl":0,"other_pause":0,"pre_fiber":42.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":21.5,"fiber_queue":2,"capacity_wait":10.2}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":7,"fiber_queue":8,"blocks":7},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":848946}}
strict-transport-security: max-age=63072000
x-bubble-appname: folkd0612
x-powered-by: Express
x-bubble-capacity-used: 0.013 unit-seconds used
x-coalias-cache: MISS
server: Vercel
x-vercel-id: fra1::47th4-1700192853406-ce25539df8e5
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2pfCMA4%2FgK5T2EOXphx%2FG7x7MR9wQ4O8Vl4HD%2BxjMNafDnG6Ml%2F97U%2F9aERT7PBQJrUDrY4N%2FZJ0h15xjN3ECVO88%2Bt42o3vTIFC8ZkUsupXSZVIpYcKanCOiIh0QeuUZz0PrGYzFlgpLK4OGlnjeYYXIwMBFU%2BpoXpNgILwDROSrKrbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-bubble-request-took: 31
cache-control: no-cache
cf-ray: 8274fe39ee26381b-FRA
x-bubble-capacity-limit: 0 ms slower

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
289 B 984ms
984ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://folkd.com
Date: Fri, 17 Nov 2023 03:47:34 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET esp
oajs.openx.net/ 0
0

OPTIONS
H2 204 esp
oajs.openx.net/ Frame 0
0 214ms
153ms Preflight 34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-coalias-route
Access-Control-Request-Method: GET
Origin: https://folkd.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://folkd.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 17 Nov 2023 03:47:33 GMT
vary: Origin
via: 1.1 google
x-powered-by: Express

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
549 B 30ms
30ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7qjLovCXQy2eIhNwf3HK%2FgJtN6eUssKvmte6Aq39x3ktkpWXrIXOLzw92o1q0E60917%2BJsozIUuTKYQffglojmwxCAqKMZBT%2F3v6AIM%2Bf0zS9UxST44cfh8itqEDL5psbU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe3648cf24be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
666 B 39ms
39ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrNWeqIhPRxzfF%2BRm2rOJeWcV9bsoYRvp%2FY87PuNL0ctblizYxY2UnaAe0ETyJAHaT7krkSWa%2FkxdoWzK%2FDjrvpjqm1dEaCm6GcEXvqjG4ZyPP04ZWfPNHtCqZ6Q1ZR7MkE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe3658e524be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
579 B 38ms
37ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3wKZbUfdU0LB1JLHEhLFh5asWAYbld%2FWdjRQ2V8vVnK071RnQCVZcpjjlPse2nse4vH4hUtROCW4uLArOAw8GeQQZ4njDYKFUNad4kCKUQ4JXMYBHCXHrr9WZoyzp8iVLY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe3658e624be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
545 B 36ms
36ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25gc7ekYPlsgZcPLlhNXWsOvjKjSQQ57HiNejRTNQBo7jfkGw%2FscW7nq08sjFKh6dlEMwoRBaXHK8Vu6Vh4AI0NUvLR4OZJ3chM1fSjwcR3exxj76eIP29Qg%2FDKY85Lkukg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe3658e724be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
546 B 35ms
34ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vaosrsigKYSEoc7Tur9dAdWb2N%2BA8ilW0HkYRhEBj8MG5wBCHCK46lMt6CY1JzVG2RG8md8EI7z9g7e1zn8sFyxQKr%2BH1tg4FdERWHH%2B7rH6ATJo4C97E0VXYQCq3RTBKzE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe3658e824be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
550 B 33ms
33ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2F%2FyWmUpOl%2FOL%2FoAw80kFEZu5dLdpJ37t0OAJG%2B84PHys4Jr5Z10zU4wF6ETZfGWDl2z84TQJljtwklkFOwwwowwekgBJ4eAI6jGmC33EBq0cW5xqrEKW4eZ4Jm8rhXVVu0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe3658ea24be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
543 B 42ms
41ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPqeZTNozH8qGpuGvHQnNyUAdBNamPj60DnIg6aYMXdsjsBh58QDMlWtDWj7PJEWaoxuhLGCzpiacvhCktPR6OaL2FKrTa85rEbEDeuukha4S3cXEgQJui%2BYRp2DENcP3bU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe36790124be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
546 B 38ms
37ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMHdtsfy8WG9R3QSTZQ50MDMPnkUsd5%2BMEvdTsp3MeV9%2FrVqNZYAgWxJ6p0AAHaeBiNnZd1V9v26oE5NxoyzIEGzyFa7Je9UaizH0MA2sooOP9nSXAW0%2BT7Rl3RPqYu1JQw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe36790224be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
616 B 36ms
36ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQLaa5VXMRF87gZyb1E%2Bzb1gOPfAf2r2b6ieZTvYCifnd5yaW%2B2CmhkmzbX38xLkYSxhBDPxr9UU%2ByoXgYX0dN35GX4ckLAVwNLP3%2BgVtwCA3wUtefITdeRUMHQDf4uTWfM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe36790324be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
774 B 33ms
33ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahVGOa%2BennJRhJuT2JhVRG3LuWJXWT7OWipyA9J%2FzAjolZZW%2Fu0zYGXr4jX%2BFq9GR2Bu%2BY%2FLzeldX7SjxDjuy386nwcNqgry%2FewsmD8e7dCbtc%2FHkIDTWOvZ2HEwzqrmnuc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe36790424be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
550 B 42ms
41ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X38nj69WIN%2FVZFuyM7k10gxT0qfwXgyFXu3P9rIE3a8CZtxTvHmZjgGgvuQ1y%2BaNxWUZshykZSiUxltQcFBnu%2F%2FsV0%2FXoPQiuMI5jBY2udsAXo078DtvMD81NrQNznrFWGE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe36790524be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
662 B 33ms
33ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcYan3xSKIpJcVH2aUKyGaBToLLu9hlAxY9H%2Bs2kDVxXKtbLn9V%2BX8DmspV1pt298FDRO2RFKmdXToHxvniAHaPn2sKselD0jZn3KtWW0H1cT85ghwNG8mV%2B38OeMRG2RwE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe36790724be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
580 B 33ms
33ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXqd1Pk%2BDL632CZlh1fQounbcSG%2FL0s%2F9HrXRFeGWkfsvub4vHqgFef8WMHXRq7Esxy00DMv4mNLwHsGnMK5NseaPCWhgybArXLp1slS4ClL4f7DikLyjn9KdP2vXvW9mhY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe36790824be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
764 B 40ms
40ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvBdyk145ZjqxxqB2ad6VGXOU0LAw4TwHYKhwvtjD2BeP%2BzjUunTZIqf5Cg3QNNp5x72yLa6mwnVlYzzitBrWlKZ7uigjoy7zfuB5DXyJ4XU16whpn4Ns5mibV6vZQJeY30%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe36790c24be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
547 B 34ms
34ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rY6GO2%2FAcrLLKn8qbp6wpAMHeKIRD%2BohgX6rFkc63A7iwYOz7hMJCyl7L18N7yXSQ1YazeTMEtGi0h12Nq%2Fc%2FPwL5d1vC8o7S8doVr01pkA3E5Lb94qPV%2BmQ4ZNeloBCpeo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe36790e24be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
546 B 32ms
32ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EqR6yZUDnisfOz19LuQUJGMGX7XozdkYdcFcjZRZTD2HNv1sYSwkmc%2FVbYAAgklzHRnmVraxSXmi4VmtqzZzK8tT8umgbGqTJYo52Ax6U3okudp0jFWDWnasGvGekYsCq%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe36790f24be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
611 B 37ms
36ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cCmHMCcTPMzhO2QxEAQYYrUxbPinBgvt0QAbNBdo4%2FObYS5cKMIEIaIesFlt23LcC0fVOV6SyO2m3ckDQac0M72Ix5CgDftVzbGWc1S8qfNRQSXcS%2BCltTEhYWPL1%2FEyfp0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe36791124be-ZRH

GET
H2 200 tag.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 404 B
549 B 31ms
31ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/tag.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 531656
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230048-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"194-v0O/vmQGPvfzwRhyNR/TgcTgRBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vu%2Fg71azk2C5SNzkdKu3pnDXuBtL8wr0lY5UExKxSCtJYHujK4nWVG0Rdxf2G93XAsyr0AcsW%2BdqRxaGcMnXeM%2F%2Fcp6d%2FaarcemhB5lwbo%2FQsyVqSzWHvAqQn674rebwDrI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe36791324be-ZRH

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
612 B 183ms
68ms XHR
application/json 34.255.67.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.67.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-67-121.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 4f7fbcc4f0b1f710f80896ef3962922d86bda05c8c154893212cf9ce24b46818

Request headers

Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:33 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://folkd.com
cache-control: no-cache
x-server: 10.45.9.139
access-control-allow-credentials: true
content-length: 156
expires: 0

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 201 B
475 B 134ms
66ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: folkd.com
URL: https://folkd.com/coalias_page_logic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5970db21815b3b2ce80d074c6699e5ca9ce5ad845e53eda1ef1cf3bab7905dc4

Request headers

Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 17 Nov 2023 03:47:33 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 0d3d2d3d88d4671bf2ccbfe967b13d6a
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With
content-length: 201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 container.html Show response
2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E304 6 KB
3 KB 29ms
29ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 03:47:32 GMT
expires: Sat, 16 Nov 2024 03:47:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 24ms
24ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=a32bdd38-457f-4e83-87a9-b0fd5484cba7&a=p.f.i&u=JYM01M&d=%7B%22b%22%3A%22chrome%22%2C%22c%22%3A%22CH%22%2C%22r%22%3A%22ZH%22%2C%22p%22%3A%22%2F%22%7D
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:53:14 GMT
age: 420859
x-guploader-uploadid: ABPtcPpY7imjaJdnkVO6i_GPmBn6c-3SbFw2xaTZmP6AKmYYtgiU0vX7WBCsegBLkONR-PrN1G9PaH6m7PoEZgyzttlU3A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Mon, 11 Nov 2024 06:53:14 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4077 15 KB
6 KB 466ms
56ms Document
text/html 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=folkd.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 03:47:33 GMT
server: Kestrel
server-processing-duration-in-ticks: 318247
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
225 B 115ms
41ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://folkd.com
date: Fri, 17 Nov 2023 03:47:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 109 KB
45 KB 484ms
482ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4226459497899632&correlator=3297089436660313&eid=31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=20842576%2CJYM01M%2CJYM01M-DDS.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600%7C300x600&ifi=12&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D3dacdcbbc28b1585%3AT%3D1700192852%3ART%3D1700192852%3AS%3DALNI_Ma8aZjtIHhTqeXNz0iD5tUckhXDIA&gpic=UID%3D00000cca3118b3c2%3AT%3D1700192852%3ART%3D1700192852%3AS%3DALNI_MaaXzvAvkpUodB8cBtQ2sOqHh2xsQ&abxe=1&dt=1700192853667&lmt=1700192853&adxs=1140&adys=459&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ffolkd.com%2F&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=300&ga_vid=1635225448.1700192851&ga_sid=1700192852&ga_hid=958004963&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY9K6Q270xSABSAghkEjsKCnB1YmNpZC5vcmcSJDc5MGNiZjhiLTMzNDQtNGFlNS1iOWIzLWU4ZmU0OGQwMGYxZRihsJDbvTFIABIdCg5lc3AuY3JpdGVvLmNvbRj0rpDbvTFIAFICCGQSFwoIcnRiaG91c2UY9K6Q270xSABSAghkEhQKBW9wZW54GPSukNu9MUgAUgIIZBIZCgp1aWRhcGkuY29tGPSukNu9MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Y9K6Q270xSABSAghk&dlt=1700192849382&idt=988&prev_scp=pos%3D2%26monu%3D300x250-160x600-300x600_B2%26allowNative%3Dfalse%26hard_adx_floor%3D0.15%26refresh_count%3D0%26sesspv_refresh%3D0_0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26provider_performance%3Dundefined_chrome_0.00%26context%3D3_ZH_chrome%26browser_hour_refresh%3Dchrome_3_0%26slotOnScreen%3Dtrue&cust_params=page_num%3D0%26url%3Dfolkd.com%26big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&adks=4068447172&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ff1e843cfded44ee57255d2ded056295588bb61ee5d46c60799dbc9fe102ffd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:34 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45883
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://folkd.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 4FA9 4 KB
769 B 47ms
45ms Stylesheet
text/css 172.217.23.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Nov 2023 03:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Nov 2023 02:50:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Nov 2023 03:47:33 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 85F0 478 B
532 B 438ms
44ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COemXhDLuHEYz_el-QEwAQ&v=APEucNVXhGIC0ANhh6cC7qJrYtgW0OweDtVFFNzQlNznUu0alE3X8Gh1M2ANPyHVoamP8UKvf1qbZ-Gqq-VDYMl3dUUYDFAYng

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 03:47:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 19D9 111 KB
39 KB 441ms
36ms Script
text/javascript 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 06:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76643
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 06:30:11 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 19D9 7 KB
3 KB 429ms
39ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 16:55:58 GMT

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 19D9 23 KB
9 KB 425ms
40ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42603
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 15:57:31 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 19D9 41 KB
14 KB 436ms
39ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46970
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 14:44:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 19D9 3 KB
1 KB 441ms
44ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 19D9 20 KB
9 KB 435ms
38ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 21:33:06 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 19D9 203 KB
64 KB 448ms
52ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 03:47:34 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 19D9 42 B
174 B 461ms
79ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CPL9eg39Civ2ZoyrHJ6R9wZ791GbdnImQHbGtFEFsOy1IJc0VqM63x6SNZSPYXhfQ5CijIMzcVnnwZRWKDQpL7WwKoXH19PZjZpgbYzR-a_SS6fXM

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 4FA9 21 KB
9 KB 441ms
46ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 17:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 17:53:08 GMT

GET
H2

200

pd Show response
google-bidout-d.openx.net/w/1.0/ Frame EECF
Redirect Chain

https://google-bidout-d.openx.net/w/1.0/pd?plm=5
https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

572 B
710 B

47ms
46ms

Document
text/html

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 6a50bdfb78fea1b1a14301bc87a382b504845ffd15ecc7d39955a1ce1230c672

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 377
content-type: text/html
date: Fri, 17 Nov 2023 03:47:33 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 17 Nov 2023 03:47:33 GMT
location: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
via: 1.1 google

GET
H2 200 container.html Show response
2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FA4E 6 KB
3 KB 30ms
28ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 03:47:32 GMT
expires: Sat, 16 Nov 2024 03:47:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C0E9 6 KB
3 KB 45ms
39ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 03:47:32 GMT
expires: Sat, 16 Nov 2024 03:47:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B7F3 6 KB
3 KB 36ms
34ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 03:47:32 GMT
expires: Sat, 16 Nov 2024 03:47:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1C0D 6 KB
3 KB 34ms
31ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 03:47:32 GMT
expires: Sat, 16 Nov 2024 03:47:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C9CC 6 KB
3 KB 40ms
35ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 03:47:32 GMT
expires: Sat, 16 Nov 2024 03:47:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 977F 6 KB
3 KB 32ms
29ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 03:47:32 GMT
expires: Sat, 16 Nov 2024 03:47:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7D09 6 KB
3 KB 44ms
37ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 03:47:32 GMT
expires: Sat, 16 Nov 2024 03:47:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 46D0 6 KB
3 KB 34ms
27ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 03:47:32 GMT
expires: Sat, 16 Nov 2024 03:47:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 04A2 6 KB
3 KB 32ms
31ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 03:47:32 GMT
expires: Sat, 16 Nov 2024 03:47:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ym.0.js Show response
static.yieldmo.com/ Frame E304 471 KB
123 KB 474ms
38ms Script
application/javascript 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.0.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Xck034tCEhxPRJeQDbLy1jkP4sAxLMlx
content-encoding: br
via: 1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 08:23:23 GMT
x-amz-cf-pop: FRA60-P5
age: 69852
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: kGeXteW6j4_jmDzv4ajjx749iom15AsUKMJc_h089l28vV-0cYGRKQ==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E304 3 KB
1 KB 39ms
31ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 76D5 1 KB
759 B 39ms
32ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 22241
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Fri, 17 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame E304 20 KB
8 KB 34ms
26ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 21:33:06 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame E304 43 B
495 B 244ms
82ms Image
image/gif 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3408583792617787336&pvt=1700192852292&plid=2521236318193655889&imp=7342134550923564497&rep_meta=8vWBwGAh266yw2M536u2KGa-MVQErRT-TJfImKZSejOqZ2frvEShz6BXN1Pn0q2wbtpw2PjkJmYzFNRZ26qfnmHpN1AbUyQWjVzuTEWEN1S81MOqUBAHH-AMLYrPZC_yeU4fnvOcVpXC7FT25R_eoK7TvSX23GUkxl4Vzp7DNbyz-chZUWGh2yimD0zUncxETQ11p7BsVm-yA10v2bNbg4dz0cNY-1HAbkNA6KGNUQIHcv-lg9r5PEKChPucNsFp4dZ4hcNvCBxVwBKxySXRQnGvLsbB3wXBDLNxWUPxDyfpRqu1zAGDhqYzlGLXR-O-eVBb_u0xpPmUKXnhSa8HRExJ74AUA08_j1N--bIzhDhUZCjG__Vz7J-ccg8y1eQ0lxDLsb3TDkCg4fxmsX1490PIJIjnQVE0te1vH4dWBRQ
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:34 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2 204 l
www.google.com/ads/measurement/ Frame E304 0
0 45ms
39ms Image
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTiAvCfNVE1kT_yrGkM_BmN2V9mi8CUpDb6fHNg0iiNXYu1eSoEhYfo7FFjUWS_8a_HivltwJbve01bT3P-hPVcITMB2w
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E304 24 KB
7 KB 37ms
33ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98695
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E304 203 KB
64 KB 56ms
53ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 03:47:34 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame E304 68 B
245 B 197ms
79ms Image
image/png 16.171.99.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfdm889v&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi1hZCJ9fQ%3D%3D&cb=5772728&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.171.99.149 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-171-99-149.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:34 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame EECF
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2391635941405129718

43 B
181 B

58ms
39ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2391635941405129718
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:34 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2391635941405129718
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame EECF
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=d1cb45ec-3506-841a-b51b-63b1a3ed2303
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=d1cb45ec-3506-841a-b51b-63b1a3ed2303&dcc=t

43 B
855 B

227ms
226ms

Image
image/gif

54.239.38.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=d1cb45ec-3506-841a-b51b-63b1a3ed2303&dcc=t

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

Protocol

HTTP/1.1

Server

54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 03:47:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Y4J3TVGNZXA8JWR5H56B
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 03:47:34 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: YRX7GHB5GAPMHN9B19VF
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=d1cb45ec-3506-841a-b51b-63b1a3ed2303&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame EECF 70 B
150 B 186ms
79ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=891d3991-29ac-3fe0-7515-e126cbdee8e3&gdpr=0
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:35 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame EECF 170 B
188 B 49ms
48ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTU3MmVhNWItZTBkYi02MTQ0LTYwZjUtYmI5ZjAxM2MyNjgz

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame EECF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOr6YTGWhcsdhz8gyU7i7D4&google_cver=1

43 B
107 B

49ms
43ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOr6YTGWhcsdhz8gyU7i7D4&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?cc=1&plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:35 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOr6YTGWhcsdhz8gyU7i7D4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 85F0 170 B
244 B 67ms
46ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COemXhDLuHEYz_el-QEwAQ&v=APEucNVXhGIC0ANhh6cC7qJrYtgW0OweDtVFFNzQlNznUu0alE3X8Gh1M2ANPyHVoamP8UKvf1qbZ-Gqq-VDYMl3dUUYDFAYng

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 85F0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7qU3P1M5i8H0VjN_LlweA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7qU3P1M5i8H0VjN_LlweA&google_cver=1&C=1

43 B
348 B

50ms
49ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7qU3P1M5i8H0VjN_LlweA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COemXhDLuHEYz_el-QEwAQ&v=APEucNVXhGIC0ANhh6cC7qJrYtgW0OweDtVFFNzQlNznUu0alE3X8Gh1M2ANPyHVoamP8UKvf1qbZ-Gqq-VDYMl3dUUYDFAYng
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBcdExP6Jg%2FBq2ApBEuPJJZyUtTLMT2aA%2Bzn%2FlFqyJ%2FgxLzyLiHx7R0Tism0t%2FP1xuBiWgfYSGyBzQARS9KlnTKiOBatxS59ih%2FbcR%2BWKw9UFRo%2B6QONdxT0cq19cExcuaA%2BCb%2B%2FTWPU1w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8274fe3e29da0219-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JOuvnV1FS7Ai2qsvzHeriRHpl3wRhf0ybon8JQDe3lIZ7j84GAXOWxEci8KkAFoqzIfvtNlBGsG5hQPaDrfh8pB%2BmSRWdp9dKbBBS19XT02nzZfnLDJpITYjz2UCF857ryT9OfBYrCPbng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEE7qU3P1M5i8H0VjN_LlweA&google_cver=1&C=1
cache-control: no-cache
cf-ray: 8274fe3d99290219-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 85F0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVbiVn6vJ.E59nNqoqPXFQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7qU3P1M5i8H0VjN_LlweA&google_cver=1&google_hm=2

43 B
775 B

56ms
55ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7qU3P1M5i8H0VjN_LlweA&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COemXhDLuHEYz_el-QEwAQ&v=APEucNVXhGIC0ANhh6cC7qJrYtgW0OweDtVFFNzQlNznUu0alE3X8Gh1M2ANPyHVoamP8UKvf1qbZ-Gqq-VDYMl3dUUYDFAYng
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Yw0z9DeDudLd4vTF9U9unrvptjD4XLQDDxCAsed18jds5UlBf2jd%2Bzyyy4h%2BGjqqPyDUruob6C6NhTJR8t6e63%2BF%2BQqFqbqrvPmgL8kIMxrJxh8POqGa%2B66rHqRgArsSBj%2BI4DudbtwRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8274fe3f5a0b24c0-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE7qU3P1M5i8H0VjN_LlweA&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BAA2 6 KB
3 KB 29ms
28ms Document
text/html 142.250.186.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 03:47:32 GMT
expires: Sat, 16 Nov 2024 03:47:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ym.0.js Show response
static.yieldmo.com/ Frame FA4E 471 KB
123 KB 118ms
65ms Script
application/javascript 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.0.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Xck034tCEhxPRJeQDbLy1jkP4sAxLMlx
content-encoding: br
via: 1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 08:23:23 GMT
x-amz-cf-pop: FRA60-P5
age: 69852
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: vGNUEfuXGTevN8jA4sHpsF_J8Ok9n5p40d2ZGQHKgd2HLe-YrbyY-Q==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame FA4E 3 KB
1 KB 30ms
29ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4073 1 KB
678 B 30ms
30ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 22241
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Fri, 17 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame FA4E 20 KB
8 KB 38ms
37ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 21:33:06 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame FA4E 43 B
494 B 55ms
53ms Image
image/gif 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3408583802088529216&pvt=1700192853421&plid=2521236318193655889&imp=184414632338700827&rep_meta=U7BmjUvuoBT7vi1HaXySLS1spe0ji6vZ6heD2tMqOmBNahRjd-LyGy9qhQmpL-q2joSIIkGjzQfSkVVQ-hSCoT_NqZ_Bkb-LGBAfxTW9XuKNiZo4VClnC-HkjfoyD01E6aub930VoJXFiwsq5jl-i6yHv6CYJxlQmJX4bCuwXvN_WkRU7se-y9uJXG6H6tQedrX_bfLbIM0ZXvHN8XOkHP9HNe0DgxkyLQ85Nd4aRc4HCLssW8At6eNbAHy1PhoYJFNVXMF1rf6y7-hOCrsCw6Zoi_hFN6AcxGwMr8oaSwyZ7SQFqI2NqMutcm9ASrB7Coez-3KJ3cx7sV3jrbGdyUCMuOX6u7_-PxBBD9GTt4I45V4DJPmHLytRn3wIiv0ehyGDw3VtcOhh3sJ7Gm7IgRarIHdP2tRjSndWNL60icw
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:34 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2 204 l
www.google.com/ads/measurement/ Frame FA4E 0
0 43ms
41ms Image
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgVcAFWl8NtMz1DsHOn24TQn1XMHG9-hH1K6SIwy7fw4KJqWcl659Je_qT0OhfD7QRuuMEzAmljzjhTEfJHE0-f8Wvrw
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame FA4E 24 KB
6 KB 40ms
38ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98695
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FA4E 203 KB
64 KB 42ms
40ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 03:47:34 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame FA4E 68 B
244 B 52ms
51ms Image
image/png 16.171.99.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfdm88m1&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi40LWFkIn19&cb=4926038&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.171.99.149 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-171-99-149.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:34 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ym.1.js Show response
static.yieldmo.com/ Frame C0E9 471 KB
123 KB 37ms
36ms Script
application/javascript 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.1.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NbkkeiEKbyQy0u3FDjr4KUZdjNHSllZV
content-encoding: br
via: 1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 11:27:45 GMT
x-amz-cf-pop: FRA60-P5
age: 70706
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: q91YOJKkDgbn0g9pWoJrJhgySXwRP87sP30Qy_3tkTxUMExz88sZEw==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C0E9 3 KB
1 KB 33ms
33ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F0BA 1 KB
678 B 32ms
31ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 22241
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Fri, 17 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C0E9 20 KB
8 KB 30ms
30ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 21:33:06 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame C0E9 43 B
494 B 59ms
56ms Image
image/gif 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3408583802105306446&pvt=1700192853423&plid=2521236318193655889&imp=1688635750682958426&rep_meta=U7BmjUvuoBT7vi1HaXySLS1spe0ji6vZ6heD2tMqOmBNahRjd-LyGy9qhQmpL-q2joSIIkGjzQfSkVVQ-hSCoT_NqZ_Bkb-LGBAfxTW9XuKNiZo4VClnC-HkjfoyD01E6aub930VoJXFiwsq5jl-i6yHv6CYJxlQmJX4bCuwXvN_WkRU7se-y9uJXG6H6tQews0Q-RvbbY1BxkUpibUxnv8e5af_DA9JZFzkyrAohxBZM4Ub0K4Mo5vmQeIga3-Nome9F8RlG4aeex5x4WdPPu6u9rzb926YjYi88705fXKApDz8kdO7UhA53lkrbOWi7-xFMbsJUlUZYm3jpoRN0MWaJgPVvUDH-KlrI00ESQRkbvUmXKTngeGlPZT0U6dAWwC5lwEh7_ye3sw0O2ptxRzYSwx6wDmKEygRBao-Krk
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:34 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2 204 l
www.google.com/ads/measurement/ Frame C0E9 0
0 45ms
42ms Image
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTqn9WQWrK44SsjKamxA7PUQxYfjuhbVFdA58Z0K5kxbbg9KkywsXmTu9PmBzGelnGInV0QIhee6HUs9mq2YHZnuWOp8g
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C0E9 24 KB
6 KB 43ms
40ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98695
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C0E9 203 KB
64 KB 46ms
43ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 03:47:34 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame C0E9 68 B
244 B 59ms
57ms Image
image/png 16.171.99.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfdm88p4&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi44LWFkIn19&cb=9373704&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.171.99.149 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-171-99-149.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:34 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ym.1.js Show response
static.yieldmo.com/ Frame B7F3 471 KB
123 KB 37ms
36ms Script
application/javascript 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.1.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NbkkeiEKbyQy0u3FDjr4KUZdjNHSllZV
content-encoding: br
via: 1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 11:27:45 GMT
x-amz-cf-pop: FRA60-P5
age: 70706
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: wTtLBy4EDg7_nZe_iM1Jbp9YVNAcYQukvpsiAAJ01BHIPUvwYGrRKg==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B7F3 3 KB
1 KB 30ms
29ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 55B9 1 KB
678 B 30ms
30ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 22241
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Fri, 17 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B7F3 20 KB
8 KB 43ms
43ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 21:33:06 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame B7F3 43 B
494 B 55ms
54ms Image
image/gif 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3408583802197580232&pvt=1700192853434&plid=2521236318193655889&imp=7709869598571366859&rep_meta=67blbcalxOfIkrIcYn3ui5iXE_eM_bvtoAVBPm1CC-Qll7C74WaTRrQg7R8SeiDI70ZB6qnxG3Jnb47tvcYc6HIWBwvnWqtmFZyO2eDzE7pmBhx4oVWo0cE8zSbhsWSBBKHT-1lF3PxBa2dlshyOz-qwTck49YjEdOiHe2-9_0vkvf3ubY0AJ6xIR7-t8d8hd-GUmchtzozungQhHROyA6UCjmYNsPoq9qZEkw-uSFC9NVXmaV2um8-pc5wkfohF3mLBHvPQvQ5uJxjTZNfMOZccOS7xHK9ok1vHSLbx1GasZ3C8nvWG5XY_DZUrnXW6wKLev7r1Q6OBIBfwq59M3fC2GtjopYJf8mewu7CNou36oumj-wBYmGuRW6KFCUy1DWTMJHl04T7mU6bKwc4IOoPBBr1p1PqjEI9iRuuSEFs
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:34 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2 204 l
www.google.com/ads/measurement/ Frame B7F3 0
0 41ms
40ms Image
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ3obZexP5WHdI5A7sOLoalRfE7h9YFPTIwRWHJT5nAaHG3G5awi_Fy7sxghAyM3gq9PD011vaQ06O3WIoR8UGS1Wv2XQ
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B7F3 24 KB
6 KB 39ms
38ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98695
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B7F3 203 KB
64 KB 52ms
52ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 03:47:34 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame B7F3 68 B
244 B 55ms
55ms Image
image/png 16.171.99.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfdm88s0&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi4yLWFkIn19&cb=4225259&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.171.99.149 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-171-99-149.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:34 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ym.1.js Show response
static.yieldmo.com/ Frame 1C0D 471 KB
123 KB 38ms
38ms Script
application/javascript 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.1.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NbkkeiEKbyQy0u3FDjr4KUZdjNHSllZV
content-encoding: br
via: 1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 11:27:45 GMT
x-amz-cf-pop: FRA60-P5
age: 70707
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: iRBtk5nT225fspuiNE_-8RtQOLZgTqIzXvJifeeZLm8grNmMiSlD6A==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1C0D 3 KB
1 KB 37ms
36ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B65C 1 KB
683 B 34ms
33ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 22242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Fri, 17 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1C0D 20 KB
8 KB 46ms
46ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 21:33:06 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame 1C0D 43 B
494 B 59ms
56ms Image
image/gif 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3408583802189188676&pvt=1700192853433&plid=2521236318193655889&imp=3207282136591825304&rep_meta=8vWBwGAh266yw2M536u2KGa-MVQErRT-TJfImKZSejOqZ2frvEShz6BXN1Pn0q2wbtpw2PjkJmYzFNRZ26qfnmHpN1AbUyQWjVzuTEWEN1Svr86bZsntGcLrQimYBpOvCQkcVV6-eDGWU_b9qF6d8Zq_GSxuSoyDnvq3I3EdHbr51-_qDAiT8CgBz3QqrhRnYyDtEp47X7ASrek__QaclSfZAOdzhac00dd27ZmJvUPgk-5B0k3TjEdYVYDdQfpSllRGRfxIdqu1Jf755yUHlik3u7qZRn2NGXytP8uLAbl8m9_7oK2utpwrw4hXTAMzzq7Y0goLfWoRpuTx9m9Q3UnOZvc1ikBnGjgeL_3OZvl-8Z3yJ-Ply3n3ti5BfyEwalvo9_RwhG8-hCTkVMZYdjd0H-ytBNBCOMpEaR_ASew
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:35 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1C0D 0
0 41ms
39ms Image
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRrMha7n0PpJmNie-Xw-yqXeQ7A_tV6Ek8FNkKHOMoaHh5roKofxoB5Fh1dqBOY0ed816N3K72mw_w9DuZoGG1HSGXJgA
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1C0D 24 KB
6 KB 40ms
38ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98696
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C0D 203 KB
64 KB 44ms
42ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 03:47:35 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 1C0D 68 B
244 B 59ms
57ms Image
image/png 16.171.99.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfdm88us&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi43LWFkIn19&cb=9935672&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.171.99.149 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-171-99-149.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:35 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ym.1.js Show response
static.yieldmo.com/ Frame C9CC 471 KB
123 KB 36ms
35ms Script
application/javascript 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.1.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NbkkeiEKbyQy0u3FDjr4KUZdjNHSllZV
content-encoding: br
via: 1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 11:27:45 GMT
x-amz-cf-pop: FRA60-P5
age: 70707
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: 6-mUtiy3oYd85wv90seuVJtkrvtzGy7CY9_6Go7v_hHNk034wP01jQ==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C9CC 3 KB
1 KB 33ms
33ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5EE3 1 KB
678 B 32ms
31ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 22242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Fri, 17 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C9CC 20 KB
8 KB 40ms
39ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 21:33:06 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame C9CC 43 B
494 B 52ms
51ms Image
image/gif 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3408583802164025787&pvt=1700192853430&plid=2521236318193655889&imp=939725856112663568&rep_meta=67blbcalxOfIkrIcYn3ui5iXE_eM_bvtoAVBPm1CC-Qll7C74WaTRrQg7R8SeiDI70ZB6qnxG3Jnb47tvcYc6HIWBwvnWqtmFZyO2eDzE7pmBhx4oVWo0cE8zSbhsWSBBKHT-1lF3PxBa2dlshyOz-qwTck49YjEdOiHe2-9_0vkvf3ubY0AJ6xIR7-t8d8h5OIYvkJpcNRc2sC28xxZdqNItjapwpVtWZCBpFObbS8FKQrM_vpQ6dFSVRxMOvD5AwrZOojqiktJA-FcehtSEk4fERJu4WkHIccFWh2d2RxfIxvKrNbbGUZeng9Evqke6HCUXtDALqGlMKY3upYxGnfyTn5KlDd2h72HIVUBRw3fcEpfHJEYbh0Nsu2scp-LchkX-6mQR6uiQ35CGXZZq4AlpbdPOsi78YPFaISJ75E
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:35 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2 204 l
www.google.com/ads/measurement/ Frame C9CC 0
0 38ms
37ms Image
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5EaKJKIBqZOQDxA3-uhQjQ8PZYmDlr0zW8xwORJkFeFNfciSPuaaZ5Qv5Tl4bE5xH_my2PYi0Voie1ZNJrrtzRTk8dg
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C9CC 24 KB
6 KB 35ms
34ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98696
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C9CC 203 KB
64 KB 40ms
39ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 03:47:35 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame C9CC 68 B
244 B 53ms
53ms Image
image/png 16.171.99.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfdm891n&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi42LWFkIn19&cb=5621974&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.171.99.149 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-171-99-149.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:35 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ym.1.js Show response
static.yieldmo.com/ Frame 977F 471 KB
123 KB 36ms
35ms Script
application/javascript 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.1.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NbkkeiEKbyQy0u3FDjr4KUZdjNHSllZV
content-encoding: br
via: 1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 11:27:45 GMT
x-amz-cf-pop: FRA60-P5
age: 70707
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: dvuOHxjBuGwYA1DWOJUKFrELkPilkrD_UKBfMMCTqeSuNqmF_XZX2Q==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 977F 3 KB
1 KB 30ms
30ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FF02 1 KB
678 B 30ms
30ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 22242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Fri, 17 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 977F 20 KB
8 KB 37ms
37ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 21:33:06 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame 977F 43 B
494 B 54ms
53ms Image
image/gif 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3408583802247911891&pvt=1700192853440&plid=2521236318193655889&imp=3313924244940459937&rep_meta=67blbcalxOfIkrIcYn3ui5iXE_eM_bvtoAVBPm1CC-Qll7C74WaTRrQg7R8SeiDI70ZB6qnxG3Jnb47tvcYc6HIWBwvnWqtmFZyO2eDzE7pmBhx4oVWo0cE8zSbhsWSBBKHT-1lF3PxBa2dlshyOz-qwTck49YjEdOiHe2-9_0vkvf3ubY0AJ6xIR7-t8d8hd-GUmchtzozungQhHROyA6UCjmYNsPoq9qZEkw-uSFC9NVXmaV2um8-pc5wkfohF3mLBHvPQvQ5uJxjTZNfMOZccOS7xHK9ok1vHSLbx1GasZ3C8nvWG5XY_DZUrnXW6wKLev7r1Q6OBIBfwq59M3fC2GtjopYJf8mewu7CNou36oumj-wBYmGuRW6KFCUy1DWTMJHl04T7mU6bKwc4IOoPBBr1p1PqjEI9iRuuSEFs
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:35 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2 204 l
www.google.com/ads/measurement/ Frame 977F 0
0 40ms
39ms Image
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSxWJXzKOBiJ5bUn3ISFrnBObYQ-5DROK2oh8cKm5OS7unB8IZ6pcSFNrPKTE9Yukrsrtu86e79fMI4AW9QDJfyMFQO5A
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 977F 24 KB
6 KB 36ms
35ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98696
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 977F 203 KB
64 KB 44ms
44ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 03:47:35 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 977F 68 B
244 B 55ms
55ms Image
image/png 16.171.99.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfdm894j&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi4zLWFkIn19&cb=7591149&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.171.99.149 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-171-99-149.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:35 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 4077 435 B
553 B 43ms
43ms Fetch
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=folkd.com&sn=ChromeSyncframe&so=0&topUrl=folkd.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=folkd.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e669f7cff0bd3fa4ec0bfa951287c6ece86f5ed68992ed6c85bdd03f14a786f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=folkd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:34 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1342250
expires: 0

GET
H2 200 ym.0.js Show response
static.yieldmo.com/ Frame 7D09 471 KB
123 KB 45ms
44ms Script
application/javascript 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.0.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Xck034tCEhxPRJeQDbLy1jkP4sAxLMlx
content-encoding: br
via: 1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 08:23:23 GMT
x-amz-cf-pop: FRA60-P5
age: 69853
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: 8rQ_L5Iq0vy1ORV_9M0k2foh5lB8rObmrfJ4ESFzYjjgAbxzLS1wvA==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7D09 3 KB
1 KB 43ms
43ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9924 1 KB
678 B 37ms
37ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 22242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Fri, 17 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7D09 20 KB
8 KB 38ms
38ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 21:33:06 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame 7D09 43 B
494 B 54ms
53ms Image
image/gif 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3408583802256311078&pvt=1700192853441&plid=2521236318193655889&imp=5149024010350374005&rep_meta=QOSSttprBvD16yQ9euyC2Vf81QW3rW6aNMucKMTr5Q2hLwHdrvCZr5_omvuQ8LOd3_SWrt_7I5o9Q4P3tnPowPTmykjXqtSbzYPANt5alq9YdUabpWayGbwpvRGmjaVBeP1Go8zAcirLkFFxkrzZ06IhBwSZgpwr7gbVNJHc1SLxnxYqf940YgL6mG03Q_Cph6psfURyQddEN8DpG9ntiJHQ0BhfByUHN9DM1RYainsQny4jWnR4-JqORhcPchOZ67NsTDh-bHuLjqT_e2rx8aPY4UHjEm5YSMkHlUbNJIEhcybP0wKsSNeWXdmHIBjbo7E-3Tx0P_BuJ11S_8eb7vIas8vKkaS_gIliO4KXa_2F2PcQCs-q6CdWrtmI6u67I-vpt9wo57Ga2LhBvyvsVPidQdL9VQdD99AVPTwXuGA
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:35 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7D09 0
0 39ms
38ms Image
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRVBaYdVRAspPWN0ljpAzIj_dEqb8aHvBAy47pPHR8NCsGEOk0-jiw8T77UoLWMcKPjyDpUk6JH70lymZ1L_kMZgIgXTg
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7D09 24 KB
6 KB 41ms
40ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98696
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7D09 203 KB
64 KB 41ms
40ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 03:47:35 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 7D09 68 B
244 B 53ms
52ms Image
image/png 16.171.99.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfdm897h&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi4xMC1hZCJ9fQ%3D%3D&cb=1452270&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.171.99.149 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-171-99-149.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:35 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ym.1.js Show response
static.yieldmo.com/ Frame 46D0 471 KB
123 KB 36ms
36ms Script
application/javascript 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.1.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NbkkeiEKbyQy0u3FDjr4KUZdjNHSllZV
content-encoding: br
via: 1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 11:27:45 GMT
x-amz-cf-pop: FRA60-P5
age: 70707
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: 0QU7IyDWl50tfCgc26CVxS2H1zf3kl0D9z9vkxdJEl8jWWwT6wQxNA==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 46D0 3 KB
1 KB 31ms
31ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8628 1 KB
678 B 33ms
33ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 22242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Fri, 17 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 46D0 20 KB
8 KB 38ms
37ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 21:33:06 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame 46D0 43 B
494 B 64ms
62ms Image
image/gif 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3408583802147259143&pvt=1700192853428&plid=2521236318193655889&imp=3677528976057663591&rep_meta=QOSSttprBvD16yQ9euyC2Vf81QW3rW6aNMucKMTr5Q2hLwHdrvCZr5_omvuQ8LOd3_SWrt_7I5o9Q4P3tnPowPTmykjXqtSbzYPANt5alq9YdUabpWayGbwpvRGmjaVBeP1Go8zAcirLkFFxkrzZ06IhBwSZgpwr7gbVNJHc1SLxnxYqf940YgL6mG03Q_Cph6psfURyQddEN8DpG9ntiJHQ0BhfByUHN9DM1RYainsQny4jWnR4-JqORhcPchOZ67NsTDh-bHuLjqT_e2rx8aPY4UHjEm5YSMkHlUbNJIEhcybP0wKsSNeWXdmHIBjbo7E-3Tx0P_BuJ11S_8eb7vIas8vKkaS_gIliO4KXa_2F2PcQCs-q6CdWrtmI6u67I-vpt9wo57Ga2LhBvyvsVPidQdL9VQdD99AVPTwXuGA
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:35 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2 204 l
www.google.com/ads/measurement/ Frame 46D0 0
0 45ms
43ms Image
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSSX4S91ADD8Vh9dUHrp2y7p-vz51SvCuzm2whkh-9AYuJSq11sK6bIO8QOn17dbeOGfwVXfQ0LizDKQhcTONiWxAWPpg
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 46D0 24 KB
6 KB 42ms
41ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98696
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 46D0 203 KB
64 KB 48ms
47ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 03:47:35 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 46D0 68 B
244 B 61ms
60ms Image
image/png 16.171.99.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfdm89b0&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi45LWFkIn19&cb=2309255&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.171.99.149 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-171-99-149.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:35 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 04A2 0
0 79ms
79ms Fetch
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBMF8VeJWZaz0Fd3HjuwP1Kq3wA6H9JKQXOjrpun1BMCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi0zOTQ0OTU0ODYyMzE2MjgzyAEJ4AIAqAMByAMCqgTlAU_QL0FQCoHqveGsq8T9-PFzBecG9JQwi4fWczMghhTFn7e-_w-XUuGFTJ-l5RqoNpJxPFWVspDSckq8A11zqI5fIBvAmw4qTs1sE-5uDAIePjQNjJEkM-TFL-vY8cwLDfimArCTzdOL1xVZS1eYnaWxOajuQ6aDvos3NbMgVPsoQ_SX1lFEygq798df0-OjH1z04MqCjxAp_W4ZdvqutZRmxxvak0E-fynT2x3D2Za2kSRctfW0Nw-iia0h_FbjJphMwNWbLFp2ZTy_Cd0bzeyTGHAWfDQ1_Wrl3jWJ1Muwz0Qx0SjgBAGABuuIsM_oxNmyKKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBsIgGEQATICigI6AoBASL39wTpYnLrK-I_KggOACgP6CwIIAYAMAeINEwiX8sr4j8qCAxXdo4MHHVTVDejQFQGAFwGyFxwKGhIUcHViLTM5NDQ5NTQ4NjIzMTYyODMYmNsQ&sigh=LwbucMvKoxs&uach_m=[UACH]&cid=CAQSOwDICaaNJJnO5tTI0-GCMKodpgCHiJGFBV5r9zQlFXQVr97q3ZKKRb-E04qBL1qg42YonYE1tPZp2rQXGAE&tpd=AGWhJmsS753QPCYiTnMV4UrveC6nnt9pqUep7pg6YAxjAUjc9PqBdT_TBSp8xLLFmNaizFQyAGmL2K3grtAYpiAM76bGV2YWHZ1sMbdUj_yHtejIqKwbV3oUl-6Hwo-g9PS7fwbhu9M43LiP5bJLPFi871KER154wus_-H0qr-l2ptnWmYFnLH81jOOCBp_bKAm3PC1ErIRY5dW90KNjuDfs1qwWwjCPYhujH5Ahh_8HWa26DubNPKSvBILx88J-fteRHo2T6xOcykcHggilQGv6bMF1JFJ_kMgJQ71Rl_ne81uObBXaua4O2gW1Peajx1zb0CbcGDl2Eq7ideS21uQ7aNv8Fwca0Jh5_vcyBNpArZEqIoeR45au3p2p0T3mhoez4RyHlKNsYhgypm_wKIaXzzqDIf0ZbZkn91ANHJfT4-qgVo6WhzxCHEuh7TA1cXe8N30wb2kdoIRWRbDw70mYmuAEyHP5CwgZe_JHJ5B3wwCRgM-ZSvU-U8Ktgnkb2L4B0cXvQG-SSY2tMiLKgzjRfnQ8_xlpvP_eIMUGWdJpUmWmWLJ2PcycwuGLkNRFX6p4Ka46AN2PkvdIjsuHU9WZzCWKt6BAfU2wUYpyu7M8De4z5rtPXIsKB-MaOB_DS8mlmT_f-4RsNNjjytOxsvYVqSM8wd-hDrC93jAcEfWHtRe3MiYHIOkaT08dBebCvT42E9ADy70bSE5LMaKH9sZwo1p9tOT6LG8gtPmXC9Uu25Vg0jThXO5OMLaghB3omLZDdIwq18B7T2I5uIGyYTfy3tcV-5DEVZi2JmLFdbLHr3dCm-XrPk1pxN0
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ym.1.js Show response
static.yieldmo.com/ Frame 04A2 471 KB
123 KB 35ms
34ms Script
application/javascript 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/ym.1.js
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NbkkeiEKbyQy0u3FDjr4KUZdjNHSllZV
content-encoding: br
via: 1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 11:27:45 GMT
x-amz-cf-pop: FRA60-P5
age: 70707
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 31 Oct 2023 14:12:13 GMT
server: AmazonS3
etag: W/"85b25619738a6e04dd868ea9b98ac8e4"
vary: Accept-Encoding, Origin
content-type: application/javascript
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: 9u_oeg5LyrcVex-ZhsS8eXQFJxiBqVsRX3WAAkzWBMlSBAoz0PnTOA==

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 04A2 3 KB
1 KB 29ms
29ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1DB8 1 KB
678 B 28ms
28ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 22242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Fri, 17 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 04A2 20 KB
8 KB 39ms
39ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 21:33:06 GMT

GET
H2 200 ev
ads.yieldmo.com/v000/t_tkr/ Frame 04A2 43 B
494 B 60ms
58ms Image
image/gif 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=hi&pvid=3408583802122082733&pvt=1700192853425&plid=2521236318193655889&imp=824321474508510258&rep_meta=67blbcalxOfIkrIcYn3ui5iXE_eM_bvtoAVBPm1CC-Qll7C74WaTRrQg7R8SeiDI70ZB6qnxG3Jnb47tvcYc6HIWBwvnWqtmFZyO2eDzE7o4aUfTr5Mu71sBQ_yo1FCE0mLCZsm7hSITCHRzFMMm56wYGr-b8RenbOaulUkNZIPyQOTnqt4xhQc36ljqITR0m5Ek_2sduZB2oq8Rz8r_tPMMaefClH9iHi35mPAhsSK48xp3z8mC_4FfxGjwJRzeycErhmw_YieYePhiwPwUA5Dt-UDpZfZsIK_dgpeyTU_wxcZI2cyp5da1wvlPf5VBmMu01W8zL3vAbXx9JL3T_egA-h-2fIwegrRzYjsxceI-G2lTFKOOiXWq-8wzDDZuxMThKSlFnj-FS5l5LdHxw7Xd5pr9qclZs0i-ZFYO49A
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:35 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 04A2 24 KB
6 KB 60ms
59ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 00:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98696
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 15 Nov 2024 00:22:39 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 04A2 203 KB
64 KB 215ms
214ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 03:47:35 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame 04A2 68 B
244 B 58ms
58ms Image
image/png 16.171.99.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzQ4OTUwNjYzMDE6NzI4eDkw&v=5&s=v31hfdm89e6&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERJLkEiLCJ5IjoxMjE3NTksImNvIjo0ODk1MDY2MzAxLCJzIjoibW10LTUzMjdjOTQzLTE5OTItNGQ2YS1hNmQ4LTliNzYyMmQ4OWRhYi41LWFkIn19&cb=2149367&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6UTRPVFV3TmpZek1ERTZOekk0ZURrdyIsIndkIjp7ImNvIjo0ODk1MDY2MzAxLCJ3IjoiNzI4IiwiaCI6IjkwIn0sIndyIjo2fQ==
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.171.99.149 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-171-99-149.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:35 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/8691580890862885191/ Frame EAFB 4 KB
2 KB 772ms
58ms Document
text/html 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8691580890862885191/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

7615afa84e6fe352f67c3483cd2ea59949d4272d239b2fc73bbb2cacd285e318

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 305731
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1638
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 14:52:05 GMT
expires: Tue, 12 Nov 2024 14:52:05 GMT
last-modified: Wed, 11 Oct 2023 07:44:35 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 19D9 0
0 166ms
77ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst4cT9YZCoi20i3CveJedb5x-mEGqKFK4KaANmIC4nPMt1vV5-mu_GOnGOy1YWHqFsF8fG5pExB_ejQ9xYjSEegzAsCXFZTrI6Yv_CtED-yvu9Lu5yXyN89_dkU3txMrf3oCSlD1TxPeyzAIozkxDEpAwK9FmTQjCVVSxJ4klTbU0Cid1zwqcBHQIq6aTJ4rszH_7MUY1iKPRerhiLblcJ5LlRIRsH-cPBSUPj_G1tplPjRscIeBYIFoDea83sNFYYq3qeNRJKCxuGf3p3Y_2CfemMkJgWUlJ6bQITzgjis519U0yVgOKNU_bSIj9eOmkt4CPno45-vPOJPrEALDLMT6QNCUo6JUDhQrEEvyazIWy-Cd2kT-thqcCmNLo7r72wwH42EQFlyo8-9N7nJudjLRZZ8eSouh45lY5m9vbqqusxIWRgNERhBiqCaFCL5C-XbMNqMSZKTPlLMqFi9Pkx8jkY79Ov-GIfN-v-wWMO31aSVtLD7FR-fFvQchvoEol5lb3IgcNZt27ez5pmN2MKEgsfUHfluUrBiyUwVZP8B6EZoHvX3ojh161sqcBIEbo1053Mhz39-8CtsfmjUeocxbievpEEESpBsvQpWe2GbOUAsbtKmYHUFXbrHh2O2nY2Jy7sYYIoP7di9ZlOiUJU5JKc2q9uM0gTOk0sNrhRId3gbwiGvi_F3XhGTqMN-a-c0LMKyUBAk4_3i1EKDA22yrAockMV9FipdXSqZ1k8tXSNNZ2AVbDqSlrdPdZ87KOlMFvB1OqPtwyUFgMwGRiyL4fcczRRCSjGD-erwryJqvcwMynWDMLogvLr3W3vfYudB9jzwmV6JG-AAL5N1veD55WKEbtlDjocWBRPGByxv6O6sFeqOI6oiH4TqfWjBNWS5NVdeyVYotVzVnFp2mrOqW4dYgMNuI5fMlCKEqIWFSOnK4o8L0Vj0MdRoxtCav0BrxMrhIRvm-UCUIE1vTF_ompXZ8nXUxQIYLTen35Bi2FBY2P2WL7nxfE28qg57ZwyzIbECHaF0N-jV6LYk0LVQyoGVYbTvW1iCU5zURxYaKXJ4ufdUffvkSuzJYv_VdoiTu69px2IRhxryE7Czp1uf7zS7J6DUmN4NH6ugiEgXQ1P-rZuxJoSC4-o3rR6wET7zVGt_fgoQZ1nTiVnuWKEz49BCOBt0M7eGYWw-PIsq95j-l4q5plxUrxTuHjGzJ2ZIXI5BtzOlDJLMG5zl8_vhLucPV72dvvQbKq6Wap58X9_0phyK2_0Z9CS2zJp9iaNGE49fpl5VI0xjEWbWS0akpJFLCyyijyL6g8GbjFp_vivDuT1p&sai=AMfl-YQe6MDSinn1pj0wJd_V-Kl_lzmFQw-AhD5IZPwcScAi_8M0HrTDJ0wGs4dLo1TvE9YQdXacyCLEia6QchVvFPWg6fBgk1Bbl8a5LGmZ39UxsssfbGfnUvPV-YnV5lUCg2lsdJcoQsf_YC8lQUDr5i1K3NzRWht60BzPBB_I3oRdI_zkmluM3hwXVPT_qrjLPFIaudrqMmk4gl5XO1zQSFYamhoWZ91IeLfqHGaZj3WAwDL3jt1QoZVJallUs8G5Y3zJ1aR2zMVtT8nyJd3Tm0YkiV9wXNMqd92fbGVLZpvhGTITe2k8dHPx3sAl-3DIUWllDlGjnm6n8lLwB0GPs1LqqNkEB2CxiVTarJcMjmEmCxmazxn8n3wq_5ReDYuUv_nf0pnSVwmBH-_YHb1648ewNoryddbz1Z0fdiwKtJgRbCgUPYUemg-h-IFUP626_17-xAojRyXicFAFWRSqP4TztX5MKpYqnGARLcD-VdsdjCkc9dsqPAYFhDHcoQ&sig=Cg0ArKJSzBWF3DIFVDV-EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1894&cbvp=1&cstd=1891&cisv=r20231109.94093&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 03:47:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

src=8050383;dc_pre=CNqO3PmPyoIDFSVMHgIdPGgOXg;type=advie0;cat=advie0;u42=377464435;u43=569126766;u44=201452149;u45=30748521;u46=4047736;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=...
adservice.google.com/ddm/fls/z/ Frame 19D9
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8050383;type=advie0;cat=advie0;u42=377464435;u43=569126766;u44=201452149;u45=30748521;u46=4047736;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua...
https://ad.doubleclick.net/ddm/activity/src=8050383;dc_pre=CNqO3PmPyoIDFSVMHgIdPGgOXg;type=advie0;cat=advie0;u42=377464435;u43=569126766;u44=201452149;u45=30748521;u46=4047736;dc_lat=;dc_rdid=;tag_...
https://adservice.google.com/ddm/fls/z/src=8050383;dc_pre=CNqO3PmPyoIDFSVMHgIdPGgOXg;type=advie0;cat=advie0;u42=377464435;u43=569126766;u44=201452149;u45=30748521;u46=4047736;dc_lat=;dc_rdid=;tag_f...

42 B
402 B

505ms
90ms

Image
image/gif

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8050383;dc_pre=CNqO3PmPyoIDFSVMHgIdPGgOXg;type=advie0;cat=advie0;u42=377464435;u43=569126766;u44=201452149;u45=30748521;u46=4047736;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=8050383;dc_pre=CNqO3PmPyoIDFSVMHgIdPGgOXg;type=advie0;cat=advie0;u42=377464435;u43=569126766;u44=201452149;u45=30748521;u46=4047736;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AE16 611 B
311 B 44ms
43ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COemXhDLuHEYmYem-QEwAQ&v=APEucNVoikakHttllDcsDdQSpuNbDM4FgyLJhqZ5ap10Sq0DI1EaRG8BAf3e9gO_vgOWy8OfzntBinb-d9xBm-BsyuE9Xer7Tg

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 243
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 03:47:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame BAA2 111 KB
39 KB 30ms
29ms Script
text/javascript 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 06:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76644
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 06:30:11 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame BAA2 7 KB
3 KB 31ms
30ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 16:55:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39097
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 16:55:58 GMT

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame BAA2 23 KB
9 KB 39ms
39ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42604
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 15:57:31 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame BAA2 41 KB
14 KB 29ms
28ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 14:44:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame BAA2 3 KB
1 KB 32ms
32ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 14:44:43 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AA4F 1 KB
678 B 36ms
35ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 22242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Fri, 17 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame BAA2 20 KB
8 KB 41ms
41ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:33:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22469
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 21:33:06 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BAA2 42 B
108 B 73ms
71ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AIwseREXV8e6hcly1xrxQT93lXFZ_gy_6EkQtUROMbxKIJiWiOvy6TOHrvv6ZDhNeR9XzL0jPme9nMldgxiq6XCKDm1IPSmqyJ5agv5ZvF0hzP4Ms

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BAA2 0
0 42ms
41ms Image
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRdtR0ZmbXMrAxCGqKOekaZBXgu5OANHZeODBNOrANflA4Pv6bLjTi7VGHFOzvz_EJsYYGji4FgYBI__5CORwkTP78dAQ
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BAA2 203 KB
64 KB 43ms
42ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65395
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700052045412510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 03:47:35 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame BAA2 68 B
244 B 53ms
52ms Image
image/png 16.171.99.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MzAweDYwMA==&v=5&s=v31hfdm89nd&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2L0pZTTAxTS9KWU0wMU0tRERTLkIiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTI4ZjgxOTY4LTc2MzctNGU1OS1iMjc2LTY0ZmU4NTI1YzFkYy1hZCJ9fQ%3D%3D&cb=5004592&h=folkd.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNekF3ZURZd01BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMzAwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.171.99.149 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-171-99-149.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:35 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 76D5 35 B
464 B 453ms
63ms Image
image/gif 91.228.74.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEElULNDrKtz_L_lM2CuBlvI&google_cver=1&google_push=AXcoOmT5pLIRr8mFqcPRV1sQRItt-wRNKKYMaXcBxowXEz8tYPl6jnC3cnh9E0ZLVcEUeJCzGf8t2ch7qA_JHXcv50ZpO7r0kuZj_A

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.200 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 76D5
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEII8y_X_5Fej2qD347bdoyQ&google_cver=1&google_push=AXcoOmSrAj5lVX6BRg2CGjGfKtJwkQ2X5aVHcVssRYvcnZPogFZLrN4...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=7355b6b0f8a1848&is_secure=true&networkId=14000&version=1&google_gid=CAESEII8y_X_5Fej2qD347bdoyQ&google_cver=1&google_push=AXcoOmSrAj5lV...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIY6Qykz9GoQNE9JLmAAAAAAA&expiration=1700279256&google_cver=1&is_secure=true&google_gid=CAESEII8y_X_5Fej2qD347bdo...

170 B
188 B

43ms
43ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIY6Qykz9GoQNE9JLmAAAAAAA&expiration=1700279256&google_cver=1&is_secure=true&google_gid=CAESEII8y_X_5Fej2qD347bdoyQ&google_push=AXcoOmSrAj5lVX6BRg2CGjGfKtJwkQ2X5aVHcVssRYvcnZPogFZLrN4-AIUnjz-tV2riaUYpt-lLojlMqF1NWqgCTifNwsS56gpO

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIY6Qykz9GoQNE9JLmAAAAAAA&expiration=1700279256&google_cver=1&is_secure=true&google_gid=CAESEII8y_X_5Fej2qD347bdoyQ&google_push=AXcoOmSrAj5lVX6BRg2CGjGfKtJwkQ2X5aVHcVssRYvcnZPogFZLrN4-AIUnjz-tV2riaUYpt-lLojlMqF1NWqgCTifNwsS56gpO
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 76D5
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEAPPH1DGnFlX5LPMX0IFI50&google_cver=1&google_push=AXcoOmTa1_pKa7-hvxy1RIHv-bvi0bUSCmV8_LDEsDrE43n0iO_XyUDZVal0stApoxh6sL2j3-KF-orz0rG27z-0-3wknDnnb_lPIw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=09C14A6836C34EC980F73ECBFA698BA8&google_push=AXcoOmTa1_pKa7-hvxy1RIHv-bvi0bUSCmV8_LDEsDrE43n0iO_XyUDZVal0stApoxh6sL2j3-KF-orz0rG27z-...

170 B
188 B

62ms
59ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=09C14A6836C34EC980F73ECBFA698BA8&google_push=AXcoOmTa1_pKa7-hvxy1RIHv-bvi0bUSCmV8_LDEsDrE43n0iO_XyUDZVal0stApoxh6sL2j3-KF-orz0rG27z-0-3wknDnnb_lPIw

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Nov 2023 03:47:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=09C14A6836C34EC980F73ECBFA698BA8&google_push=AXcoOmTa1_pKa7-hvxy1RIHv-bvi0bUSCmV8_LDEsDrE43n0iO_XyUDZVal0stApoxh6sL2j3-KF-orz0rG27z-0-3wknDnnb_lPIw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 16 Nov 2023 03:47:36 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 76D5
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEF7wlSf_Rzk9WZY7dAX5UYk&google_cver=1&google_push=AXcoOmSEuLP3Iw78Z-ed46zVM_aoYYGDvvbXQwCOWVmb6zq0Is6yMhvQxhHAjuOw_3Tnie1SgNNcYQZ6qyuHVfvD5WsCd7UYq...
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853308099231&us_privacy=1---

170 B
188 B

62ms
59ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853308099231&us_privacy=1---

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=853308099231&us_privacy=1---
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 76D5
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSjHN...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-F2MzbzHo4PDP4ik66ChkVhSSVnn0cxBjDGys2Q&google_push=AXcoOmSjHNDOwSPahWfEY6w1mlTezHBlrZD8jy3ImRxdROPTY1XI2-pDdvYTWBfXCZ95Q9jJOcJMfgJH0Rca...

170 B
188 B

65ms
62ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-F2MzbzHo4PDP4ik66ChkVhSSVnn0cxBjDGys2Q&google_push=AXcoOmSjHNDOwSPahWfEY6w1mlTezHBlrZD8jy3ImRxdROPTY1XI2-pDdvYTWBfXCZ95Q9jJOcJMfgJH0RcaH98nD-kpBOGQRzZv

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:35 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-F2MzbzHo4PDP4ik66ChkVhSSVnn0cxBjDGys2Q&google_push=AXcoOmSjHNDOwSPahWfEY6w1mlTezHBlrZD8jy3ImRxdROPTY1XI2-pDdvYTWBfXCZ95Q9jJOcJMfgJH0RcaH98nD-kpBOGQRzZv
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 789701
content-length: 0
expires: Fri, 17 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 76D5
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7eIFABbLQ0iHChHTL7lcJA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

43ms
42ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7eIFABbLQ0iHChHTL7lcJA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmS8IZ2E5fOZ0NtEMY-6t1_k_ED8qkIzY5EZbvr1SGGxMSj66thiU9ZJJQNzaGNPkbkourlvaYZnQAsQQPqRh2JCJQfe83UC

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7eIFABbLQ0iHChHTL7lcJA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmS8IZ2E5fOZ0NtEMY-6t1_k_ED8qkIzY5EZbvr1SGGxMSj66thiU9ZJJQNzaGNPkbkourlvaYZnQAsQQPqRh2JCJQfe83UC
date: Fri, 17 Nov 2023 03:47:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

report
sync.teads.tv/um/ Frame 76D5
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGn4mnRpXBoA...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MTFjNTVjNmUtYWU3NS00N2Q4LTk4N2ItM2RmMzdjYTM1MjUy&google_push=AXcoOmSte0G6GHpWND3na-jUu4K31wjQXUiOsPoDO2Ze9KfaSmsHlPSPZgC1uvwmamkq3...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
165 B

62ms
61ms

Image
image/gif

23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Fri, 17 Nov 2023 03:47:36 GMT
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 76D5 0
12 B 43ms
42ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ISXb3io17irTRrPOPfpni0LatgheWlqyhW3tInAKYyrdFbBFjas9M6L99inpOl2Cz7ypO0RA

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 5841 38 KB
13 KB 30ms
29ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 46970
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:44:45 GMT
expires: Fri, 15 Nov 2024 14:44:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
289 B 2153ms
2153ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://folkd.com
Date: Fri, 17 Nov 2023 03:47:38 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2

200

bounce
ib.adnxs.com/ Frame AE16
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEESb250TaWnpur2qUOJqnkQ&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEESb250TaWnpur2qUOJqnkQ%26google_cver%3D1

43 B
903 B

56ms
54ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEESb250TaWnpur2qUOJqnkQ%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COemXhDLuHEYmYem-QEwAQ&v=APEucNVoikakHttllDcsDdQSpuNbDM4FgyLJhqZ5ap10Sq0DI1EaRG8BAf3e9gO_vgOWy8OfzntBinb-d9xBm-BsyuE9Xer7Tg

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
an-x-request-uuid: c527993a-adf0-431f-8a88-de8d543c0ef8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.165.215.56; 31.165.215.56; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
an-x-request-uuid: f91d7d28-fbe3-4edf-b2e6-f1400a774018
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEESb250TaWnpur2qUOJqnkQ%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 31.165.215.56; 31.165.215.56; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AE16
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgxOTk1NzE3NzUwMDA4OTg0OA%3D%3D

170 B
188 B

125ms
125ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgxOTk1NzE3NzUwMDA4OTg0OA%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
an-x-request-uuid: 2ede7a52-d586-4a0a-9e6a-00d196d4258e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgxOTk1NzE3NzUwMDA4OTg0OA%3D%3D
x-proxy-origin: 31.165.215.56; 31.165.215.56; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame AE16
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOr6YTGWhcsdhz8gyU7i7D4&google_cver=1

43 B
61 B

48ms
48ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOr6YTGWhcsdhz8gyU7i7D4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COemXhDLuHEYmYem-QEwAQ&v=APEucNVoikakHttllDcsDdQSpuNbDM4FgyLJhqZ5ap10Sq0DI1EaRG8BAf3e9gO_vgOWy8OfzntBinb-d9xBm-BsyuE9Xer7Tg
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOr6YTGWhcsdhz8gyU7i7D4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AE16
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTU3MmVhNWItZTBkYi02MTQ0LTYwZjUtYmI5ZjAxM2MyNjgz

170 B
188 B

43ms
42ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTU3MmVhNWItZTBkYi02MTQ0LTYwZjUtYmI5ZjAxM2MyNjgz

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Nov 2023 03:47:36 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTU3MmVhNWItZTBkYi02MTQ0LTYwZjUtYmI5ZjAxM2MyNjgz
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

google_sync_status
x.bidswitch.net/ Frame 4073
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEmbmih9QO-e2AKnNSw35Ss&google_cver=1&google_push=AXcoOmSVhrFYcZ6axHINOBuEp_2PHADVlpaLo1rqP-Dd1edy5UT3AKqrrONrzTdfLVaIzxJnRkzr-M5Mhl2QkfXtwgnd...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEmbmih9QO-e2AKnNSw35Ss&google_cver=1&google_push=AXcoOmSVhrFYcZ6axHINOBuEp_2PHADVlpaLo1rqP-Dd1edy5UT3AKqrrONrzTdfLVaIzxJnRkzr-M5Mhl2Qkf...
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=52827b17-f6f5-467b-b1e6-f576ede294f0&gdpr=&gdpr_consent=
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=52827b17-f6f5-467b-b1e6-f576ede294f0&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=4&user_id=5c82f8d4-7312-4720-85a8-28a92128cd5c&ssp=google&expires=30&user_group=5&bsw_param=52827b17-f6f5-467b-b1e6-f576ede294f0
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=UoJ7F_b1Rnux5vV27eKU8A==
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEEmbmih9QO-e2AKnNSw35Ss&google_cver=1

43 B
146 B

42ms
41ms

Image
image/gif

35.158.83.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEEmbmih9QO-e2AKnNSw35Ss&google_cver=1
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 35.158.83.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-83-137.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEEmbmih9QO-e2AKnNSw35Ss&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4073
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECc9TIn8f2JYt7eMj4TE1-s&google_cver=1&google_push=AXcoOmRioujSG7qkgpSU5jNoB-cY1ebGSP-BqSztMNUEmE7OUDAKGJKJ_Btz0fyGUaii8IMBprjtWNcqDckq7PaWGZnnQ2i...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRioujSG7qkgpSU5jNoB-cY1ebGSP-BqSztMNUEmE7OUDAKGJKJ_Btz0fyGUaii8IMBprjtWNcqDckq7PaWGZnnQ2iKqRC_&google_hm=eS1pOEJfUnRwRTJwRlowMm...

170 B
188 B

46ms
46ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRioujSG7qkgpSU5jNoB-cY1ebGSP-BqSztMNUEmE7OUDAKGJKJ_Btz0fyGUaii8IMBprjtWNcqDckq7PaWGZnnQ2iKqRC_&google_hm=eS1pOEJfUnRwRTJwRlowMmV6NEUwWGNBSlNiWkFvM01sT35B

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Nov 2023 03:47:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRioujSG7qkgpSU5jNoB-cY1ebGSP-BqSztMNUEmE7OUDAKGJKJ_Btz0fyGUaii8IMBprjtWNcqDckq7PaWGZnnQ2iKqRC_&google_hm=eS1pOEJfUnRwRTJwRlowMmV6NEUwWGNBSlNiWkFvM01sT35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4073
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmSgm9qziMUC-jr8NhGkr6ck1nluy3hTi...

170 B
188 B

61ms
61ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmSgm9qziMUC-jr8NhGkr6ck1nluy3hTicj5FYS-kSPA_Q6DyHhZE5Yn6kNwYHGyOCOXzEMBkLs6DMwYAugw9COENLYzwuod

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wa5j4hCd5HhYKeJfjnuydS8iCW0Pyxxb2GSzurJlMvQ29P7X2hRsXaXTxRdUfly4ZmMogcgb9hvbcNYIbdF6fr%2FTySl13n7w%2BXqZvvkBraBaborndlZL2lYF3rvM4ZDOA%2FCc%2BuCoykZbIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmSgm9qziMUC-jr8NhGkr6ck1nluy3hTicj5FYS-kSPA_Q6DyHhZE5Yn6kNwYHGyOCOXzEMBkLs6DMwYAugw9COENLYzwuod
cache-control: no-cache
cf-ray: 8274fe45d9760219-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET

pixelmatch
ap.lijit.com/dsp/google/ Frame 4073
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmTgUl1SaVcQ8cwmUg18k82UJfLATj08biNucK0MmDxNNIYOPRnPa6_qBVoHIF_0vNjJZ2pu43oyl5SYhNZdz...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmTgUl1SaVcQ8cwmUg18k82UJfLATj08biNucK0MmDxNNIYOPRnPa6_qBVoHIF_0vNjJZ2pu43oyl5SYhNZdz...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4073
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmRIBi74iFMAuYTpczZSy3OS1nvjO1TMk_S7KiJhdmk4B385O8XZ9eUw6rfMPH_E-ZI47dX1vl_Mg0ItBTIJ9RAVzIwJ-WeE&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-e55f2322-1ed7-42aa-ae45-e5732d15ff2c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRIBi74iFMAuYTpczZSy...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRIBi74iFMAuYTpczZSy3OS1nvjO1TMk_S7KiJhdmk4B385O8XZ9eUw6rfMPH_E-ZI47dX1vl_Mg0ItBTIJ9RAVzIwJ-WeE&google_hm=A-VfIyIe10KqrkXlcy0V_yw

170 B
188 B

43ms
41ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRIBi74iFMAuYTpczZSy3OS1nvjO1TMk_S7KiJhdmk4B385O8XZ9eUw6rfMPH_E-ZI47dX1vl_Mg0ItBTIJ9RAVzIwJ-WeE&google_hm=A-VfIyIe10KqrkXlcy0V_yw

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRIBi74iFMAuYTpczZSy3OS1nvjO1TMk_S7KiJhdmk4B385O8XZ9eUw6rfMPH_E-ZI47dX1vl_Mg0ItBTIJ9RAVzIwJ-WeE&google_hm=A-VfIyIe10KqrkXlcy0V_yw
date: Fri, 17 Nov 2023 03:47:36 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXe55f23221ed742aaae45e5732d15ff2c003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4073
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEIbMnkMHIGP-ifCkLTxpekA&google_cver=1&google_push=AXcoOmTZwk49A3th4adMHxpioDWe40S4RPkfTkHMrWQVNvzhlcsU9KfqhjWdqwuFmdxsUX_42lUA4gI1OPQLQntcYmhXYnNOrA8O
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMTk0NDU2NjIyMzIyNDAwMFYxMA%3d%3d&mn_hm=MzQzMTk0NDU2NjIyMzIyNDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTZwk49A3th4adMHxpioDWe40S...

170 B
188 B

119ms
118ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMTk0NDU2NjIyMzIyNDAwMFYxMA%3d%3d&mn_hm=MzQzMTk0NDU2NjIyMzIyNDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTZwk49A3th4adMHxpioDWe40S4RPkfTkHMrWQVNvzhlcsU9KfqhjWdqwuFmdxsUX_42lUA4gI1OPQLQntcYmhXYnNOrA8O&gdpr=&gdpr_consent=

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 03:47:36 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMTk0NDU2NjIyMzIyNDAwMFYxMA%3d%3d&mn_hm=MzQzMTk0NDU2NjIyMzIyNDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTZwk49A3th4adMHxpioDWe40S4RPkfTkHMrWQVNvzhlcsU9KfqhjWdqwuFmdxsUX_42lUA4gI1OPQLQntcYmhXYnNOrA8O&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Fri, 17 Nov 2023 03:47:36 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 4073
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEESCGl7mW0AVY97L1MezgBQ&google_cver=1&google_push=AXcoOmQvDIBvYOtC3kGn4I35L-jLFRj29xV91ty5jF-kEz0AtTecHzys3l2fO3RuRN0ikqD-_ddmb9_Sebp...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQvDIBvYOtC3kGn4I35L-jLFRj29xV91ty5jF-kEz0AtTecHzys3l2fO3RuRN0ikqD-_ddmb9_SebpMLwTunD6KsuDOKuEckw
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

65ms
62ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4073 0
12 B 62ms
62ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IwCNd_gkpxetO4EUffbrCqUI1Iirf9M5mdmSewxkWXWLVbYLn6nlH8kJd3VhmleJhphb0DfQ

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F0BA
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEmbmih9QO-e2AKnNSw35Ss&google_cver=1&google_push=AXcoOmSAe_l7KNV6guVxXdkq8QcNxvo0bJ2gpqUiCHQLKsDd2emeFFUBFNfeIF8lU4UrGHL2ZUvmSFC9BoNxfVyLTdCz...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEmbmih9QO-e2AKnNSw35Ss&google_cver=1&google_push=AXcoOmSAe_l7KNV6guVxXdkq8QcNxvo0bJ2gpqUiCHQLKsDd2emeFFUBFNfeIF8lU4UrGHL2ZUvmSFC9BoNxfV...
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=9d999e81-3487-4ade-a589-a0a19b90fd13&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQFvQBGj-YQciMhUOTpmFRhZmkwFTBFUgVcsXrCFvYJcLPICXovpyUNH5ndfimmZ5Ctx-JvpWmhJa-vGfIUF4YdW7JHP24&google_hm=UoJ7F_b1Rnux5vV27eKU8A==

170 B
188 B

43ms
43ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQFvQBGj-YQciMhUOTpmFRhZmkwFTBFUgVcsXrCFvYJcLPICXovpyUNH5ndfimmZ5Ctx-JvpWmhJa-vGfIUF4YdW7JHP24&google_hm=UoJ7F_b1Rnux5vV27eKU8A==

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQFvQBGj-YQciMhUOTpmFRhZmkwFTBFUgVcsXrCFvYJcLPICXovpyUNH5ndfimmZ5Ctx-JvpWmhJa-vGfIUF4YdW7JHP24&google_hm=UoJ7F_b1Rnux5vV27eKU8A==
date: Fri, 17 Nov 2023 03:47:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F0BA
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECc9TIn8f2JYt7eMj4TE1-s&google_cver=1&google_push=AXcoOmQw7PUgw5oHk3oC_Ek58GfUXPBHZWPneAo5t7PhwgMmqUZZB8gZobO_mfry0jpWd6p_vGgJP_MnKc6sse1H5ZSbjrW...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQw7PUgw5oHk3oC_Ek58GfUXPBHZWPneAo5t7PhwgMmqUZZB8gZobO_mfry0jpWd6p_vGgJP_MnKc6sse1H5ZSbjrWFxVic_w&google_hm=eS1PM2tPeEloRTJwRkpN...

170 B
188 B

43ms
43ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQw7PUgw5oHk3oC_Ek58GfUXPBHZWPneAo5t7PhwgMmqUZZB8gZobO_mfry0jpWd6p_vGgJP_MnKc6sse1H5ZSbjrWFxVic_w&google_hm=eS1PM2tPeEloRTJwRkpNeE14dFFRVG91SHRTV3ZXTVNVNn5B

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Nov 2023 03:47:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQw7PUgw5oHk3oC_Ek58GfUXPBHZWPneAo5t7PhwgMmqUZZB8gZobO_mfry0jpWd6p_vGgJP_MnKc6sse1H5ZSbjrWFxVic_w&google_hm=eS1PM2tPeEloRTJwRkpNeE14dFFRVG91SHRTV3ZXTVNVNn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F0BA
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lucv95ilSfWKo8mq88iAzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

41ms
41ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lucv95ilSfWKo8mq88iAzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTD7cfkE8NjqbYJuNyt8VKI1KL9OG1Ix5MdtFylbFlPO6f0Z8ZkDMiZpWY2esnm-sA0OVgN-cdZ1AaRmcUaQV_IprUDqxLm

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lucv95ilSfWKo8mq88iAzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTD7cfkE8NjqbYJuNyt8VKI1KL9OG1Ix5MdtFylbFlPO6f0Z8ZkDMiZpWY2esnm-sA0OVgN-cdZ1AaRmcUaQV_IprUDqxLm
date: Fri, 17 Nov 2023 03:47:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F0BA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmSSseb-Pd5pN-kYd-ZYen-Qf8qlm_3_M...

170 B
188 B

63ms
60ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmSSseb-Pd5pN-kYd-ZYen-Qf8qlm_3_McekRQajwQxQhU8jBgOXvNuW2T7gtl0N2kKrBTrU83-xIGZYL9L6QomJ1EtbGV7YAg

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGA5PmBD78PTQFucG6yWpqC27Pu9swL1tfxSXccq10ePwSkZ32PXH9dSEzQqx5GgCUgzCeOr2DL9oBJH9TzToYvYBMPQX31r2nx92Pkj9Nq3%2FhjTo9t6euDBmXruVxxaVt9fEfjfnbsM8w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmSSseb-Pd5pN-kYd-ZYen-Qf8qlm_3_McekRQajwQxQhU8jBgOXvNuW2T7gtl0N2kKrBTrU83-xIGZYL9L6QomJ1EtbGV7YAg
cache-control: no-cache
cf-ray: 8274fe45d9710219-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F0BA
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmTXjgSMHysEMizCyIEuBYH-tObBwhbegORI-WYYkjKRaX7G23I17I_8ehBFTFYiu6708yDXtpEj6BcQHyE9g...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmTXjgSMHysEMizCyIEuBYH-tObBwhbegORI-WYYkjKRaX7G23I17I_8ehBFTFYiu6708yDXtpEj6BcQHyE9g...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTXjgSMHysEMizCyIEuBYH-tObBwhbegORI-WYYkjKRaX7G23I17I_8ehBFTFYiu6708yDXtpEj6BcQHyE9gxvGXqQaLXSNQw&google_hm=Hq1jJGZH-vtU6kVSQC6k...

170 B
188 B

74ms
69ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTXjgSMHysEMizCyIEuBYH-tObBwhbegORI-WYYkjKRaX7G23I17I_8ehBFTFYiu6708yDXtpEj6BcQHyE9gxvGXqQaLXSNQw&google_hm=Hq1jJGZH-vtU6kVSQC6kqh_W

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 17 Nov 2023 03:47:36 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTXjgSMHysEMizCyIEuBYH-tObBwhbegORI-WYYkjKRaX7G23I17I_8ehBFTFYiu6708yDXtpEj6BcQHyE9gxvGXqQaLXSNQw&google_hm=Hq1jJGZH-vtU6kVSQC6kqh_W
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F0BA
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTchuy3d-E2ZyIu7Ct3qTYOLV3yq7p_G-y0e9MotnL8z63KMLE3s89WnT_J9PkSdqkQ7A7YAud_454dzoXMeUMlTQT-xTHzlQ&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-e55f2322-1ed7-42aa-ae45-e5732d15ff2c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTchuy3d-E2ZyIu7Ct3q...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTchuy3d-E2ZyIu7Ct3qTYOLV3yq7p_G-y0e9MotnL8z63KMLE3s89WnT_J9PkSdqkQ7A7YAud_454dzoXMeUMlTQT-xTHzlQ&google_hm=A-VfIyIe10KqrkXlcy0V_yw

170 B
188 B

45ms
44ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTchuy3d-E2ZyIu7Ct3qTYOLV3yq7p_G-y0e9MotnL8z63KMLE3s89WnT_J9PkSdqkQ7A7YAud_454dzoXMeUMlTQT-xTHzlQ&google_hm=A-VfIyIe10KqrkXlcy0V_yw

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTchuy3d-E2ZyIu7Ct3qTYOLV3yq7p_G-y0e9MotnL8z63KMLE3s89WnT_J9PkSdqkQ7A7YAud_454dzoXMeUMlTQT-xTHzlQ&google_hm=A-VfIyIe10KqrkXlcy0V_yw
date: Fri, 17 Nov 2023 03:47:36 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXe55f23221ed742aaae45e5732d15ff2c003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F0BA
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEIbMnkMHIGP-ifCkLTxpekA&google_cver=1&google_push=AXcoOmRxc3f2KYG6xBT92Kj4NPaKvpaIkw21QdedlyEwPpaChTG5Q7J0BJCak9jOWXv__9dKEu0lizoX-_AKr5sQ6P1CsUvhW0-y
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMTk0NDU2NjIyMzI4NTAwMFYxMA%3d%3d&mn_hm=MzQzMTk0NDU2NjIyMzI4NTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRxc3f2KYG6xBT92Kj4NPaKvpa...

170 B
188 B

111ms
111ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMTk0NDU2NjIyMzI4NTAwMFYxMA%3d%3d&mn_hm=MzQzMTk0NDU2NjIyMzI4NTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRxc3f2KYG6xBT92Kj4NPaKvpaIkw21QdedlyEwPpaChTG5Q7J0BJCak9jOWXv__9dKEu0lizoX-_AKr5sQ6P1CsUvhW0-y&gdpr=&gdpr_consent=

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 03:47:36 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMTk0NDU2NjIyMzI4NTAwMFYxMA%3d%3d&mn_hm=MzQzMTk0NDU2NjIyMzI4NTAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmRxc3f2KYG6xBT92Kj4NPaKvpaIkw21QdedlyEwPpaChTG5Q7J0BJCak9jOWXv__9dKEu0lizoX-_AKr5sQ6P1CsUvhW0-y&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Fri, 17 Nov 2023 03:47:36 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F0BA 0
12 B 71ms
68ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IOARiLAJlVl1JaTD_1ZnHPsisxaIB2QWBHfxNsWmRc_iR7VioG6fsMKiAnq3bmpKKbpFsx

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 55B9 35 B
465 B 359ms
62ms Image
image/gif 91.228.74.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEElULNDrKtz_L_lM2CuBlvI&google_cver=1&google_push=AXcoOmSoAr0trt1WB2unKlzwGnrMGZiCPcl1og7P1UjpQljrKWmCgnOxSVaNEzpBC6aY9CTI9Iv1rKo3MQ7tOiXto53xKYcEVzY

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.200 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 55B9
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECc9TIn8f2JYt7eMj4TE1-s&google_cver=1&google_push=AXcoOmTI79_jyrA38WcrcFggVPlUfdH6GvrAxHGiNZYwmm9TMZfPZeD6gPCXckvv_SXI0Txtk_l3v_WWw0qoXe3W2XDLqX0...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTI79_jyrA38WcrcFggVPlUfdH6GvrAxHGiNZYwmm9TMZfPZeD6gPCXckvv_SXI0Txtk_l3v_WWw0qoXe3W2XDLqX0T1DtE&google_hm=eS0xV0hSOEZ0RTJwR2VWX2...

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTI79_jyrA38WcrcFggVPlUfdH6GvrAxHGiNZYwmm9TMZfPZeD6gPCXckvv_SXI0Txtk_l3v_WWw0qoXe3W2XDLqX0T1DtE&google_hm=eS0xV0hSOEZ0RTJwR2VWX2R3SFI1WjhsQ1dqRndieHdlY35B

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Nov 2023 03:47:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTI79_jyrA38WcrcFggVPlUfdH6GvrAxHGiNZYwmm9TMZfPZeD6gPCXckvv_SXI0Txtk_l3v_WWw0qoXe3W2XDLqX0T1DtE&google_hm=eS0xV0hSOEZ0RTJwR2VWX2R3SFI1WjhsQ1dqRndieHdlY35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 55B9
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hyHMbz7LTbOvckUB-cq6Uw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

57ms
56ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hyHMbz7LTbOvckUB-cq6Uw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRix3nHh3TkD_v14KifayGzbKbjnPxcPwN4op2w17vzHuV3FV94hLnjNFojRgvzqKJRoII3MsG7Qpoo8qBah3_7qRfud-k

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hyHMbz7LTbOvckUB-cq6Uw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRix3nHh3TkD_v14KifayGzbKbjnPxcPwN4op2w17vzHuV3FV94hLnjNFojRgvzqKJRoII3MsG7Qpoo8qBah3_7qRfud-k
date: Fri, 17 Nov 2023 03:47:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 55B9
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEHZwoabV9kh5aIK-ias_kiM&google_cver=1&google_push=AXcoOmTZCqQIlKEJUVCz2EediWssiod8ePteJR0ruN-O0pU5lxbkwbMIi9mPvvVPsV0Zd-PmRqk817v8bBKhFG4_VyQISXEblUE
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTZCqQIlKEJUVCz2EediWssiod8ePteJR0ruN-O0pU5lxbkwbMIi9mPvvVPsV0Zd-PmRqk817v8bBKhFG4_VyQISXEblUE&google_hm=M0ZNeU83N2RkNDdTeWNSa...

170 B
188 B

63ms
59ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTZCqQIlKEJUVCz2EediWssiod8ePteJR0ruN-O0pU5lxbkwbMIi9mPvvVPsV0Zd-PmRqk817v8bBKhFG4_VyQISXEblUE&google_hm=M0ZNeU83N2RkNDdTeWNSaldPWmM=

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:35 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmTZCqQIlKEJUVCz2EediWssiod8ePteJR0ruN-O0pU5lxbkwbMIi9mPvvVPsV0Zd-PmRqk817v8bBKhFG4_VyQISXEblUE&google_hm=M0ZNeU83N2RkNDdTeWNSaldPWmM=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 55B9
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMzrRbVVCw-AKrI1HMbQ5Sg&google_cver=1&google_push=AXcoOmTfSYkpQdBXRmdEocDpj3pdzI3jmtx7N_A0c3ZZSKmG2TbZJHL7ccRSJ-9B3F9SUlXLWHTGDeqLqDLGPrXuPDf3igOjYMIY
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTfSYkpQdBXRmdEocDpj3pdzI3jmtx7N_A0c3ZZSKmG2TbZJHL7ccRSJ-9B3F9SUlXLWHTGDeqLqDLGPrXuPDf3igOjYMI...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAxNzE0MDIxNDAwNjAxMTkzODc3Mg%3D%3D&google_push=AXcoOmTfSYkpQdBXRmdEocDpj3pdzI3jmtx7N_A0c3ZZSKmG2TbZJHL7...

170 B
188 B

124ms
124ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAxNzE0MDIxNDAwNjAxMTkzODc3Mg%3D%3D&google_push=AXcoOmTfSYkpQdBXRmdEocDpj3pdzI3jmtx7N_A0c3ZZSKmG2TbZJHL7ccRSJ-9B3F9SUlXLWHTGDeqLqDLGPrXuPDf3igOjYMIY

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAxNzE0MDIxNDAwNjAxMTkzODc3Mg%3D%3D&google_push=AXcoOmTfSYkpQdBXRmdEocDpj3pdzI3jmtx7N_A0c3ZZSKmG2TbZJHL7ccRSJ-9B3F9SUlXLWHTGDeqLqDLGPrXuPDf3igOjYMIY
date: Fri, 17 Nov 2023 03:47:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 55B9
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEIbMnkMHIGP-ifCkLTxpekA&google_cver=1&google_push=AXcoOmQwkDFe_xMS-9ekmvzgYF9O740n3rKefU8T_NsN3ejnygYBWCuPGrmv-OepM8cUOwx_rXPyA-Hee1yZC1j_aTpU6aAxcwyL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMTk0NDU2NjIyMzI4MzAwMFYxMA%3d%3d&mn_hm=MzQzMTk0NDU2NjIyMzI4MzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQwkDFe_xMS-9ekmvzgYF9O740...

170 B
188 B

56ms
56ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMTk0NDU2NjIyMzI4MzAwMFYxMA%3d%3d&mn_hm=MzQzMTk0NDU2NjIyMzI4MzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQwkDFe_xMS-9ekmvzgYF9O740n3rKefU8T_NsN3ejnygYBWCuPGrmv-OepM8cUOwx_rXPyA-Hee1yZC1j_aTpU6aAxcwyL&gdpr=&gdpr_consent=

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 03:47:36 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMTk0NDU2NjIyMzI4MzAwMFYxMA%3d%3d&mn_hm=MzQzMTk0NDU2NjIyMzI4MzAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQwkDFe_xMS-9ekmvzgYF9O740n3rKefU8T_NsN3ejnygYBWCuPGrmv-OepM8cUOwx_rXPyA-Hee1yZC1j_aTpU6aAxcwyL&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Fri, 17 Nov 2023 03:47:36 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 55B9
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEESCGl7mW0AVY97L1MezgBQ&google_cver=1&google_push=AXcoOmRF59MhhvcrQZnzxwHt5PwymsTt6DRY36bGUq3t1iz3Qn0ykyko0ZNAhOtX6WIPbkHbimkP4HevTqB...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRF59MhhvcrQZnzxwHt5PwymsTt6DRY36bGUq3t1iz3Qn0ykyko0ZNAhOtX6WIPbkHbimkP4HevTqBDO0AXzH3u5iL3sZrFlQ
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

63ms
62ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 55B9 0
12 B 72ms
71ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J2R6Eumo45I41NvKpKvAfg4xnECBuUlsUxKr4AybWCMWPmPpr1RZRJN0nS5JduFRu6dIou9w

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B65C
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPmynMnbkBI8FZFapd3EOdw&google_cver=1&google_push=AXcoOmTUHRpN7g36EMks3L9ivu3_Fg4B1Jbx248Z0aiMFmqUM8-Hoiporg2TiD4E4kG9bFxBS78MGyfl63U_YO...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjI3MjcxMzQxNDUzOTQwNg%3D%3D&google_push=AXcoOmTUHRpN7g36EMks3L9ivu3_Fg4B1Jbx248Z0aiMFmqUM8-Hoiporg2TiD4E4kG9bFxBS78MGyfl63U_YOVD5-...

170 B
188 B

58ms
57ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjI3MjcxMzQxNDUzOTQwNg%3D%3D&google_push=AXcoOmTUHRpN7g36EMks3L9ivu3_Fg4B1Jbx248Z0aiMFmqUM8-Hoiporg2TiD4E4kG9bFxBS78MGyfl63U_YOVD5-M30tAlqYJN

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjI3MjcxMzQxNDUzOTQwNg%3D%3D&google_push=AXcoOmTUHRpN7g36EMks3L9ivu3_Fg4B1Jbx248Z0aiMFmqUM8-Hoiporg2TiD4E4kG9bFxBS78MGyfl63U_YOVD5-M30tAlqYJN
Date: Fri, 17 Nov 2023 03:47:36 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B65C
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEEmbmih9QO-e2AKnNSw35Ss&google_cver=1&google_push=AXcoOmQFvQBGj-YQciMhUOTpmFRhZmkwFTBFUgVcsXrCFvYJcLPICXovpyUNH5ndfimmZ5Ctx-JvpWmhJa-vGfIUF4Yd...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEEmbmih9QO-e2AKnNSw35Ss&google_cver=1&google_push=AXcoOmQFvQBGj-YQciMhUOTpmFRhZmkwFTBFUgVcsXrCFvYJcLPICXovpyUNH5ndfimmZ5Ctx-JvpWmhJa-vGf...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQFvQBGj-YQciMhUOTpmFRhZmkwFTBFUgVcsXrCFvYJcLPICXovpyUNH5ndfimmZ5Ctx-JvpWmhJa-vGfIUF4YdW7JHP24&google_hm=UoJ7F_b1Rnux5vV27eKU8A==

170 B
188 B

121ms
121ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQFvQBGj-YQciMhUOTpmFRhZmkwFTBFUgVcsXrCFvYJcLPICXovpyUNH5ndfimmZ5Ctx-JvpWmhJa-vGfIUF4YdW7JHP24&google_hm=UoJ7F_b1Rnux5vV27eKU8A==

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQFvQBGj-YQciMhUOTpmFRhZmkwFTBFUgVcsXrCFvYJcLPICXovpyUNH5ndfimmZ5Ctx-JvpWmhJa-vGfIUF4YdW7JHP24&google_hm=UoJ7F_b1Rnux5vV27eKU8A==
date: Fri, 17 Nov 2023 03:47:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B65C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmS5XdZalLVXwlXsRfOp3hVGWziu-5FhT...

170 B
188 B

63ms
61ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmS5XdZalLVXwlXsRfOp3hVGWziu-5FhTc5eoyewDn_bIxRw7X3aDqv2-_1BuhBVIbsLcnXtaMB333gCyp8Wjc1y6uOxyJV2

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UmfCsSfSmRLMpxKB0Fj7zxRmRdXI6yjI0qfy4pMGQvXj3%2FcbQfC%2BdwmWK6fb3VRkEShaHyXk5M43dYU7SyrYgBbzJ5RNtpYX2ferIJpRa6qNALsEp%2FpAggHbEW7IthFJVOrPZewauaxXA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmS5XdZalLVXwlXsRfOp3hVGWziu-5FhTc5eoyewDn_bIxRw7X3aDqv2-_1BuhBVIbsLcnXtaMB333gCyp8Wjc1y6uOxyJV2
cache-control: no-cache
cf-ray: 8274fe45d9750219-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B65C
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmQ-To5krsbiqmgNyT2mGGFviXzH_BS3jdNgjKxxD43_4yDZmNHRYr9LxzF08OlH7RQqoGA5PajC0fBtzXvDE...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmQ-To5krsbiqmgNyT2mGGFviXzH_BS3jdNgjKxxD43_4yDZmNHRYr9LxzF08OlH7RQqoGA5PajC0fBtzXvDE...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ-To5krsbiqmgNyT2mGGFviXzH_BS3jdNgjKxxD43_4yDZmNHRYr9LxzF08OlH7RQqoGA5PajC0fBtzXvDEo4cajMGF2TH&google_hm=Hq1jJGZH-vtU6kVSQC6kqh_W

170 B
188 B

74ms
68ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ-To5krsbiqmgNyT2mGGFviXzH_BS3jdNgjKxxD43_4yDZmNHRYr9LxzF08OlH7RQqoGA5PajC0fBtzXvDEo4cajMGF2TH&google_hm=Hq1jJGZH-vtU6kVSQC6kqh_W

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 17 Nov 2023 03:47:36 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ-To5krsbiqmgNyT2mGGFviXzH_BS3jdNgjKxxD43_4yDZmNHRYr9LxzF08OlH7RQqoGA5PajC0fBtzXvDEo4cajMGF2TH&google_hm=Hq1jJGZH-vtU6kVSQC6kqh_W
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B65C
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmS7EB2f4H7vWF05lWJH4WKUdhmJtf1tKo5Qex9MuiYNN_KgU1mCCyHgSWtl8Ud-uBoq0kOt-cjBwTfj5QPhoBbK7erWm2xI&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-e55f2322-1ed7-42aa-ae45-e5732d15ff2c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmS7EB2f4H7vWF05lWJH4...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmS7EB2f4H7vWF05lWJH4WKUdhmJtf1tKo5Qex9MuiYNN_KgU1mCCyHgSWtl8Ud-uBoq0kOt-cjBwTfj5QPhoBbK7erWm2xI&google_hm=A-VfIyIe10KqrkXlcy0V_yw

170 B
188 B

43ms
42ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmS7EB2f4H7vWF05lWJH4WKUdhmJtf1tKo5Qex9MuiYNN_KgU1mCCyHgSWtl8Ud-uBoq0kOt-cjBwTfj5QPhoBbK7erWm2xI&google_hm=A-VfIyIe10KqrkXlcy0V_yw

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmS7EB2f4H7vWF05lWJH4WKUdhmJtf1tKo5Qex9MuiYNN_KgU1mCCyHgSWtl8Ud-uBoq0kOt-cjBwTfj5QPhoBbK7erWm2xI&google_hm=A-VfIyIe10KqrkXlcy0V_yw
date: Fri, 17 Nov 2023 03:47:36 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXe55f23221ed742aaae45e5732d15ff2c003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B65C
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEIbMnkMHIGP-ifCkLTxpekA&google_cver=1&google_push=AXcoOmTIgrdJPHZAkpRXMTHyRloOgzySAOxgfrcVuTMyJikbVHzrEM1ngah7Gno5wvtz3wYHh1N3jFlk80tPTJsT63UaMrCszznn
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMTk0NDU2NjIyMzI0MDAwMFYxMA%3d%3d&mn_hm=MzQzMTk0NDU2NjIyMzI0MDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTIgrdJPHZAkpRXMTHyRloOgzy...

170 B
188 B

115ms
115ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMTk0NDU2NjIyMzI0MDAwMFYxMA%3d%3d&mn_hm=MzQzMTk0NDU2NjIyMzI0MDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTIgrdJPHZAkpRXMTHyRloOgzySAOxgfrcVuTMyJikbVHzrEM1ngah7Gno5wvtz3wYHh1N3jFlk80tPTJsT63UaMrCszznn&gdpr=&gdpr_consent=

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 03:47:36 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMTk0NDU2NjIyMzI0MDAwMFYxMA%3d%3d&mn_hm=MzQzMTk0NDU2NjIyMzI0MDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTIgrdJPHZAkpRXMTHyRloOgzySAOxgfrcVuTMyJikbVHzrEM1ngah7Gno5wvtz3wYHh1N3jFlk80tPTJsT63UaMrCszznn&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Fri, 17 Nov 2023 03:47:36 GMT

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame B65C 0
35 B 206ms
38ms Image
text/plain 52.28.38.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEFaKpovaJi_ZNjgKxFUamlo&google_cver=1&google_push=AXcoOmSMLndQtQZnGuW0dGGb6grqtww7trK4u_D9sxLxsMl3iPsdYzLaUNq-6By5_uIX_aiC_SaxpCOehdCjyAs4HSbE1u3Qw8gfTQ
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.38.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-38-5.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:36 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B65C 0
12 B 77ms
75ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JahfmZV2I-EIDU0XXdj_xj0TgORORSZlwSL2dcCy9xSLjyiaSzLJ5fYY_brV9KsFNd2YsY3A

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5EE3
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPmynMnbkBI8FZFapd3EOdw&google_cver=1&google_push=AXcoOmShc5q2JYw0Z_1_siPyZDHjEtwDfO1nK9Bu0JGMU1G2QNHgX0upG0hlqShTi5AzKa-Gr5qgG6x8tZ1feu...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjI3MjcxMzQxNTU4Nzk4OA%3D%3D&google_push=AXcoOmShc5q2JYw0Z_1_siPyZDHjEtwDfO1nK9Bu0JGMU1G2QNHgX0upG0hlqShTi5AzKa-Gr5qgG6x8tZ1feuxM0G...

170 B
188 B

58ms
57ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjI3MjcxMzQxNTU4Nzk4OA%3D%3D&google_push=AXcoOmShc5q2JYw0Z_1_siPyZDHjEtwDfO1nK9Bu0JGMU1G2QNHgX0upG0hlqShTi5AzKa-Gr5qgG6x8tZ1feuxM0G89jky5C_vp

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjI3MjcxMzQxNTU4Nzk4OA%3D%3D&google_push=AXcoOmShc5q2JYw0Z_1_siPyZDHjEtwDfO1nK9Bu0JGMU1G2QNHgX0upG0hlqShTi5AzKa-Gr5qgG6x8tZ1feuxM0G89jky5C_vp
Date: Fri, 17 Nov 2023 03:47:36 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5EE3
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECc9TIn8f2JYt7eMj4TE1-s&google_cver=1&google_push=AXcoOmS8iG-zoHdqTMmyj6HuXYVLbslirhRwxGIcW4LJ8N5V9ZyElDNDiq7RhsY_SKD6wnCLJohCW8qjU2KUtF_5OgO6Dq0...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS8iG-zoHdqTMmyj6HuXYVLbslirhRwxGIcW4LJ8N5V9ZyElDNDiq7RhsY_SKD6wnCLJohCW8qjU2KUtF_5OgO6Dq0pCBtv&google_hm=eS1ab3BKV0dGRTJwR2Jjel...

170 B
188 B

42ms
42ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS8iG-zoHdqTMmyj6HuXYVLbslirhRwxGIcW4LJ8N5V9ZyElDNDiq7RhsY_SKD6wnCLJohCW8qjU2KUtF_5OgO6Dq0pCBtv&google_hm=eS1ab3BKV0dGRTJwR2JjelZZYkM4M3FLVlBBYmFWMWxiNX5B

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Nov 2023 03:47:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmS8iG-zoHdqTMmyj6HuXYVLbslirhRwxGIcW4LJ8N5V9ZyElDNDiq7RhsY_SKD6wnCLJohCW8qjU2KUtF_5OgO6Dq0pCBtv&google_hm=eS1ab3BKV0dGRTJwR2JjelZZYkM4M3FLVlBBYmFWMWxiNX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5EE3
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQ29gDVzDq0KDeQqQHuegjaKEl8W941XKf_R8nUqdwTcOMH13644j9u-8fE_M77D28NIg64VZk5xr...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQ29gDVzDq0KDeQqQHuegjaKEl8W941XKf_R8nUqdwTcOMH13644j9u-8fE_M77D28NIg64VZk5xrHQVWJvxeeDWJP3d_2x&google_hm=7f2fa5b2-ba8f-410d-ae...

170 B
188 B

44ms
44ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQ29gDVzDq0KDeQqQHuegjaKEl8W941XKf_R8nUqdwTcOMH13644j9u-8fE_M77D28NIg64VZk5xrHQVWJvxeeDWJP3d_2x&google_hm=7f2fa5b2-ba8f-410d-aeb7-da7c5ce33b33

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-78
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQ29gDVzDq0KDeQqQHuegjaKEl8W941XKf_R8nUqdwTcOMH13644j9u-8fE_M77D28NIg64VZk5xrHQVWJvxeeDWJP3d_2x&google_hm=7f2fa5b2-ba8f-410d-aeb7-da7c5ce33b33
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5EE3
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmQ7p3UCywB8ISRdabCX9cYS-EFxdcUSCyzKdzcVOSMFROUOLHK7gLMSKZ7Ux6X3VMH4MKMTIyCViOONcok_V...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmQ7p3UCywB8ISRdabCX9cYS-EFxdcUSCyzKdzcVOSMFROUOLHK7gLMSKZ7Ux6X3VMH4MKMTIyCViOONcok_V...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ7p3UCywB8ISRdabCX9cYS-EFxdcUSCyzKdzcVOSMFROUOLHK7gLMSKZ7Ux6X3VMH4MKMTIyCViOONcok_V2v6M8CguZNR&google_hm=Hq1jJGZHpMOfVkwLT8-oZjUL

170 B
188 B

53ms
53ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ7p3UCywB8ISRdabCX9cYS-EFxdcUSCyzKdzcVOSMFROUOLHK7gLMSKZ7Ux6X3VMH4MKMTIyCViOONcok_V2v6M8CguZNR&google_hm=Hq1jJGZHpMOfVkwLT8-oZjUL

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 17 Nov 2023 03:47:36 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQ7p3UCywB8ISRdabCX9cYS-EFxdcUSCyzKdzcVOSMFROUOLHK7gLMSKZ7Ux6X3VMH4MKMTIyCViOONcok_V2v6M8CguZNR&google_hm=Hq1jJGZHpMOfVkwLT8-oZjUL
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5EE3
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTXwFCuL0JCOmTQX9wzTNY4LYtsS66Izz6T32_VFkPYeHh51uK3zTKEyBpL9esKUYRJDjeclqqQ2nYGNqjKh6aGLUO-A75g&redir=https%3A%2F%2Fcm.g.doubl...
https://sync.targeting.unrulymedia.com/csync/RX-e55f2322-1ed7-42aa-ae45-e5732d15ff2c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTXwFCuL0JCOmTQX9wzT...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTXwFCuL0JCOmTQX9wzTNY4LYtsS66Izz6T32_VFkPYeHh51uK3zTKEyBpL9esKUYRJDjeclqqQ2nYGNqjKh6aGLUO-A75g&google_hm=A-VfIyIe10KqrkXlcy0V_yw

170 B
188 B

44ms
43ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTXwFCuL0JCOmTQX9wzTNY4LYtsS66Izz6T32_VFkPYeHh51uK3zTKEyBpL9esKUYRJDjeclqqQ2nYGNqjKh6aGLUO-A75g&google_hm=A-VfIyIe10KqrkXlcy0V_yw

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTXwFCuL0JCOmTQX9wzTNY4LYtsS66Izz6T32_VFkPYeHh51uK3zTKEyBpL9esKUYRJDjeclqqQ2nYGNqjKh6aGLUO-A75g&google_hm=A-VfIyIe10KqrkXlcy0V_yw
date: Fri, 17 Nov 2023 03:47:36 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXe55f23221ed742aaae45e5732d15ff2c003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5EE3
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMzrRbVVCw-AKrI1HMbQ5Sg&google_cver=1&google_push=AXcoOmRFOk0Yk4_OOFbeujNiLRokQoRMgBMGOrrsDSGK8wZw0ejxdwiOR6n5aU3VSuYaEdyqGPfCD8fBGIDU1k8bFD5m-0F2wqE
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRFOk0Yk4_OOFbeujNiLRokQoRMgBMGOrrsDSGK8wZw0ejxdwiOR6n5aU3VSuYaEdyqGPfCD8fBGIDU1k8bFD5m-0F2wqE...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAxNzE0MDIxNDAwNjAxMTkzODc3Mg%3D%3D&google_push=AXcoOmRFOk0Yk4_OOFbeujNiLRokQoRMgBMGOrrsDSGK8wZw0ejxdwiO...

170 B
188 B

124ms
124ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAxNzE0MDIxNDAwNjAxMTkzODc3Mg%3D%3D&google_push=AXcoOmRFOk0Yk4_OOFbeujNiLRokQoRMgBMGOrrsDSGK8wZw0ejxdwiOR6n5aU3VSuYaEdyqGPfCD8fBGIDU1k8bFD5m-0F2wqE

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAxNzE0MDIxNDAwNjAxMTkzODc3Mg%3D%3D&google_push=AXcoOmRFOk0Yk4_OOFbeujNiLRokQoRMgBMGOrrsDSGK8wZw0ejxdwiOR6n5aU3VSuYaEdyqGPfCD8fBGIDU1k8bFD5m-0F2wqE
date: Fri, 17 Nov 2023 03:47:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 5EE3 0
36 B 198ms
37ms Image
text/plain 52.28.38.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEFaKpovaJi_ZNjgKxFUamlo&google_cver=1&google_push=AXcoOmQnPvcpiZ3Ga8ZO_cD_jBueqX79Ehg8V6kGD7kqwWw6Te9ii5UUhQJphm7WmorckX4MgnrJxc4VxJSNFpk8pWrlKDmdiVcolw
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.38.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-38-5.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:36 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5EE3 0
12 B 74ms
70ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IkjO9UjNruUfKDaHqIcKWeSAybRMpgRDjwS0GHe0AJ4_4WRHDwDQIxFECD7_ddf9ggVL9y2g

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame FA4E 49 B
496 B 697ms
256ms XHR
application/json 18.66.122.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:37 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: YGbcqNKpuPf1LyIqOve9393GmyC_8FnZq5ggRouEukzQSSMqdXTYGg==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 616ms
282ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:36 GMT
x-amzn-RequestId: f1e7b7e9-7e81-30b0-ac37-537147fc45d4

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame FA4E 133 B
569 B 566ms
161ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: b4cff1017035919d9971f43d3b15f5e83eb73d104deb7d815c3ba23f3185583f

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=21b8bcfbfc03e007507d3ce78de5da8aa6c8685f78e6ba09047f71ec0ee359c4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: f74d6281e3bb40662d0a57d24b673ebb2822fbc87754409b9798c7c8452fc9e7
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034736Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: f46d9ce6-35d3-6d5a-a9bd-787f672d3559
Content-Length: 133
x-amz-id-2: FhXRa5yjLDDbRg1VbevuDZ+ITHm+R66ffhXOK1f2Qikv73Dvun5ZUUl+AostROOheeS9f7kyMevU8TN0mpmjJLHH53UwhMG9
Content-Type: application/x-amz-json-1.1

GET
H2 200 ymcas
ads.yieldmo.com/ Frame 7B42 5 KB
0 99ms
97ms Document
text/html 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Fri, 17 Nov 2023 03:47:36 GMT
pragma: no-cache
vary: accept-encoding

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 507ms
156ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:36 GMT
x-amzn-RequestId: cb7d6c27-694e-4a15-96ad-88bf3bb01216

GET
H2 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js/desktop/ Frame FA4E 208 KB
61 KB 735ms
51ms XHR
application/javascript 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding: br
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 12:37:08 GMT
x-amz-cf-pop: FRA60-P5
age: 54629
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:36 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: ib0W51O_igYC-5MCn0nNXKx84DEIabWuQH6RicIfFR_naGGL3F102w==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame FA4E 133 B
569 B 591ms
162ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: 4478571ae9ae5193b31afff4f08ee5bd197c9c5f7dd8774dfb0245cc4300cdb9

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=88a0ee158e4fc4838e678ad834aa04d52166a6b42a565489d90a9c26c99c7ffc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 548837170de25d056e4ba46f7e54f4c6d36c0641e03b30d004e4b18d38e49296
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034736Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: d5411cdd-79a2-0bfb-8891-f84440df7e9f
Content-Length: 133
x-amz-id-2: cMwWaAu3FzZG+RH6asYUYod+frE+LukkNfiaPB9c51SOOthjwkQyGjbZwlMigPK72GTrk30/ppWBNQ9rnbzYxPvQyXMBdlu5
Content-Type: application/x-amz-json-1.1

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame C0E9 49 B
495 B 599ms
259ms XHR
application/json 18.66.122.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:37 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: DA2JjQZiotRvxUqrAHSmlZEzUqNdan0pGkNxASmIDucCMCLeHBumSg==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 465ms
152ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:36 GMT
x-amzn-RequestId: c98ff5a7-12b1-c48d-945f-113fa31b588c

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame C0E9 133 B
569 B 556ms
155ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: 29fe0b7dd4e649ef113ae8d25a3c7af09fa8bc7f1474235f69113fc7a64fe45d

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=95beab0ed6283b7647692b432e96a0f7e62d1d968cb4c6964f8b981f6d8fa44a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 0d45f0f9757cfad9c8e843cf9e6754eb3c625708ea958fb3243d55959f319afc
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034736Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: f20c9d55-c9cf-4940-afdc-79cc4df1ad5d
Content-Length: 133
x-amz-id-2: SictuiYTN1k7QtEzVbahvPS+m7+eZt+33NAe2CQPueoXA5TLngUa31+SyoH082e50EdlNfrU5dnoXgjzw+Q0NZFKQU1nDCDo
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame 542C 0
0 53ms
52ms Document
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Fri, 17 Nov 2023 03:47:36 GMT
pragma: no-cache

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 590ms
280ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:36 GMT
x-amzn-RequestId: cd615cf6-3e6c-d5d1-90b1-b86e98f0b879

GET
H2 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js/desktop/ Frame C0E9 208 KB
61 KB 631ms
55ms XHR
application/javascript 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding: br
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 12:37:08 GMT
x-amz-cf-pop: FRA60-P5
age: 54629
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:36 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: Fww2LMWvaNpfS6yJZ-06rsUoaoPh2_oImgl2HdsBo6Xhrlm5-OKRkQ==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame C0E9 133 B
569 B 555ms
160ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: 4885939ebe52f6f741e09cf672876c6f40d1e0d54f2efef61909e62cbdd8fef4

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=502ae268d16198bac49a98a20e150425ba129773d1394e7798edcffe78b006a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: b9655f763fb9ba5298afebd2819afd7af11cfbcd0fc27c4ab15a699eae1bb70d
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034736Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: c35fccec-1a37-c094-9e8f-28750a611f6b
Content-Length: 133
x-amz-id-2: V99QAv4VzCFcAINfnWlOxJ4ysjBAJTP6XsMCVg/EzVbTRyENIgF+dE78FSZ2pWiH3HrA4QWGoquS4oZGtlHCAPSA1NOSx83z
Content-Type: application/x-amz-json-1.1

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame B7F3 49 B
495 B 511ms
261ms XHR
application/json 18.66.122.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:37 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: UbrD3eMCT8KJPWgQVUlsy8bW1goIzvmX9K-xiBugwwcFCw6wGhqhAw==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 467ms
154ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:36 GMT
x-amzn-RequestId: d578fdb9-c0d5-3fd0-88a8-192144ebdbcd

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame B7F3 133 B
569 B 561ms
157ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: ca41f3a4fce57d52ae3aa2348f10c7fa3665a991e27ba8ab925067e729f0d587

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=da871851ea80fe1b6e0076a5c04a59a05fe10e00baa516060be3b9e4564d88a3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 9a09fbc76941288d9ca64bcd980b15dba03fcc19217a5338e8aa19d4100e3648
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034736Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: eb157be0-f414-6df2-b6c5-9f795288005a
Content-Length: 133
x-amz-id-2: afj0hNfFKnFptK76lTpXvRNF6+x4W0s9Fp2jQMySuEn320I5KjADvdWoc4/NJjNWiKvBHNz5Wo6BJpe7Uf7QNRvaFnSlFKEi
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame EC8F 0
0 57ms
57ms Document
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Fri, 17 Nov 2023 03:47:36 GMT
pragma: no-cache

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 605ms
283ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:36 GMT
x-amzn-RequestId: d4d610ab-99b6-0875-8906-f43389e0d78a

GET
H2 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js_a/desktop/ Frame B7F3 208 KB
61 KB 620ms
90ms XHR
application/javascript 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js_a/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: M..2uk1oytKXIiwyOT2pb17QwmooKg.V
content-encoding: br
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 12:36:00 GMT
x-amz-cf-pop: FRA60-P5
age: 54698
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:39 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: Od-ftx_MV1vSO8vZcgJypKSz_vpPg3NFmC6ydhiLHl2CKuMicQY39A==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame B7F3 133 B
569 B 566ms
165ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: dcaa88e8efaa6f312053764588bbf2115e7d49ec69614486493594406d8f2352

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=21bb4e0b265e2c4e75da282d7a9f00a1e5ffa6d3cb144e4288846f41d7c71409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 960054bd5e294ceb499854fdc7defaad7e854b61148c6b9dbfd425b200082396
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034736Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: c66f397b-2a0f-061f-9bbf-dde278f15e1c
Content-Length: 133
x-amz-id-2: Qrp0bQbwVWbp+WgDlpk9GBD5JCwsP7YZcpfuBeCIlwZ9l2TQykVkcsXQawhTXyf2jsWBbkuROTnnuq6rkgF9p6aqUwBnQPM5
Content-Type: application/x-amz-json-1.1

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame E304 49 B
495 B 476ms
261ms XHR
application/json 18.66.122.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:37 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: YCL6lYfdcd6zqWOFTxbxoMUYXWRvdPBsHKXmcIqWdMUNduDt3B8uRQ==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 494ms
156ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:36 GMT
x-amzn-RequestId: cc96cbc5-cdac-3dda-9146-2f5d9f5265d9

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame E304 133 B
569 B 512ms
162ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: 761a3ed677be90dd2ea54a66322244426c74412d3fc73334144828e3e28b8639

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=4027bc8c611f56858c7ea3277d47b7cfe55a9550a54d483ad3ae3070700a6fb8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 20ea8c570fd280b384fdf24117a7c1170e8ae65f95debb451e777f79d624928e
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034736Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: e080b6c7-cb6d-2f39-bd50-525e7ac7b338
Content-Length: 133
x-amz-id-2: csGVItffa4x5ZqaRMYqseU9tAq6RjC8Z/jHT7JI7ALkuCONhP/nAOc8yRGpMKiLV3/2mVNLPVEdXCShRCMyaEMAnI6SZYF+J
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame 9508 0
0 75ms
73ms Document
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Fri, 17 Nov 2023 03:47:36 GMT
pragma: no-cache

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 521ms
151ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:36 GMT
x-amzn-RequestId: ee3ea741-9f4d-f86c-b3ee-43d92ee7646d

GET
H2 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js_a/desktop/ Frame E304 208 KB
61 KB 594ms
94ms XHR
application/javascript 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js_a/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: M..2uk1oytKXIiwyOT2pb17QwmooKg.V
content-encoding: br
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 12:36:00 GMT
x-amz-cf-pop: FRA60-P5
age: 54698
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:39 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: WyvyTnzdUvVwCDzH9qFP7PHQmTaJb5zwv2sOBL7cfYsGuWuOfJDykg==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame E304 133 B
569 B 554ms
158ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: 2c364351c1bbbc15f186b6424a7d46c34aa95ecdb5a9bc48ecdd58f8d9d498ce

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=440ebffac0adcd03f47e5b7707e89debf9570d93cba55987c0c5e3a9ed2d386d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 2420382465f22007cf4fb1affe4edcd38f9717ef61958b7e9d326634291c4b23
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034736Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: fde85e65-df3e-25e8-a038-bafce643508c
Content-Length: 133
x-amz-id-2: sW6PblVpSiDoUq6BPj+v2KSLd7ksjtomGgUbFriaNVRy8zAPuQxIVhp+WMKmLEi8GNXUaCqWShk/RtcOqZtI0Guru4FPUj1B
Content-Type: application/x-amz-json-1.1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FF02
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECc9TIn8f2JYt7eMj4TE1-s&google_cver=1&google_push=AXcoOmRXmQJc8-dgKGZiAa0V1C2SsNj1yFEFEm5FQf4qrvAzQk1XQtDvwgO-lyNmCrBQ6gKkaWn1YvEZKhZm8PBN87LM-bt...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRXmQJc8-dgKGZiAa0V1C2SsNj1yFEFEm5FQf4qrvAzQk1XQtDvwgO-lyNmCrBQ6gKkaWn1YvEZKhZm8PBN87LM-btWQ-6nlw&google_hm=eS15SGJWWlZKRTJwR1dV...

170 B
188 B

45ms
45ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRXmQJc8-dgKGZiAa0V1C2SsNj1yFEFEm5FQf4qrvAzQk1XQtDvwgO-lyNmCrBQ6gKkaWn1YvEZKhZm8PBN87LM-btWQ-6nlw&google_hm=eS15SGJWWlZKRTJwR1dVZm1vckp4QkVsaFVCM0hpZXBjUn5B

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Nov 2023 03:47:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRXmQJc8-dgKGZiAa0V1C2SsNj1yFEFEm5FQf4qrvAzQk1XQtDvwgO-lyNmCrBQ6gKkaWn1YvEZKhZm8PBN87LM-btWQ-6nlw&google_hm=eS15SGJWWlZKRTJwR1dVZm1vckp4QkVsaFVCM0hpZXBjUn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FF02
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lucv95ilSfWKo8mq88iAzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

44ms
44ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lucv95ilSfWKo8mq88iAzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmT2D2R5qNSKKj7MLpTbuTJj80u-48eUXpxpbGo81FI5MfWEXnOBMXQh4U_iqTVitgDjNU84jHYN81BQkr9rpvkeC0rkyZ2ulQ

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lucv95ilSfWKo8mq88iAzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmT2D2R5qNSKKj7MLpTbuTJj80u-48eUXpxpbGo81FI5MfWEXnOBMXQh4U_iqTVitgDjNU84jHYN81BQkr9rpvkeC0rkyZ2ulQ
date: Fri, 17 Nov 2023 03:47:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FF02
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmQU1lbsOVmMVlpb9-7HWAjNJgG34e0Vd...

170 B
188 B

47ms
47ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmQU1lbsOVmMVlpb9-7HWAjNJgG34e0VdDJxKKMzrBZlRrx2oEZIjXcfEmKOsUNanEmSY-ZcgiWFp9GS1jDWP0IlMn5cIwYfvg

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BU58Z9UFDtmokhJL7hMfCsiku4IZOKBxkYgQPEMjeovBctVgaSj%2B3VK1pquw9%2FmOr1LVlYTt6ORVU7P1ELIXAOicx%2FIwfNUvmhdQx3XsBRwF2n6zzz7ACjft%2FB1BzU5Ke0qgkXyf4lSS8g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmQU1lbsOVmMVlpb9-7HWAjNJgG34e0VdDJxKKMzrBZlRrx2oEZIjXcfEmKOsUNanEmSY-ZcgiWFp9GS1jDWP0IlMn5cIwYfvg
cache-control: no-cache
cf-ray: 8274fe47ff4f24c0-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FF02
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmQLrhhyOyvId4-w84FDshMTlXR62-A11fz_2roto-SncMulOiNqNacqCfvJT1hp4Oh0NnJ8UdjgRG...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQLrhhyOyvId4-w84FDshMTlXR62-A11fz_2roto-SncMulOiNqNacqCfvJT1hp4Oh0NnJ8UdjgRGiH-CFXLqi3HRT0ZFjRDg&google_hm=100169fe-2035-4fef-...

170 B
188 B

44ms
43ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQLrhhyOyvId4-w84FDshMTlXR62-A11fz_2roto-SncMulOiNqNacqCfvJT1hp4Oh0NnJ8UdjgRGiH-CFXLqi3HRT0ZFjRDg&google_hm=100169fe-2035-4fef-938a-5a3d7edc73ae

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-200
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmQLrhhyOyvId4-w84FDshMTlXR62-A11fz_2roto-SncMulOiNqNacqCfvJT1hp4Oh0NnJ8UdjgRGiH-CFXLqi3HRT0ZFjRDg&google_hm=100169fe-2035-4fef-938a-5a3d7edc73ae
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FF02
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmQi2KNciutIXpWS-fXWoROqtm73lMUD-CJeF8CgLGv_06fnZ06N5g8q3ddKDZ63vLOLOFKARjmrw0TQhFFXm...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmQi2KNciutIXpWS-fXWoROqtm73lMUD-CJeF8CgLGv_06fnZ06N5g8q3ddKDZ63vLOLOFKARjmrw0TQhFFXm...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQi2KNciutIXpWS-fXWoROqtm73lMUD-CJeF8CgLGv_06fnZ06N5g8q3ddKDZ63vLOLOFKARjmrw0TQhFFXmceVi24mn7b2GA&google_hm=Hq1jJGZH-vtU6kVSQC6k...

170 B
188 B

53ms
53ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQi2KNciutIXpWS-fXWoROqtm73lMUD-CJeF8CgLGv_06fnZ06N5g8q3ddKDZ63vLOLOFKARjmrw0TQhFFXmceVi24mn7b2GA&google_hm=Hq1jJGZH-vtU6kVSQC6kqh_W

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 17 Nov 2023 03:47:37 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQi2KNciutIXpWS-fXWoROqtm73lMUD-CJeF8CgLGv_06fnZ06N5g8q3ddKDZ63vLOLOFKARjmrw0TQhFFXmceVi24mn7b2GA&google_hm=Hq1jJGZH-vtU6kVSQC6kqh_W
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FF02
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEIbMnkMHIGP-ifCkLTxpekA&google_cver=1&google_push=AXcoOmTByI5sxL9BbbMIoVHoTxS-1a6wvauvj537CypHRMPT1kGwXpyxhJqiJ96xnuEkpmqNU4v2ivDq-0rQ8EBonHoPIsVhz...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMTk0NDU2NjIyMzI0MDAwMFYxMA%3d%3d&mn_hm=MzQzMTk0NDU2NjIyMzI0MDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTByI5sxL9BbbMIoVHoTxS-1a6...

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMTk0NDU2NjIyMzI0MDAwMFYxMA%3d%3d&mn_hm=MzQzMTk0NDU2NjIyMzI0MDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTByI5sxL9BbbMIoVHoTxS-1a6wvauvj537CypHRMPT1kGwXpyxhJqiJ96xnuEkpmqNU4v2ivDq-0rQ8EBonHoPIsVhzUYZvg&gdpr=&gdpr_consent=

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 03:47:36 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMTk0NDU2NjIyMzI0MDAwMFYxMA%3d%3d&mn_hm=MzQzMTk0NDU2NjIyMzI0MDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmTByI5sxL9BbbMIoVHoTxS-1a6wvauvj537CypHRMPT1kGwXpyxhJqiJ96xnuEkpmqNU4v2ivDq-0rQ8EBonHoPIsVhzUYZvg&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Fri, 17 Nov 2023 03:47:36 GMT

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame FF02 0
35 B 53ms
52ms Image
text/plain 52.28.38.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEFaKpovaJi_ZNjgKxFUamlo&google_cver=1&google_push=AXcoOmQ7zPPbdCdizIrYZH5d5BPOp8jQlIdZeMu8ugsnE_A3rCKvrbJEOgoywcvR0bqno8MkzJVG7DG-gX6bYqQa5xkWFa1tA9SOMQ
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.38.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-38-5.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:36 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FF02 0
12 B 89ms
88ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K8NHtf3W_qrX-jofQcAbo4OzEsok-WK2sC8kfTMBYKRtBi_oDyGX9TWdb6XDIL6YJlhUc0wA

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame C9CC 49 B
494 B 407ms
260ms XHR
application/json 18.66.122.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:37 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: 1PBzIwcflvtthJS1cQVm4YaBZMvudWP8g1ZhqE2Y3C6YDhdvs72pYw==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 515ms
156ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:36 GMT
x-amzn-RequestId: f47b4d29-6d05-83db-a9ab-a9b15478f6bf

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame C9CC 133 B
569 B 515ms
160ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: c9602fd136907220e79ed7c0dbf36cef10b1e8f186183b503bb7357d81c5102e

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=35a72f1b2b91b83327cd4654e001514bcabb04cb66fc3a4348fd4626a62fabfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 2a8b94def54d7175343d2bb6d0560569a9bf04419f66aae77b980856632eeed4
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034736Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: f23ba350-c8ef-c7e5-afeb-47c94cd123f8
Content-Length: 133
x-amz-id-2: d9/IHGs/0M0aX3xtQsvv3Vl8QwqTQPGH3IbSU2vKJRuEnf7xFv8BUGRZIbkwcQ4QJMnofYybD7145/TvTTIIJrmbjGkjqtsj
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame E4BD 0
0 66ms
66ms Document
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Fri, 17 Nov 2023 03:47:36 GMT
pragma: no-cache

GET
H2 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js_a/desktop/ Frame C9CC 208 KB
61 KB 525ms
92ms XHR
application/javascript 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js_a/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: M..2uk1oytKXIiwyOT2pb17QwmooKg.V
content-encoding: br
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 12:36:00 GMT
x-amz-cf-pop: FRA60-P5
age: 54698
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:39 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: VrqgcnIhlgb93eKmiCI7pzumrnXk88fht82bVDC58pzA1C2w6VSgpA==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame C9CC 133 B
569 B 560ms
160ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: 0d3459e73e9ecd7967a568701dc89f238af481441b80c66962ea15a552efe65d

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=42f6eb1cb07faa2a56b9c090e585c8e61ca91082c49e92765136e3e021b3c694
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 0ad83098a9234e09067c21cc44d0517df47ce876a555fa1efa1d98bd037db8b1
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034736Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: df7ea1dd-b682-fb5e-82ae-4544101e96f6
Content-Length: 133
x-amz-id-2: /41G9MoH6A3WpSgwLEJi72iqSPRP5SyKwquTC4dJ+HeV4pvxBmHKnZo4nUz8LxDHjvYL2kXG8GP/icx5Or8CEbowGbIq1yu3
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 512ms
158ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:36 GMT
x-amzn-RequestId: ef164298-1ebf-8b64-b2c6-a6009a816f79

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame 1C0D 49 B
495 B 374ms
259ms XHR
application/json 18.66.122.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:37 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: 5J-lGqpmvQhaGnfkblzSR0SHUZ2ZoAyQNvAUiHPJ_6X-Nrc-ZqnQfA==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 565ms
171ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:36 GMT
x-amzn-RequestId: ee2477cc-4042-9f3a-b3f4-935412bcc739

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 1C0D 133 B
569 B 509ms
169ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: efd8d096210a27e0587e354c562e60fbb59fe106906f71487b333ed24054ab07

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=2e4044f903bdfbeab2f4c10c76aa59e5637b781ab4ff472b70ca78c1df5447f8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 038c266454999cf5fb35a3c8cb245e076237d2fb2903b0c88ee97fa739be491d
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034736Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: e6adaefd-38bb-b211-bb7d-4a6489112e10
Content-Length: 133
x-amz-id-2: FBX5+0wu/7YGSB5PwGpK8vLIoKv6SN15i47AGA4pjmPISGlBmSrK0Dl0ZgWjuXwIGXPojHbckePM2YcnTwZqs+j0rzgRnIjS
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame 3228 0
0 74ms
73ms Document
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Fri, 17 Nov 2023 03:47:36 GMT
pragma: no-cache

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 569ms
153ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:36 GMT
x-amzn-RequestId: c04cbbe6-b85e-a3f3-9d9c-5f7e1ec2ce5b

GET
H2 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js_a/desktop/ Frame 1C0D 208 KB
61 KB 488ms
90ms XHR
application/javascript 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js_a/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: M..2uk1oytKXIiwyOT2pb17QwmooKg.V
content-encoding: br
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 12:36:00 GMT
x-amz-cf-pop: FRA60-P5
age: 54698
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:39 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: tVaBytcpohGenXKXqqUyBZ45-hB6MNzvrpajn-mMBL3wg6025xT02Q==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 1C0D 133 B
569 B 608ms
207ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: 2498da4a6af16d60195335b2aa68a8f87c7c29b98cf4959d9a7deffc039fec38

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=9b80c09dd9eefc52b1835c9a3cca0a5583929a2756e1e8a5f53c596ada28cf4e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 0559365ce1ecba87baed1ffe64b67217eee41ecc2d088a9f8e118a8d147576fa
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034736Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: eaf775e1-c8f4-e2fa-b727-9178d8a23d05
Content-Length: 133
x-amz-id-2: iW5uucm/vV9zTDqS80G9Qzc6oYuT6SOOKZ5N4sgXVFsKnjzU6Zo41fNgdrJ8jCzRiIwXR0RbW7YIbF3hJVlANPtGDw8GsI8x
Content-Type: application/x-amz-json-1.1

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame 977F 49 B
494 B 340ms
258ms XHR
application/json 18.66.122.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:37 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: g3Hdb5kMMHrxAmCawYhfKc1yJDnnElGKtc3uGTmMOu1N14L3AMMgGw==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 548ms
152ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:36 GMT
x-amzn-RequestId: cb2bc443-5f9a-9257-96fb-20dbee300e56

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 977F 133 B
569 B 603ms
202ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: 7edc8dfd6163dc556935860188ef4cf0721944ada70379f155fe919a053a3c31

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=2c49b948d53e3e444d1490048b8437483a6a348126d55f63862f74ccf4ba124c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: c8dc7240675452b1d65c69cdf5c0be5612c314937fb3b6e8524cb18694e71137
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034736Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: fae354aa-c19a-438a-a733-b033f8e736ee
Content-Length: 133
x-amz-id-2: fSWOUVLLY+cLcWOUto6RBc/zGBHwfNQc936XvnIev7A3fVwN/c71bSmJ9cFhuDWr5t7LkLNKYaBrrpWxhS9tw9d+cpwy7ZmR
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame 3DE6 0
0 68ms
67ms Document
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Fri, 17 Nov 2023 03:47:36 GMT
pragma: no-cache

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 600ms
170ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:36 GMT
x-amzn-RequestId: c3345168-eb05-b179-9ee4-b5f0d278c41d

GET
H2 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js/desktop/ Frame 977F 208 KB
61 KB 424ms
64ms XHR
application/javascript 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding: br
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 12:37:08 GMT
x-amz-cf-pop: FRA60-P5
age: 54629
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:36 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: HpRkPNtj450ifi5_x4DetbjS6w6rUMzcgLzUFKUxsOSaoO4gbpwE3A==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 977F 133 B
569 B 537ms
193ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: 94fbefef6eab1d06a976cad766e54657598ab7c479a7566e164a3abecdb2b2f4

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=25dbfd588635c4f3e040241e3cb2e8b2a671b4985d03f7a8db9adf280f65709f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 4935affc03705fb644d6428a7bfacf1be09e13f7031ac18c876f138576baac2b
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034736Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: e0c45c09-4d6b-c439-bd14-b890c9552024
Content-Length: 133
x-amz-id-2: t6LVFNUG6whFOihO0yUvn9NEuQ6tMKf2pE2nrvBQQAQIHLDz58i/X6EtPSWKTv5f5SnIbk25wgRwqevQQXi4WajN6XCq+DZY
Content-Type: application/x-amz-json-1.1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9924
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPmynMnbkBI8FZFapd3EOdw&google_cver=1&google_push=AXcoOmTI_Cyuo6higIToaRehyLJhHmRzmyuodqB-2FKqdCEi0s37jhATj9Zk-CKFXD9YSJM9UgmxzdYGlzYVUv...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjI3MjcxMzQxNTU4Nzk4OA%3D%3D&google_push=AXcoOmTI_Cyuo6higIToaRehyLJhHmRzmyuodqB-2FKqdCEi0s37jhATj9Zk-CKFXD9YSJM9UgmxzdYGlzYVUvry8A...

170 B
188 B

40ms
40ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjI3MjcxMzQxNTU4Nzk4OA%3D%3D&google_push=AXcoOmTI_Cyuo6higIToaRehyLJhHmRzmyuodqB-2FKqdCEi0s37jhATj9Zk-CKFXD9YSJM9UgmxzdYGlzYVUvry8AYIu30xPtRX

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjI3MjcxMzQxNTU4Nzk4OA%3D%3D&google_push=AXcoOmTI_Cyuo6higIToaRehyLJhHmRzmyuodqB-2FKqdCEi0s37jhATj9Zk-CKFXD9YSJM9UgmxzdYGlzYVUvry8AYIu30xPtRX
Date: Fri, 17 Nov 2023 03:47:36 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9924
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lucv95ilSfWKo8mq88iAzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

46ms
46ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lucv95ilSfWKo8mq88iAzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTJFNXQVb9n2z5fFpLupHhUqT7R-kNIpW01Ia7R2G7PcUPJr7p9Rs0KyXe4dZ-TQELkfRUSpe7KjTbIBnnZTDkllBWcNW1LEA

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lucv95ilSfWKo8mq88iAzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTJFNXQVb9n2z5fFpLupHhUqT7R-kNIpW01Ia7R2G7PcUPJr7p9Rs0KyXe4dZ-TQELkfRUSpe7KjTbIBnnZTDkllBWcNW1LEA
date: Fri, 17 Nov 2023 03:47:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9924
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmSnr6ymMcR_JwKEKT15avWQKvLNWemP7...

170 B
188 B

47ms
47ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmSnr6ymMcR_JwKEKT15avWQKvLNWemP7CuwlV40tjRh8hTabSdeNPkUrvO4mfIpGOABNEvFmpH9llaxPnvo69-1pLV-H9TEEQ

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EJylPneo%2FSWLTtp%2BEPTwX8MkgZMbXXs5vSANru4ak9h%2BUfVaP6tlCoSIqk2urR3qHA07jjFersI%2BE3zyvYyyMkERdoyveWbfnPYl%2BpQF%2F%2FbsArYkBplfFOpCpvLRcc%2FWRXqOEESqQa%2BDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmSnr6ymMcR_JwKEKT15avWQKvLNWemP7CuwlV40tjRh8hTabSdeNPkUrvO4mfIpGOABNEvFmpH9llaxPnvo69-1pLV-H9TEEQ
cache-control: no-cache
cf-ray: 8274fe48b85624c0-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9924
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmTzkclKMVOCxE3AbYSzjO5fh3P6HH2El7KarW-O5C6Q4TSq72OHniJa_r6UYcLLVDsydkTC9G0enc6iv9-2c...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmTzkclKMVOCxE3AbYSzjO5fh3P6HH2El7KarW-O5C6Q4TSq72OHniJa_r6UYcLLVDsydkTC9G0enc6iv9-2c...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTzkclKMVOCxE3AbYSzjO5fh3P6HH2El7KarW-O5C6Q4TSq72OHniJa_r6UYcLLVDsydkTC9G0enc6iv9-2cgOtWh009FmbWg&google_hm=Hq1jJGZH-vtU6kVSQC6k...

170 B
188 B

53ms
52ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTzkclKMVOCxE3AbYSzjO5fh3P6HH2El7KarW-O5C6Q4TSq72OHniJa_r6UYcLLVDsydkTC9G0enc6iv9-2cgOtWh009FmbWg&google_hm=Hq1jJGZH-vtU6kVSQC6kqh_W

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 17 Nov 2023 03:47:37 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTzkclKMVOCxE3AbYSzjO5fh3P6HH2El7KarW-O5C6Q4TSq72OHniJa_r6UYcLLVDsydkTC9G0enc6iv9-2cgOtWh009FmbWg&google_hm=Hq1jJGZH-vtU6kVSQC6kqh_W
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9924
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMzrRbVVCw-AKrI1HMbQ5Sg&google_cver=1&google_push=AXcoOmSlsKORnKnuCuRg0Bh7ovMcIcCN8jS0CFzeoPhhZft0t0VEUbnV5umWeTzncKpGxYpyT-ZMxyioryhBmB6XfiECmTYDykxI
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAxNzE0MDIxNDAwNjAxMTkzODc3Mg%3D%3D&google_push=AXcoOmSlsKORnKnuCuRg0Bh7ovMcIcCN8jS0CFzeoPhhZft0t0VEUbnV...

170 B
188 B

42ms
40ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAxNzE0MDIxNDAwNjAxMTkzODc3Mg%3D%3D&google_push=AXcoOmSlsKORnKnuCuRg0Bh7ovMcIcCN8jS0CFzeoPhhZft0t0VEUbnV5umWeTzncKpGxYpyT-ZMxyioryhBmB6XfiECmTYDykxI

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAxNzE0MDIxNDAwNjAxMTkzODc3Mg%3D%3D&google_push=AXcoOmSlsKORnKnuCuRg0Bh7ovMcIcCN8jS0CFzeoPhhZft0t0VEUbnV5umWeTzncKpGxYpyT-ZMxyioryhBmB6XfiECmTYDykxI
date: Fri, 17 Nov 2023 03:47:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9924
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEIbMnkMHIGP-ifCkLTxpekA&google_cver=1&google_push=AXcoOmS4j_xQCsQqNegyBNO2kO6n-MV6rxiYD1PS4LZ5lM6PF_dMoJ65J-e09Ga1YnHGMD2kOPNVA2Uzuqi17Cwo12QHyKGNa0Hu
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMTk0NDU2NjIyMzI0MDAwMFYxMA%3d%3d&mn_hm=MzQzMTk0NDU2NjIyMzI0MDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmS4j_xQCsQqNegyBNO2kO6n-MV...

170 B
188 B

42ms
41ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMTk0NDU2NjIyMzI0MDAwMFYxMA%3d%3d&mn_hm=MzQzMTk0NDU2NjIyMzI0MDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmS4j_xQCsQqNegyBNO2kO6n-MV6rxiYD1PS4LZ5lM6PF_dMoJ65J-e09Ga1YnHGMD2kOPNVA2Uzuqi17Cwo12QHyKGNa0Hu&gdpr=&gdpr_consent=

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 03:47:36 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQzMTk0NDU2NjIyMzI0MDAwMFYxMA%3d%3d&mn_hm=MzQzMTk0NDU2NjIyMzI0MDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmS4j_xQCsQqNegyBNO2kO6n-MV6rxiYD1PS4LZ5lM6PF_dMoJ65J-e09Ga1YnHGMD2kOPNVA2Uzuqi17Cwo12QHyKGNa0Hu&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Fri, 17 Nov 2023 03:47:36 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 9924
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEESCGl7mW0AVY97L1MezgBQ&google_cver=1&google_push=AXcoOmRqe2bFs7p3CYEZwi9k4qVB64JzOrAGbtyrKWZHRQqTX_o5pTIlBjfUALcdljlxjduUHsfYFO-G3sX...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRqe2bFs7p3CYEZwi9k4qVB64JzOrAGbtyrKWZHRQqTX_o5pTIlBjfUALcdljlxjduUHsfYFO-G3sXtFzVDPZOLW6ZoSmk7ito
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

30ms
30ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9924 0
12 B 44ms
43ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I3xVkLlGnNaUwZ2uKPxzW9XkYqmEvGv7G5ISiMFws9HW8uohtworoupeGTskPhldwTzegDnA

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame 7D09 49 B
495 B 272ms
260ms XHR
application/json 18.66.122.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:37 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: eMu_d1hHge6IR-FCYFrAKxCXh_SwVtRuk7-JCrQTQrgXDWTPYO0AZw==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 565ms
177ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:36 GMT
x-amzn-RequestId: e9fcbd5a-38c9-23b7-b42c-59c2289ffc48

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 7D09 133 B
569 B 634ms
245ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: 02f923b40756a9fcc71131201d525371926f843ff807a032f3a6b4e617060789

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=d5558866cbd6d9790d86b1aa4b447281db82bdea39504fe9270082c855bb5c87
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 0eb15328185d20ff0f798ec1012f8c4a86e28dd4300d3a5d45323c2af181fb15
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034736Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: cc3a8995-bb4e-57da-91ea-6d0c1dd23a72
Content-Length: 133
x-amz-id-2: GaMw/ik7G8oMes6dO3BP2pH10FAihZN9J78IKiYFzpP+WlcKTkJTsJvADCdTZTjOn5hfJcVLUbb4i7kqbN+zl3bdfzSUIqL/
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame 2BBF 0
0 50ms
49ms Document
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Fri, 17 Nov 2023 03:47:36 GMT
pragma: no-cache

GET
H2 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js/desktop/ Frame 7D09 208 KB
61 KB 365ms
64ms XHR
application/javascript 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding: br
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 12:37:08 GMT
x-amz-cf-pop: FRA60-P5
age: 54629
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:36 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: Tel2RkTzqPaXluyICLQ1WeM0T5H7GjZKgq3pRFTo3WQaEQTS3_jAVg==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 7D09 133 B
569 B 566ms
183ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: 674a8eeeacde05874f5120985132226a000786cafbae70c56742b96e702eafc8

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=d1cc57ac62a745d9e41984258583514da8c226bf25293cf6a90f379642670190
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 21720e0f89ba9e1a1c72e106a46d85bd30a3304d4971e28e00d7260430376716
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034736Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: c71e5500-3d2a-251e-9ace-b1996fd47d1d
Content-Length: 133
x-amz-id-2: Vx/PJdTgnd67alGSgo2+LG026YwUDJL6Em4+paE5D+mR01NkR11+J7d+1pZmG2ExaULfukdAHAHQCZij+b/21nTEfCWZqvkb
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 554ms
177ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:36 GMT
x-amzn-RequestId: f4f4cfd8-9813-976d-a924-2b401c2d7370

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8628 35 B
211 B 38ms
35ms Image
image/gif 91.228.74.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEElULNDrKtz_L_lM2CuBlvI&google_cver=1&google_push=AXcoOmTKRPpDSKnAWvEqT0ToKP1GMWOPVhsvJJ6uSP9FZCG7xcv0cDabwj6DAuFjFKE0iCO0CCoMTe8i0X6TTywJbw9-jQsvyfACXg

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.200 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8628
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECc9TIn8f2JYt7eMj4TE1-s&google_cver=1&google_push=AXcoOmTO5riAYAkz0umDpOB_ECIUhLGKaXXqFAx-HL9jbYM62m-IQZ0NSh6FP319JaGHdoNYkenBTA_AeUzuk-iyADGnRoZ...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTO5riAYAkz0umDpOB_ECIUhLGKaXXqFAx-HL9jbYM62m-IQZ0NSh6FP319JaGHdoNYkenBTA_AeUzuk-iyADGnRoZsVinEdA&google_hm=eS1pOEJfUnRwRTJwRlow...

170 B
188 B

41ms
41ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTO5riAYAkz0umDpOB_ECIUhLGKaXXqFAx-HL9jbYM62m-IQZ0NSh6FP319JaGHdoNYkenBTA_AeUzuk-iyADGnRoZsVinEdA&google_hm=eS1pOEJfUnRwRTJwRlowMmV6NEUwWGNBSlNiWkFvM01sT35B

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Nov 2023 03:47:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTO5riAYAkz0umDpOB_ECIUhLGKaXXqFAx-HL9jbYM62m-IQZ0NSh6FP319JaGHdoNYkenBTA_AeUzuk-iyADGnRoZsVinEdA&google_hm=eS1pOEJfUnRwRTJwRlowMmV6NEUwWGNBSlNiWkFvM01sT35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8628
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmRzvJrndNQIP92UrzLtiJbxJ5UwsZaIU...

170 B
188 B

42ms
42ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmRzvJrndNQIP92UrzLtiJbxJ5UwsZaIUjuWbTB3zKOoWLMw8yexV4siH7OJq5oomymfbSJln0n0g8cwcCGQC8LEGc86vBg45w

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IftZ%2BLF%2FJGKYSknnYDNCTXVsJw5tm5Yf%2FmyT4HwAP6FB7%2Bw5gO%2F53MKUzCepein1xo1feOOVNpwb8pAPDsS65mHw7SX58gRqmj7bjMB583vkNidW19V3kls8WG5Eti2lu4PK94d1NCMOsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmRzvJrndNQIP92UrzLtiJbxJ5UwsZaIUjuWbTB3zKOoWLMw8yexV4siH7OJq5oomymfbSJln0n0g8cwcCGQC8LEGc86vBg45w
cache-control: no-cache
cf-ray: 8274fe4918e524c0-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8628
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmTjFckMdrHXxobaS9HSPL4AblOhANxETC1kz4Qnn_7jAvFmNx7o_uIJjRSIiulHoPGzkGhYxER2Yh...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTjFckMdrHXxobaS9HSPL4AblOhANxETC1kz4Qnn_7jAvFmNx7o_uIJjRSIiulHoPGzkGhYxER2YhTti5ZSuEp7EL1msB5evA&google_hm=c974fa89-24da-44b8-...

170 B
188 B

44ms
44ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTjFckMdrHXxobaS9HSPL4AblOhANxETC1kz4Qnn_7jAvFmNx7o_uIJjRSIiulHoPGzkGhYxER2YhTti5ZSuEp7EL1msB5evA&google_hm=c974fa89-24da-44b8-8670-81bbd8b41d1a

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-201
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmTjFckMdrHXxobaS9HSPL4AblOhANxETC1kz4Qnn_7jAvFmNx7o_uIJjRSIiulHoPGzkGhYxER2YhTti5ZSuEp7EL1msB5evA&google_hm=c974fa89-24da-44b8-8670-81bbd8b41d1a
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8628
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEHZwoabV9kh5aIK-ias_kiM&google_cver=1&google_push=AXcoOmT1rj_54mF3qSL1kdIvahf3qASPhO8VhvcNx7CL9RARuZc4TAVA5ZGPorXpBrdTmzlIxgTWdi69DbHIlWNGMYerPzCssWT8jg
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmT1rj_54mF3qSL1kdIvahf3qASPhO8VhvcNx7CL9RARuZc4TAVA5ZGPorXpBrdTmzlIxgTWdi69DbHIlWNGMYerPzCssWT8jg&google_hm=M0ZNeU83N2RkNDdTeW...

170 B
188 B

44ms
44ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmT1rj_54mF3qSL1kdIvahf3qASPhO8VhvcNx7CL9RARuZc4TAVA5ZGPorXpBrdTmzlIxgTWdi69DbHIlWNGMYerPzCssWT8jg&google_hm=M0ZNeU83N2RkNDdTeWNSaldPWmM=

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmT1rj_54mF3qSL1kdIvahf3qASPhO8VhvcNx7CL9RARuZc4TAVA5ZGPorXpBrdTmzlIxgTWdi69DbHIlWNGMYerPzCssWT8jg&google_hm=M0ZNeU83N2RkNDdTeWNSaldPWmM=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 8628
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEESCGl7mW0AVY97L1MezgBQ&google_cver=1&google_push=AXcoOmTp0vfsJ8PE_C-aHWPZ5tgGG5qRRF6Io6YunJujjokJlSMv8Be_B8V68NEogz4-L-khIwWE4thMYIJ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTp0vfsJ8PE_C-aHWPZ5tgGG5qRRF6Io6YunJujjokJlSMv8Be_B8V68NEogz4-L-khIwWE4thMYIJx31bAqVU3cNHLi945TH4
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

33ms
33ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8628
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEDBsM703hnw_wQIOuRImbKM&google_cver=1&google_push=AXcoOmQKimb_jjVrnM-5xsU-CfrvtJX5BYZSxFsUKeGJNMmBQvRmtL2JHCwpKkczx9izZUxjNX41nv1ak0HNgEhpwAbgHeXHy...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQKimb_jjVrnM-5xsU-CfrvtJX5BYZSxFsUKeGJNMmBQvRmtL2JHCwpKkczx9izZUxjNX41nv1ak0HNgEhpwAbgHeXHy9ggdCM&google_hm=f34e9699882...

170 B
188 B

45ms
44ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQKimb_jjVrnM-5xsU-CfrvtJX5BYZSxFsUKeGJNMmBQvRmtL2JHCwpKkczx9izZUxjNX41nv1ak0HNgEhpwAbgHeXHy9ggdCM&google_hm=f34e9699882611da106svw00lp22xggl

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQKimb_jjVrnM-5xsU-CfrvtJX5BYZSxFsUKeGJNMmBQvRmtL2JHCwpKkczx9izZUxjNX41nv1ak0HNgEhpwAbgHeXHy9ggdCM&google_hm=f34e9699882611da106svw00lp22xggl
date: Fri, 17 Nov 2023 03:47:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
content-type: text/html; charset=utf-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8628 0
12 B 44ms
43ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L8-1AsThsJ25R_6X4cjNbPsYkgTDLQO2rZyWwKlAbKV4RVJgnn7kx9mW2NaJJV7sQnrwMyOa0

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame 46D0 49 B
495 B 210ms
209ms XHR
application/json 18.66.122.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:37 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: fb5byzjewV2vWQZVwy_pGGxpAd_TW03vu8gtXr-kME7MFTQyG4QvVw==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 563ms
158ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:36 GMT
x-amzn-RequestId: f8b1b80b-0607-3e7c-a561-5c9354f9667f

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 46D0 133 B
569 B 575ms
223ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: 129f20debee194b31b8a819edc495fa273642cab482d63c2aa9a2cfb73f1d6a9

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=82d13499a9eaf14f11dc540df2bfd39ce58d21b47680ef6717827d8d16e56e91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 5e8027177e91d648ccb188336b54c464bcc3a9d9e7409808e82e43bacf92cac5
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034736Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: c79795ff-2129-3b8f-9a47-71669083a78e
Content-Length: 133
x-amz-id-2: GO2Ws8sI2R/J9mN3lRDFkKx5qiNvhMx1TwC3jVmOsO89v4hw/1bXV0NdnlOseTjww4iKLGV1CFRM/4SEQHfGcLLUtQAT7y1x
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame E7CE 0
0 63ms
63ms Document
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Fri, 17 Nov 2023 03:47:36 GMT
pragma: no-cache

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 562ms
155ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:36 GMT
x-amzn-RequestId: ca201f2e-a7d7-ebf9-97f0-fbb6014b8651

GET
H2 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js/desktop/ Frame 46D0 208 KB
61 KB 378ms
77ms XHR
application/javascript 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding: br
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 12:37:08 GMT
x-amz-cf-pop: FRA60-P5
age: 54629
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:36 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: 2lREuWOsFrSi-XH3vbGC6GCGNqLoZYRW2AiEJtIQHm8XgWfVjNWK6w==

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 46D0 133 B
569 B 624ms
174ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: edc0c0ce3711f98a618fb251dab8954af55318e208f9947c09554792b9030a2c

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=c7c174bfec935c5ed5c9cdc81cfac16acd20f66202b1d1aa14f3df73fa017a91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 02f542d7a5ff33713db3c0d70d0e5b22635eb43b0aca9ab065ceae8631e52fd0
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034736Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: c3866e66-4e69-fc88-9e56-8aff771489ec
Content-Length: 133
x-amz-id-2: BHY76x68ggJBUtHWfOPoRChLfAQXyq9cvbHHOTMpjFCH03+1VFvZ4YKv5DtlRj+SxZkdDZzOWZjbS50LaCx6GMErPRg6a2JR
Content-Type: application/x-amz-json-1.1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1DB8
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEElULNDrKtz_L_lM2CuBlvI&google_cver=1&google_push=AXcoOmTLrOgFZMEHoh2WWM1CV8XU6B-73ZN3n9oZHbPJAtd2gwRiVtKlfi...
https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmTLrOgFZMEHoh2WWM1CV8XU6B-73ZN3n9oZHbPJAtd2gwRiVtKlfi6rjE-qNqrNctwmdbPMEXUxXF87Q7PlxJMufn6aBOrA&google_hm=t76Thn...

170 B
188 B

42ms
42ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmTLrOgFZMEHoh2WWM1CV8XU6B-73ZN3n9oZHbPJAtd2gwRiVtKlfi6rjE-qNqrNctwmdbPMEXUxXF87Q7PlxJMufn6aBOrA&google_hm=t76ThnX0JyYPHfihoVkzIw

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=0&google_nid=B765081F39B1F7&google_push=AXcoOmTLrOgFZMEHoh2WWM1CV8XU6B-73ZN3n9oZHbPJAtd2gwRiVtKlfi6rjE-qNqrNctwmdbPMEXUxXF87Q7PlxJMufn6aBOrA&google_hm=t76ThnX0JyYPHfihoVkzIw
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1DB8
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPmynMnbkBI8FZFapd3EOdw&google_cver=1&google_push=AXcoOmS4hgY-a6lVeviikUb0y5ad1PQBAhVulTPuSSNFREPgmbl3kvFWxeZn3dOuwa2PdrdGAz3LAkuB1lA1qb...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjI3MjcxMzQxNTU4Nzk4OA%3D%3D&google_push=AXcoOmS4hgY-a6lVeviikUb0y5ad1PQBAhVulTPuSSNFREPgmbl3kvFWxeZn3dOuwa2PdrdGAz3LAkuB1lA1qbUnGe...

170 B
188 B

43ms
42ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjI3MjcxMzQxNTU4Nzk4OA%3D%3D&google_push=AXcoOmS4hgY-a6lVeviikUb0y5ad1PQBAhVulTPuSSNFREPgmbl3kvFWxeZn3dOuwa2PdrdGAz3LAkuB1lA1qbUnGeIcJJWcIgc

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjI3MjcxMzQxNTU4Nzk4OA%3D%3D&google_push=AXcoOmS4hgY-a6lVeviikUb0y5ad1PQBAhVulTPuSSNFREPgmbl3kvFWxeZn3dOuwa2PdrdGAz3LAkuB1lA1qbUnGeIcJJWcIgc
Date: Fri, 17 Nov 2023 03:47:36 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1DB8
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lucv95ilSfWKo8mq88iAzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

43ms
42ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lucv95ilSfWKo8mq88iAzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRYaKZRWuacGTrOE6VMQba9tl7id2kjLT2E6BwYursI_XhHcMrGkxGgpQ83kvnXmi6DSRzm4IqJZKBI-cIXiY-ysqIiBYg

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lucv95ilSfWKo8mq88iAzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRYaKZRWuacGTrOE6VMQba9tl7id2kjLT2E6BwYursI_XhHcMrGkxGgpQ83kvnXmi6DSRzm4IqJZKBI-cIXiY-ysqIiBYg
date: Fri, 17 Nov 2023 03:47:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1DB8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmRAm2GUJkTnog57Mn-zztbYX7SAF6KDr...

170 B
188 B

43ms
42ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmRAm2GUJkTnog57Mn-zztbYX7SAF6KDrWbVrTX7-uyceoGggRWGEjOIAK3mSxYyXhzxaLClSh0hYsrEbnOuSLnKQj6oYFE

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BAAS90z2G76IYaDGqJFSIc%2BQwgAn9jbcX2nhKvUOypmuw7fs%2FHGfCW%2FC3vlzaSojplPtHa6TqqVHpgdsoS%2Bs6jZ6Wpi3Lq97fHn%2FR6m6O4R0A4iPDUbBWaG9vHuahyVcek8KBzgGOZBtcg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJ_TGR7VlZkCdFL_P379x20&google_hm=ZVbiVn6vJ-E59nNqoqPXFQAAFEUAAAIB&google_nid=index&google_push=AXcoOmRAm2GUJkTnog57Mn-zztbYX7SAF6KDrWbVrTX7-uyceoGggRWGEjOIAK3mSxYyXhzxaLClSh0hYsrEbnOuSLnKQj6oYFE
cache-control: no-cache
cf-ray: 8274fe49592224c0-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1DB8
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmT_5txnI_5JPUpROl79e3-vxWWkZLtPcR_QPXFzEhZdEB5tzljzI9wgktGo85MpgFbEPjqn3FpHYt...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmT_5txnI_5JPUpROl79e3-vxWWkZLtPcR_QPXFzEhZdEB5tzljzI9wgktGo85MpgFbEPjqn3FpHYtCyFupxkzDyIC67tsqd&google_hm=07413442-8e7f-41e1-90...

170 B
188 B

50ms
50ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmT_5txnI_5JPUpROl79e3-vxWWkZLtPcR_QPXFzEhZdEB5tzljzI9wgktGo85MpgFbEPjqn3FpHYtCyFupxkzDyIC67tsqd&google_hm=07413442-8e7f-41e1-900f-ccbf6ecbef54

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-156
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AXcoOmT_5txnI_5JPUpROl79e3-vxWWkZLtPcR_QPXFzEhZdEB5tzljzI9wgktGo85MpgFbEPjqn3FpHYtCyFupxkzDyIC67tsqd&google_hm=07413442-8e7f-41e1-900f-ccbf6ecbef54
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1DB8
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEHZwoabV9kh5aIK-ias_kiM&google_cver=1&google_push=AXcoOmS06GcymjBKvXAlucSZBCpYmHJwXxaqRJueQOb7RpB3za8ZVfKpQa2bp-RlhQXs_9ZNF-awiDfjUksLI1f3jbDV9Il7WWA
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmS06GcymjBKvXAlucSZBCpYmHJwXxaqRJueQOb7RpB3za8ZVfKpQa2bp-RlhQXs_9ZNF-awiDfjUksLI1f3jbDV9Il7WWA&google_hm=M0ZNeU83N2RkNDdTeWNSa...

170 B
188 B

42ms
42ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmS06GcymjBKvXAlucSZBCpYmHJwXxaqRJueQOb7RpB3za8ZVfKpQa2bp-RlhQXs_9ZNF-awiDfjUksLI1f3jbDV9Il7WWA&google_hm=M0ZNeU83N2RkNDdTeWNSaldPWmM=

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmS06GcymjBKvXAlucSZBCpYmHJwXxaqRJueQOb7RpB3za8ZVfKpQa2bp-RlhQXs_9ZNF-awiDfjUksLI1f3jbDV9Il7WWA&google_hm=M0ZNeU83N2RkNDdTeWNSaldPWmM=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1DB8
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEDBsM703hnw_wQIOuRImbKM&google_cver=1&google_push=AXcoOmQRHSsv9omgJNhY_iHinNUc9kJBuCmO5BIvUnZPw_kvgOycsIfXcfhYrdPJEXfKwOqkrDI1P-F00egdxw_BU9Qs6qAvL957
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQRHSsv9omgJNhY_iHinNUc9kJBuCmO5BIvUnZPw_kvgOycsIfXcfhYrdPJEXfKwOqkrDI1P-F00egdxw_BU9Qs6qAvL957&google_hm=f34e9699882611...

170 B
188 B

45ms
45ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQRHSsv9omgJNhY_iHinNUc9kJBuCmO5BIvUnZPw_kvgOycsIfXcfhYrdPJEXfKwOqkrDI1P-F00egdxw_BU9Qs6qAvL957&google_hm=f34e9699882611da1m3z2600lp22xggl

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQRHSsv9omgJNhY_iHinNUc9kJBuCmO5BIvUnZPw_kvgOycsIfXcfhYrdPJEXfKwOqkrDI1P-F00egdxw_BU9Qs6qAvL957&google_hm=f34e9699882611da1m3z2600lp22xggl
date: Fri, 17 Nov 2023 03:47:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 246
content-type: text/html; charset=utf-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1DB8 0
12 B 37ms
36ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L-coXMBFmyAl8gq5L62OQ7qATK4-JatrFSmzA8ED2RHfPThLnuaDnK59TucEE-vTGtC-fMpg

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 rid Show response
matchadsrvr.yieldmo.com/track/ Frame 04A2 49 B
494 B 140ms
140ms XHR
application/json 18.66.122.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://matchadsrvr.yieldmo.com/track/rid?ttd_pid=yieldmo&fmt=json
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-57.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:37 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:52:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "674119d7f4205900ae84d7ee55ced021"
vary: Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
x-cache: Error from cloudfront
access-control-allow-credentials: true
content-length: 49
x-amz-cf-id: xeeBp8GontOjHoIB6usK8FiSUcG8ekLJ6yHLl-oYUFvzvWt42PuwQQ==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 513ms
154ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:36 GMT
x-amzn-RequestId: ff151d74-f714-d529-a2c5-f9ec46be4928

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 04A2 133 B
569 B 834ms
384ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: adcbf258772e7b0e2a59dfaa11346c847761761826ab6c5198e7155338d3bec2

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=ff87d88f65dfa90c8907e4617c7e888934bac5e517406dfe04e71c20782251a1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 52a711e26fd7256255f6b25cebe5e06796e3a8fe58939a922803bd0994228b1c
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034736Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: f834ddb7-1309-ba66-a5e4-392e035f6599
Content-Length: 133
x-amz-id-2: yzqr2MNm7/loCbR5TlUPjeG3tDJrNdC4p/qp8cOsjaYPPVPqbhwQquI46kVmjyddzyA0A+9Se0jTPRZO7okz/q4iw9SY/n3Q
Content-Type: application/x-amz-json-1.1

GET
H2 204 ymcas
ads.yieldmo.com/ Frame 913E 0
0 64ms
63ms Document
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
date: Fri, 17 Nov 2023 03:47:36 GMT
pragma: no-cache

GET
H2 200 52.handlebars.js Show response
static.yieldmo.com/sdk/template/js/desktop/ Frame 04A2 208 KB
61 KB 358ms
47ms XHR
application/javascript 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yieldmo.com/sdk/template/js/desktop/52.handlebars.js
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4QKlxuNd7CwyoFiBmpJmVmUnKru_Hd6O
content-encoding: br
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
date: Thu, 16 Nov 2023 12:37:08 GMT
x-amz-cf-pop: FRA60-P5
age: 54629
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 20:34:36 GMT
server: AmazonS3
etag: W/"0b1a9eebbd61d453fc15e547dfffd2e4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: private, max-age=1800
x-response-headers-policy: static-yieldmo-com_js_text
x-amz-cf-id: quG8VOK1uK2u4LRjluZQCxbnkCr2XNvgAqy3W2tnA3oTyWi3ozLe6g==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 581ms
151ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: ec617b4e-a69f-ef71-b1b1-9fd7b6c9308e

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 04A2 133 B
569 B 591ms
166ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: 7c51042da33272326e3a8fd2a8023f388a945a075a793cc290f8d98bb87e224d

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=61faf49d8eeb81a06820812360e79626723779d111ff4e1274e072c17102ebfb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 5249162233c907b917b88a3324ee7fe8f8f778407ee8d2a4a97308ce7c63963e
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034736Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: efd389dc-9dc1-b38d-b203-6d4519ff5790
Content-Length: 133
x-amz-id-2: N+nE8TR0SjGDw9Yb0x3xPoEnyto9HyBvYwv8VJyXVyUxr2oHC+QIDWQFl4VmHMhQY1tqlZIx6Vo62bi0D9dbeZt//URnvjTo
Content-Type: application/x-amz-json-1.1

GET
H2

200

sync
ads.yieldmo.com/v000/ Frame 7B42
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=561118&ev=1&rurl=https%3a%2f%2fads.yieldmo.com/v000/sync?userid=%%VGUID%%&pn_id=pp&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=
https://ads.yieldmo.com/v000/sync?userid=TjyFp9y1uOZ3&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0

43 B
597 B

60ms
50ms

Image
image/gif

54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/sync?userid=TjyFp9y1uOZ3&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
Requested by: Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol: H2
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: de-CH
location: https://ads.yieldmo.com/v000/sync?userid=TjyFp9y1uOZ3&ev=1&pn_id=pp&gpp_sid=&gpp=&us_privacy=&pid=561118&gdpr_consent=&gdpr=0
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-6b57df6cd5-qk6sm
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7B42 70 B
149 B 53ms
52ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3FMyO77dd47SycRjWOZc
Requested by: Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:36 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 7B42 170 B
188 B 50ms
50ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=M0ZNeU83N2RkNDdTeWNSaldPWmM=

Requested by

Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 7B42
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3FMyO77dd47SycRjWOZc
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3FMyO77dd47SycRjWOZc

95 B
438 B

68ms
55ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3FMyO77dd47SycRjWOZc

Requested by

Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:36 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Fri, 17 Nov 2023 03:47:36 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=3FMyO77dd47SycRjWOZc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET ImgSync
image8.pubmatic.com/AdServer/ Frame 7B42 0
0

GET
H2

200

sync
ads.yieldmo.com/v000/ Frame 7B42
Redirect Chain

https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
https://ads.yieldmo.com/v000/sync?userid=3819957177500089848&pn_id=an

43 B
601 B

68ms
58ms

Image
image/gif

54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/sync?userid=3819957177500089848&pn_id=an
Requested by: Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol: H2
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
an-x-request-uuid: 34729335-01ab-40ae-b45d-c03bb53fb8db
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ads.yieldmo.com/v000/sync?userid=3819957177500089848&pn_id=an
x-proxy-origin: 31.165.215.56; 31.165.215.56; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 7B42 0
0

GET

sync
ups.analytics.yahoo.com/ups/58824/ Frame 7B42
Redirect Chain

https://ups.analytics.yahoo.com/ups/58529/sync?_origin=1&uid=3FMyO77dd47SycRjWOZc&redir=true
https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58259&ovsid=3FMyO77dd47SycRjWOZc&redir=true

0
0

GET

cs
ad.turn.com/r/ Frame 7B42
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
https://ad.turn.com/r/cs?pid=45&rndcb=2710938951

0
0

GET
H2

200

sync
ads.yieldmo.com/v000/ Frame 7B42
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEKqnBlHvr_iDjtR6M0qa6vM&google_cver=1

43 B
608 B

66ms
55ms

Image
image/gif

54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEKqnBlHvr_iDjtR6M0qa6vM&google_cver=1
Requested by: Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol: H2
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEKqnBlHvr_iDjtR6M0qa6vM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 299
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 7B42 43 B
855 B 81ms
75ms Image
image/gif 54.239.38.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=81a53010-8b0a-49aa-889a-6006d15167c2&id=3FMyO77dd47SycRjWOZc

Requested by

Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 17 Nov 2023 03:47:36 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GBJQZ0QKRRT4XB72KDNM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sync
ads.yieldmo.com/v000/ Frame 7B42
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=55&p=104&cp=yieldmo&cu=1&url=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dcriteo%26id%3D%40%40CRITEO_USERID%40%40
https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=d8818009-ef52-488a-809a-2bd806bad6fa

43 B
615 B

66ms
57ms

Image
image/gif

54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=d8818009-ef52-488a-809a-2bd806bad6fa
Requested by: Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=
Protocol: H2
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:35 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://ads.yieldmo.com/v000/sync?pn_id=criteo&id=d8818009-ef52-488a-809a-2bd806bad6fa
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 959691
content-length: 0
expires: Fri, 17 Nov 2023 00:00:00 GMT

GET cookiesync
bttrack.com/pixel/ Frame 7B42 0
0

GET

sync
x.bidswitch.net/ Frame 7B42
Redirect Chain

https://x.bidswitch.net/sync?ssp=yieldmo
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=yieldmo&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=yieldmo&gdpr=0&user_id=VD8upgc4LqhPPir2Bms2qFdsfvZPPCulUjjA0q6n

0
0

GET

sync
sync-openx.ads.yieldmo.com/ Frame 7B42
Redirect Chain

https://u.openx.net/w/1.0/cm?id=d4c5257e-828d-4b73-90b8-97929e02d6c9&r=https%3A%2F%2Fsync-openx.ads.yieldmo.com%2Fsync%3Fpn_id%3Dopenx%26id%3D
https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=ed16aa8c-bba8-05c1-2870-fd483735fd7d

0
0

GET sync
sync.srv.stackadapt.com/ Frame 7B42 0
0

GET CookieSyncYieldMo
rtb.adentifi.com/ Frame 7B42 0
0

GET

current
yieldmo-match.dotomi.com/match/bounce/ Frame 7B42
Redirect Chain

https://yieldmo-match.dotomi.com/match/bounce/current?networkId=42851&version=1
https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=716c97bbadd01848&is_secure=true&networkId=42851&version=1

0
0

GET /
b1sync.zemanta.com/usersync/yieldmo/ Frame 7B42 0
0

GET sync
rtb.mfadsrvr.com/ Frame 7B42 0
0

GET /
csync.loopme.me/ Frame 7B42 0
0

GET mo
match.prod.bidr.io/cookie-sync/ Frame 7B42 0
0

GET cksync.php
contextual.media.net/ Frame 7B42 0
0

GET sync
ssbsync.smartadserver.com/api/ Frame 7B42 0
0

GET psync
xsync.iqzone.com/ Frame 7B42 0
0

GET

sync
sync-adform.ads.yieldmo.com/ Frame 7B42
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1283
https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=2391635941405129718

0
0

GET 397286.gif
idsync.rlcdn.com/ Frame 7B42 0
0

GET 26980
stags.bluekai.com/site/ Frame 7B42 0
0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 7B42 170 B
188 B 87ms
84ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_sc&google_hm=M0ZNeU83N2RkNDdTeWNSaldPWmM=

Requested by

Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/ymcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe&limit=*&lf=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET g.pixel
aa.agkn.com/adscores/ Frame 7B42 0
0

GET yieldmo
cs.admanmedia.com/sync/ Frame 7B42 0
0

GET
DATA 200
OK truncated
/ Frame E304 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f87cfb58e3b02c599629224b2ab0a6c6810f4b3f6ba08b764049fc62c7435282

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame EAFB 236 KB
63 KB 46ms
46ms Script
text/javascript 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8691580890862885191/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8691580890862885191/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 03:47:36 GMT

GET
H2 200 vF300x250_%20MiBa_Wohnen_Confidence_rectangle_de.js Show response
s0.2mdn.net/sadbundle/8691580890862885191/ Frame EAFB 31 KB
20 KB 36ms
36ms Script
application/x-javascript 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8691580890862885191/vF300x250_%20MiBa_Wohnen_Confidence_rectangle_de.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8691580890862885191/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

b6460cdb328131cf906195422088463ae79b760294f4f4462da6630564b8da65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8691580890862885191/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 08:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 588741
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20233
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 07:44:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Nov 2024 08:15:15 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/6509822421867355181/ Frame E828 4 KB
2 KB 33ms
30ms Document
text/html 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6509822421867355181/index.html?ev=01_250

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

d9d26064b61e6856cbad5a280adea2744330764025571c11a638cbdbd216a571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 15760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1637
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 23:24:56 GMT
expires: Fri, 15 Nov 2024 23:24:56 GMT
last-modified: Wed, 11 Oct 2023 07:44:52 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BAA2 0
0 83ms
81ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuXUGva7_InKJ7MpOf0p-GVygRSUt0udPE2ahmiUeDguA70rRINU79spv0omUL9NzVyPZMNfBQBFyWpKhkv6eDHB30d6KWpTtZP8rL3-eKmjd7Zp5DQ_3pKAFlWWxY5Gtl7I4FZe-gG4s4ls9pNfANkfOFhmaiD9FFxDyhMJMRR_QJHoscCczU1nJOuhixkDcPcptmsTa9uC5QE9bfxv3sckDifxXi-OWyBzn47YSMeoXNU4WWRiW90oLKQ-1Jz7ShEDMeP46tUX_ytMuL8t8o8YtZwnu-zQMBi_EdfX_KQw7NjvKoJcmpjwvDnTsbypDfI0X2ClQmmpYJeJC5psx3e4Nm9q3muj2_KfSEbflM9his1hsjeC_k-G_2jvJnsZ43-QGZcUUsFT7ixZ7AEDl4iOq0AlKh9gPXKVagbX1Gk-gSpzyX9tzpbZGlyGjifx2yzQXEHQ4X6kcl2h-3TZIYuMG-Gi8x8EbUbCnepVze58yQnTa60BokqhsAEstZ1LS7capA_pxtL5rZr0x4IEGTSMIkNBf2V7_JTyj0pJ8Kxfvdjf5O1NYSTtboNgmnr6gJni93LBSbBI7_HO20hniEkI0Qe_3SpliRzlcHL-zhKhVirbSg4cH598Ox2vuxpljX4y23nq2pRRcQ2wgElOftT1urebIkRMI3qqO3NVvWEtEmLcSEqQRu42lqDEMTkE4TPvewOOh4CQ4oTFxyMk2mFjgKTWmdUtY0pmZmsCEz3vMsYN814ikrGgZd4zlK7BCLZ0KDkCqFZ5iHac9zjSEL9RiNzMy7-72B1LyXRBKCylpcXzZalmR6WMUARU1NDwZzgNtMrZ-KMDlZ3a0MF6kwCQ9aUwhrbp8iRMMneRFN_5J-VlioxL77g4pP5pd2mM03c0YHJBKf5SILenWUGoX-dxo_-vwoiWv85oNTMK5kTL3z328s2lANxshTrHIbDQhS5UrzuOz4KadgtznNEUYSP7HBL7ECQtOxl_IXfULhQhneiBredBgtnPdI2NwJq3ijqG44YkcQ5eQDjrHArFlKoJKoAyyIT9NMlqQvMTca2XxHTfGrC_ckG4giOmutYFg6ncGu7jEiuKylM9FYDd9cc3nxPFvePmjzqvfc-Z3tE3NPVjiZmGUcop4kSB3Datp2qtjdkVlwI8LolBH4s_LFWfREX8BxCYrUGtT6M7iXJRltcmpdwC-tzyJSJfAEJtce8X9632EWXSday4gi0G007PZ9NQ238tbcfbPu_Z0EyhPLN3ajAFKKKEBsbjhSdKhj5XV9d5j6acs6DJvvPPGBCpVAjztQ_ikghvQLwq8xCMXIPpVC9qcHpZMdCcqwPgkM_VLyyQiBlgOF8mSlqYhasXd-v4Aw&sai=AMfl-YTlzJzaJH2yyV33Ar71TyncfpGmdsc8_iL7n8QpDS2J7sbGffqkjVp7o-C5An7oH5Jb0XcrjUFzxv8_R37BYa8_Dir0RJN4MCCqF37MQMyisNb7wsdw8InIBT9Mv8tz7b1CR6xriaE95LxNYNV1RjIRNLc87Rx_gzqCg2q3czX242svJDvBB6xZa5eEQwJoE1ktQ0BtQ4fAkzgg4qosEyE4WHpoJJPvNs-onFHngFUymVDBKSOm3cgFq_daZqRliCBrOo8H2iv5WcOG31Jbi_K2QuOD7z0b7QpKqtAXm7ijBNZKH0VzMv6GQEIqPDfRWvuMGUay0quQMjaD9lLoUniS_O-NxNqlBs5LaVLpjIhTN83MBgpM0FwmuSgTZc9D_VIzBy0YPIKwKOG9l61hUBxT&sig=Cg0ArKJSzGxZPiHmcSILEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=898&cbvp=1&cstd=895&cisv=r20231109.32924&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 17 Nov 2023 03:47:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

src=8050383;dc_pre=CM-hnPqPyoIDFQxnGQodk8YHDA;type=advie0;cat=advie0;u42=377464441;u43=569125530;u44=201451651;u45=30748521;u46=4047736;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=...
adservice.google.com/ddm/fls/z/ Frame BAA2
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8050383;type=advie0;cat=advie0;u42=377464441;u43=569125530;u44=201451651;u45=30748521;u46=4047736;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua...
https://ad.doubleclick.net/ddm/activity/src=8050383;dc_pre=CM-hnPqPyoIDFQxnGQodk8YHDA;type=advie0;cat=advie0;u42=377464441;u43=569125530;u44=201451651;u45=30748521;u46=4047736;dc_lat=;dc_rdid=;tag_...
https://adservice.google.com/ddm/fls/z/src=8050383;dc_pre=CM-hnPqPyoIDFQxnGQodk8YHDA;type=advie0;cat=advie0;u42=377464441;u43=569125530;u44=201451651;u45=30748521;u46=4047736;dc_lat=;dc_rdid=;tag_f...

42 B
108 B

75ms
70ms

Image
image/gif

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8050383;dc_pre=CM-hnPqPyoIDFQxnGQodk8YHDA;type=advie0;cat=advie0;u42=377464441;u43=569125530;u44=201451651;u45=30748521;u46=4047736;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=8050383;dc_pre=CM-hnPqPyoIDFQxnGQodk8YHDA;type=advie0;cat=advie0;u42=377464441;u43=569125530;u44=201451651;u45=30748521;u46=4047736;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA4F
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEAPPH1DGnFlX5LPMX0IFI50&google_cver=1&google_push=AXcoOmRRHN0Dk_Kw2_1XBR3dXelezCncLOVNU4iH43b-5N2TioJy2_yU6-px5St_Vfqkfb3kEd-TobEKW0t-iPusSF8moUN3Xrf9
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=09C14A6836C34EC980F73ECBFA698BA8&google_push=AXcoOmRRHN0Dk_Kw2_1XBR3dXelezCncLOVNU4iH43b-5N2TioJy2_yU6-px5St_Vfqkfb3kEd-TobEKW0t-iPu...

170 B
188 B

70ms
69ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=09C14A6836C34EC980F73ECBFA698BA8&google_push=AXcoOmRRHN0Dk_Kw2_1XBR3dXelezCncLOVNU4iH43b-5N2TioJy2_yU6-px5St_Vfqkfb3kEd-TobEKW0t-iPusSF8moUN3Xrf9

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 17 Nov 2023 03:47:36 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=09C14A6836C34EC980F73ECBFA698BA8&google_push=AXcoOmRRHN0Dk_Kw2_1XBR3dXelezCncLOVNU4iH43b-5N2TioJy2_yU6-px5St_Vfqkfb3kEd-TobEKW0t-iPusSF8moUN3Xrf9
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 16 Nov 2023 03:47:36 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA4F
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPmynMnbkBI8FZFapd3EOdw&google_cver=1&google_push=AXcoOmT0pxucgQsBXnG4yDeD3xHHJ55zFqAdhHGWwT_gJ0E50lTSKtyg4WWEq5FLoVDW1bv6kC3WjI2V8ZyZf4...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjI3MjcxMzQxNTU4Nzk4OA%3D%3D&google_push=AXcoOmT0pxucgQsBXnG4yDeD3xHHJ55zFqAdhHGWwT_gJ0E50lTSKtyg4WWEq5FLoVDW1bv6kC3WjI2V8ZyZf4lWHy...

170 B
188 B

74ms
73ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjI3MjcxMzQxNTU4Nzk4OA%3D%3D&google_push=AXcoOmT0pxucgQsBXnG4yDeD3xHHJ55zFqAdhHGWwT_gJ0E50lTSKtyg4WWEq5FLoVDW1bv6kC3WjI2V8ZyZf4lWHy1wQcjfh9-L6A

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjI3MjcxMzQxNTU4Nzk4OA%3D%3D&google_push=AXcoOmT0pxucgQsBXnG4yDeD3xHHJ55zFqAdhHGWwT_gJ0E50lTSKtyg4WWEq5FLoVDW1bv6kC3WjI2V8ZyZf4lWHy1wQcjfh9-L6A
Date: Fri, 17 Nov 2023 03:47:36 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA4F
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lucv95ilSfWKo8mq88iAzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

48ms
45ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lucv95ilSfWKo8mq88iAzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTghQDQh46mGVT_BvTMOnHbcOpZ2eWZcsnV-xSznL8ggvfc0cZkj7AeB3cxKEr3CZvlduS_pI2JN82ViM5FLwdK9E51IH-6sw

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lucv95ilSfWKo8mq88iAzg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTghQDQh46mGVT_BvTMOnHbcOpZ2eWZcsnV-xSznL8ggvfc0cZkj7AeB3cxKEr3CZvlduS_pI2JN82ViM5FLwdK9E51IH-6sw
date: Fri, 17 Nov 2023 03:47:36 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA4F
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESENyay5iq7I6yRpxgmLlSweg&google_cver=1&google_push=AXcoOmRNpyEWzHZ9zilsM7qzT_-Q6IXDntukFvdjRNfAPC7N5ZImQrpaCXpbU3W909xFL9LWV1CuTxnfWethTSu...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=IkzCtiDAWzpXS6-M6AaDBR-l1zg&google_push=AXcoOmRNpyEWzHZ9zilsM7qzT_-Q6IXDntukFvdjRNfAPC7N5ZImQrpaCXpbU3W909xFL9LWV1CuTxnfWethTS...

170 B
188 B

108ms
108ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=IkzCtiDAWzpXS6-M6AaDBR-l1zg&google_push=AXcoOmRNpyEWzHZ9zilsM7qzT_-Q6IXDntukFvdjRNfAPC7N5ZImQrpaCXpbU3W909xFL9LWV1CuTxnfWethTSu0jTMtrxlG-JhJLQ

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=IkzCtiDAWzpXS6-M6AaDBR-l1zg&google_push=AXcoOmRNpyEWzHZ9zilsM7qzT_-Q6IXDntukFvdjRNfAPC7N5ZImQrpaCXpbU3W909xFL9LWV1CuTxnfWethTSu0jTMtrxlG-JhJLQ
Date: Fri, 17 Nov 2023 03:47:37 GMT
Connection: keep-alive
Content-Length: 244
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA4F
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMzrRbVVCw-AKrI1HMbQ5Sg&google_cver=1&google_push=AXcoOmQh6WRvGWhcgRjvd91-s2C8W6qNMnEhDg0rbqqbg9HuopprW8qhWqIiOTBYVy_VSRmfGvyngMOqP7oEisX57tUfB4re_5...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAxNzE0MDIxNDAwNjAxMTkzODc3Mg%3D%3D&google_push=AXcoOmQh6WRvGWhcgRjvd91-s2C8W6qNMnEhDg0rbqqbg9HuopprW8qh...

170 B
188 B

69ms
68ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAxNzE0MDIxNDAwNjAxMTkzODc3Mg%3D%3D&google_push=AXcoOmQh6WRvGWhcgRjvd91-s2C8W6qNMnEhDg0rbqqbg9HuopprW8qhWqIiOTBYVy_VSRmfGvyngMOqP7oEisX57tUfB4re_51dfA

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAxNzE0MDIxNDAwNjAxMTkzODc3Mg%3D%3D&google_push=AXcoOmQh6WRvGWhcgRjvd91-s2C8W6qNMnEhDg0rbqqbg9HuopprW8qhWqIiOTBYVy_VSRmfGvyngMOqP7oEisX57tUfB4re_51dfA
date: Fri, 17 Nov 2023 03:47:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame AA4F 0
35 B 38ms
36ms Image
text/plain 52.28.38.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEFaKpovaJi_ZNjgKxFUamlo&google_cver=1&google_push=AXcoOmRYJTI04Jx0mSy2R9WqalncW5Os_O-QN1DabUeojPBJJ_hT80Kv10pKooxzWajUFcGjoru2O_bo9lHn-1YDmRBZjXKVAAkLquY
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.38.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-38-5.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:36 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AA4F
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEDBsM703hnw_wQIOuRImbKM&google_cver=1&google_push=AXcoOmSryvV7co65d3vtFDMlsi4PZrmvLSu_DULvQzekxV7CW6718o-p4PujjyHMDkC81xXhgHv2zFPeOq3fJsTkqBKyjUxzL...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSryvV7co65d3vtFDMlsi4PZrmvLSu_DULvQzekxV7CW6718o-p4PujjyHMDkC81xXhgHv2zFPeOq3fJsTkqBKyjUxzLBDYrc0&google_hm=f34e9699882...

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSryvV7co65d3vtFDMlsi4PZrmvLSu_DULvQzekxV7CW6718o-p4PujjyHMDkC81xXhgHv2zFPeOq3fJsTkqBKyjUxzLBDYrc0&google_hm=f34e9699882611da1eb9g100lp22xggm

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSryvV7co65d3vtFDMlsi4PZrmvLSu_DULvQzekxV7CW6718o-p4PujjyHMDkC81xXhgHv2zFPeOq3fJsTkqBKyjUxzLBDYrc0&google_hm=f34e9699882611da1eb9g100lp22xggm
date: Fri, 17 Nov 2023 03:47:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
content-type: text/html; charset=utf-8

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame AA4F 0
12 B 46ms
45ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JgpEOb3nFFb5fieVUUgLvlh74FmgYqJpGnsANeZlOagobBTWOTxKOQtkZ4B6DBB5A29SqIeh8

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:36 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame FA4E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 099dffd34938112da0b5c979e314a475e43f76abebe12cf1afb1965c454813a9

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E304 0
0 91ms
90ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_LypVOJWZf-fDam8juwP1oOCoAWH9JKQXOjrpun1BMCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi0zOTQ0OTU0ODYyMzE2MjgzyAEJ4AIAqAMByAMCqgTlAU_Q6qFn5GWqKTlNIEkMMy5hZXgkE64sWwOqfbMDCkL2dMwuajkGueFqLsQF1pXfOQGt_hI4EQ5aoQIpbp7VYW5zoxr_rz2K6avCKusyOH5l52roSUJyw8MNQ0OoFYVH45OVI6C_8ae4XWcWa6Eyij91XdVD2SxN38hkHPgZ5rXeW3u1tTWvvxUjxm-iUgEPcc9NSC-f0eCmmWbxzEqoa3DDfe0X3mLVFfHapFkE9vbN45apN8ZkQpgbI4EdBKCUhosIqAUdW3pOxegQ3PQTbyNOxEs6THZv1cLaJ0XsFP-D6kWPRePgBAGABuuIsM_oxNmyKKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBsIgGEQATICigI6AoBASL39wTpYt92E-I_KggOACgP6CwIIAYAMAeINEwi4kYX4j8qCAxUpnoMHHdaBAFTQFQGAFwGyFxwKGhIUcHViLTM5NDQ5NTQ4NjIzMTYyODMYmNsQ&sigh=G5J3R_ztQPs&uach_m=[UACH]&cid=CAQSOwDICaaNa5CYtCLYqKDADD5941R-rZQve7pS7Y9ISwGIbEB5WiEZlKtHR1KhOsuhq4mwaBRhWLVbRtSGGAE&tpd=AGWhJmsgbQ1W6qqs-Iv_hAlZCju0wqNuYhf3MqHGdgh6PG9bYTRO--kgfTdpWr5JGkuQmGdkhfEUJ-4mpaYqfy8HFTWuUjYKY5B8UASzEjBZr2Rh9r8CuuHjLsWkVE-NLUdAoHKa3Ch8XGpidMdiuSz-trB86leRIjRpcPo29C8ZOezRLkEgAp7wW3MDjUO4ffilCntbnQ42rchjIqzdQLSjYXK1EeudatKH0ezehg2YWDCGmGpcd0mxGBcFiho2YvztYHGzJpGU5OWJiZRtCLUfn7ATrOuwIyWe7zfDo6zRjgvtawK0r7h8aV88213FL69WXPlcRYGQtEyynqPTmH2WC1wYH3mwm5UnqKWSCYNak0G3KIcU7fCZyvc6xNvV9s2PWC1ItUTuP82LO-m4M5MSuymMdr7bKOkGDsa5mXeRb8DFEIQ873EdjPBvpiq0uewgVQUWfTQPRRpD_eUm65W-bSQpXvMqkWxXsh7wKANbYEc92waLKwcDDRtJVqgWMIq8yeGwqYgff4aU6dzHNDMXFvBhKvac1DsNZuLnhfmqGqyOpy6DiyG8_axGjCK0gcqd6AZJtuJ8dK7keI6K_p3TDaKmRwLi2j6IznCALcKuTIY0w7sE_gOWh43XBESZ3TTPp0OJJ4sOYm8IwfqHLJyyyuCptNGD7eBM7K2VN3jhMVxZU9O5EKrc-uO22nSu1nICwfE1dZiZ_WV37hGTq979S6A_LdItwgaHrIMZPR2s6vAblG-0vc498ywEqPLNT8kzOXaryg7rA27xH3v6dYvWNSizIq6bd0fJlBmCBYXUX6nwGgnLRUYCovVx&cbvp=2&vis=1
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 04A2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 187ac4bafe093e9774619686d2c0260f81e26c61c751a7c865d363d0c405c24c

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 46D0 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bdc37a7cecdffe1b12286527281311425d4782e52153360f13ba5fbb0c42802

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 977F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83d6314160b784e095f1a8bee4c96df0ff659640f6138fdb3430ef57a6fccdb9

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1C0D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9a24103d950c7fb7c117d03b65ba4714372350a038ce1f78f0b9596a3db524c

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C0E9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9ad0c8f4ebe68802102c94dc8ebd554373b5e4c12614ddc8ac59f9442e7c50e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C9CC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d2fa1a5a050a475141adc0f1b73284ba9646f117852193924c884c66ea241cb

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7D09 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 675bce86c0e8698a05891b0f39d6827e159d38f169119da797c558ac08e5610f

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B7F3 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e57befab0fb40b9bbb3c5af7c65116865df3980e2dbf2b6412a342f6f76ce584

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame E828 236 KB
63 KB 39ms
38ms Script
text/javascript 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6509822421867355181/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6509822421867355181/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 17 Nov 2023 03:47:37 GMT

GET
H2 200 vF300x600_%20MiBa_Wohnen_Confidence_halfpage_de.js Show response
s0.2mdn.net/sadbundle/6509822421867355181/ Frame E828 31 KB
20 KB 36ms
35ms Script
application/x-javascript 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6509822421867355181/vF300x600_%20MiBa_Wohnen_Confidence_halfpage_de.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6509822421867355181/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

4e70288b542130dac41434b0cea57ea663caed3ac93c81edd8c0b353a4c7245e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6509822421867355181/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15761
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20135
x-xss-protection: 0
last-modified: Wed, 11 Oct 2023 07:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 23:24:56 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 556ms
165ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: e11944f3-82b6-f697-bcc9-a06ad048ae94

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame FA4E 133 B
569 B 215ms
213ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: 8457a9383200d1a9283d0f1310b7f2a6cd27193ec694fb580e30ad8ebb6797c2

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=b4906be72f0775f351a699a5c81e89f96b0bbf23c92da8f389b5699e3ed20e1e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: bbc599adc9d65188d4273b1b2a639f8841d0f4271247db6151febc0a5f5ad89d
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034737Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: ee721c0d-4db8-ea89-b3a2-f8941f46b28a
Content-Length: 133
x-amz-id-2: FtghLVXoDlfwi1CRImxHFhuMaGFibclj2KAxvpfsr6SxyW6CSedaEe6FQhabsy3lrzF4XlyxQjB6rGZLcZbRY/qQ/bgoZcdD
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame FA4E 0
470 B 52ms
52ms XHR
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=184414632338700827&plid=2521236318193655889&pvid=3408583802088529216&fmtid=52&e=16&rep_meta=U7BmjUvuoBT7vi1HaXySLS1spe0ji6vZ6heD2tMqOmBNahRjd-LyGy9qhQmpL-q2joSIIkGjzQfSkVVQ-hSCoT_NqZ_Bkb-LGBAfxTW9XuKNiZo4VClnC-HkjfoyD01E6aub930VoJXFiwsq5jl-i6yHv6CYJxlQmJX4bCuwXvN_WkRU7se-y9uJXG6H6tQedrX_bfLbIM0ZXvHN8XOkHP9HNe0DgxkyLQ85Nd4aRc4HCLssW8At6eNbAHy1PhoYJFNVXMF1rf6y7-hOCrsCw6Zoi_hFN6AcxGwMr8oaSwyZ7SQFqI2NqMutcm9ASrB7Coez-3KJ3cx7sV3jrbGdyUCMuOX6u7_-PxBBD9GTt4I45V4DJPmHLytRn3wIiv0ehyGDw3VtcOhh3sJ7Gm7IgRarIHdP2tRjSndWNL60icw&offsetX=0&offsetY=0&pvt=1700192853421&stime=1700192857192&etime=1700192857193&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:37 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1471 21 KB
8 KB 42ms
42ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 03:47:37 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame 1471 42 B
174 B 57ms
56ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C1uOz_JiX8pHfNmM6ETQsVFee04uYp2s4VuG0pGJMvwDDZ2a1G75he9TEARVOlSCj7M1tStnnq_YHo_GU_SC0g0Et1nA&dbm_d=AKAmf-AOXmd7z871nrjp3kgI6I_p8zEJgTdU-5jOoyUlVK8KZ1RPzVZYcNHIbHuKFREShHQLzlIgGxEpX9GJAvaVp-7Vf8xbqoZjH_Iohz86OkoUJSkSjBZHb-0-Zi6QFgwhLtbMTl4F1lDZbuMFh4pmvKEtpuNYufKxXtQMPwUpEgLfm2KiAXKYHHVXcZUF93_iz7nWKVDueyRSxZyL9jnhLaxb01hXC-UkXvocQB2kuISwshaj0aXYHukp1sEaJ-ylERaRUHTS1EW9dKYINhZWlhB8ZutnWV1syqX2ne1bnZiQ0bOx5dpKqMK8YsWwXfZ9X7k8Q0CgY-Nk5-_EMEQKA96SUtG-zCUzOqM8uB8-y5431R1jDvzaZ7lOy04-Zw4DZ0efWZcK9ndJxaTsUnwSCnn9H3cdHv0XJuAK-tnaoJSVOuhQxm_lK21Xj_pMrKEcLz0gtExvlFfxlMVglg2QAmzTKabxdaX7C4BNVHzf0Pv5GQl871rupEJnFTBcpYxYneE6GyWogn7w8xB3sswmhBFMA50yCkDlU7FETkMb608EFKXM_ZXajIieBVcZNYewkWTrIwoa-ey6OScleTk8OeOpEyXnoy8dJrLg97HeE_PvaseUqiq8lb3IFAyYC5E3f85ik3uUIcRJO6LQUSJ2Z6HYi-6-ErVRRd1lW6npBc4PY_1PwNo5OgvGHbiDSrhEyvfF6B8QODzJNs1NkdnbPLmiHMJmk78WBShPOGb3tgJMiivgT1xafieYFxx2dRG0_KXpr85fey2PynlE-6roWnd4v8phhc8ESqil7Uv9yiQnEFFGhSbLkm8SG_XPsdwwXihoYYOqysFL7Lfn1i-fuSwXvEJ-uE7p_69FoEzjHN4nLhHspewii6I_z_GCUFz_Z3n2q5p9uSyEMjDvi6SbMbypxYuhU91ZCaBNHtxXr7cuYE44WHenXHadE1SdSLReRXQhmUjiFLzsqBg3uvCNN1BrZ5RRhwm6BubmZeVeHwJCzyrYfHnu0rwyt1xYdNofXV39f-b3dL4sbeNu1YGay61lMOSh5LCSzQb9s3Lh-jRLbwxPULWAYuT7Eg9jUiPwKuuFPX44n56e0i2mFM6ydvX_nt5IYKFHiTb94v4h0SEXZbr38nA-7VFAHRB8mQTTMau1TyX5WG_HLxaZtqSdh0p7AYfghaUIvOk1l1ISo6rtww7iMvL3eXVe0wnau6huSUz1zuizynW6bMfgKtgx0w6OF7QvGDfFXpsP2F-AgUJAvO8OF7h4zP1EZLkm1yt8I2KvX5mXvB2d35gtgJAL4t2g56AaZHt-7sDU8n2jsYZZX65QSYplZkv5oUaJqZuV7A1GUf4oh1hbTBOm8Ifsy__wonlZdthZ3xMAYkt8dQaKNZ0Axw7q5saOzB9WGwm-g7LtKZ5tCdWItW4mjNGLfT8gi7w0NnXDeIAfqvTo-ZnUUFPgeTU3pwWU_NWniMili9ZUgFu7WEc4pOLqjakqkrgORdpSlnID8t5Aoe26x3GQlZVOfrP3B8oHLocfG6X7giyrZLnWd7-mMmpsHTMZ__QEMjK3XPNVT-yTCmyGIc6ZyeXs9InoKBhiSbjYkks-5nciD3_cbyzBxJQ7G3YKALURMNt1FE7YTy0O-zKML0Cpnoxsv-qKDgygALfMTr0gOM1U9tXCVAV0Kf5wYNEHxx10g3vPch2_20NNPSLw3udu5mBvMjodS6EkEdW90_nOuLHmM6i4GqwbIMiZL5bR0njcJiAlY9whPHH2cVrrdehAV2lZENX6GnS3caBAM_RGtRIUwTFqty35JX6q0UIvrcntJUx9SRTjnXRCLZsdIVMDg846EPO-GQV4gIua9_lCaBJb97MqC7-g-nYGTQaBS0GM3MtQR2X-vFrt4V_j-ek-t1p4b6PL_VyGzAFIs8UjzCNYxUq3CNw4tJILkGCVYjtSSG44D3vCj71WG7e9aIFnnrkB5LRUfoeNuPW-BRp7UnBBbJJmDkgim29-WydgN5uqhZdaOFVdt5DoJK7LUtQDC7tbcCFgSmpoW6RDWrSRnI-stgbgtR71_4xL9hyg4CHyNOkcGGbtETh4sKlEu_bmoaTWFuC7xkM3CHbtGvdn1YLslgdIWqXnM2dzE5DyfCU6mWMZWFbrD89REbUTzOi9BBFpo4CJRgrAbbRXPLxaCA8W3Qj4yfiFLOhLbOGKRrG2ZDgLOZqLFuXI4sXNmtYn-SDcHMUrGRSRgJFphXnYglDlKqlHjEBlzr5C9sMuaBHFj1ev9d0hZAmSWQoQnow2wVJ13Z4qZlrrMC2PtgpnXB-BoloPvQPuwoChAHtxQn-uzDLNKSjPe2lLEdvcClIwCAsHk4yf0o4Te3AjT9WgGRs8az2d12p3lE6n7F4cLfxLG3oSAZjv0uVNxYaejAK5skV76bxsZhieBF5CRxbCrtL98GG91-nFXtnUt2ZqyhsKA5H7OpucpQUMB6Px88FAfY7ufUatqY3OkK8R14pwH9nrb74Ijdhk9WGx0WYgD632XUgR11q0quAVx2J9A59IiLoYcRVHN3f06pMG0-hG1iCDNkPI1neZrwYHrWTN9f-U1afJNixNuAmfU4eTFilEph6tVtTLzukPeCso-2U98Mq93fbReh7LAbkg57IX8Iug8EGsioV4spf42vq_p0Vq0v-oLeJC_GaEGx2HJhYC8CWDEm3wAYwwPvHq3r396ZoZhe5Fyg&pr=67:0.495558&cid=CAQSMgDICaaNkLOQ_P3jfuRcE_VTn21mbSave2aU6E2wVK7R7F_U7Nrkst63rbNSEtGyXGzuGAE&dc_exteid=31363022445371151839366227475960003&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad-choices.svg
static.yieldmo.com/images/ Frame FA4E 699 B
1 KB 36ms
35ms Image
image/svg+xml 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Thu, 16 Nov 2023 12:35:59 GMT
via: 1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 54699
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: private, max-age=86400
x-response-headers-policy: static-yieldmo-com_svg
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: rHbE53IPd-B2KIq7dR1p7SwvFALw1NSgVO7PIMsrcZehBZPimVs4Qw==

GET
H2 200 1932825149083970539
s0.2mdn.net/simgad/ Frame FA4E 567 KB
568 KB 35ms
34ms Image
image/jpeg 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1932825149083970539

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

7c4d036744b5924d2befc18881c2bf44bc51d342447c4ec4879b322895396b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:50:10 GMT
x-content-type-options: nosniff
age: 298647
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 580804
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 12:08:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 16:50:10 GMT

GET
H2 200 15565192129263080682
s0.2mdn.net/simgad/ Frame FA4E 21 KB
21 KB 31ms
31ms Image
image/jpeg 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15565192129263080682

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

dc67c7175776c1b31da1781cc91a864609b0352b874b047dd88af5873487d8ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 09:13:06 GMT
x-content-type-options: nosniff
age: 326071
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21217
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 12:09:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 09:13:06 GMT

GET
H2

200

p2
sb.scorecardresearch.com/ Frame FA4E
Redirect Chain

https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=eac573ef62d837726f6e
https://sb.scorecardresearch.com/p2?c1=8&c2=18969557&ns_ap_it=b&rn=eac573ef62d837726f6e

43 B
300 B

93ms
92ms

Image
image/gif

18.245.60.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=8&c2=18969557&ns_ap_it=b&rn=eac573ef62d837726f6e
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-107.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:37 GMT
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: cDl4P8okRFS8arjcaiy3EYJzxoXqCBmEJRc50ATMKxCCuutl6A8GPg==

Redirect headers

date: Fri, 17 Nov 2023 03:47:37 GMT
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
location: /p2?c1=8&c2=18969557&ns_ap_it=b&rn=eac573ef62d837726f6e
content-length: 0
x-amz-cf-id: 3P7Nu7oFGKOULNLdkXZkKBDiynREftxe1BEvC5Q2Sx7gINhBIJESLQ==

GET
H2 200 ad-choices.svg
static.yieldmo.com/images/ Frame C0E9 699 B
1 KB 44ms
43ms Image
image/svg+xml 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Thu, 16 Nov 2023 12:35:59 GMT
via: 1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 54699
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: private, max-age=86400
x-response-headers-policy: static-yieldmo-com_svg
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: Wa5YoJFTYBYlh8g1pJJwx2I7T28GDDU56kUBaiecgzE1sPvIlW7B8Q==

GET
H2 200 1932825149083970539
s0.2mdn.net/simgad/ Frame C0E9 567 KB
568 KB 32ms
31ms Image
image/jpeg 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1932825149083970539

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

7c4d036744b5924d2befc18881c2bf44bc51d342447c4ec4879b322895396b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:50:10 GMT
x-content-type-options: nosniff
age: 298647
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 580804
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 12:08:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 16:50:10 GMT

GET
H2 200 15565192129263080682
s0.2mdn.net/simgad/ Frame C0E9 21 KB
21 KB 33ms
32ms Image
image/jpeg 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15565192129263080682

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

dc67c7175776c1b31da1781cc91a864609b0352b874b047dd88af5873487d8ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 09:13:06 GMT
x-content-type-options: nosniff
age: 326071
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21217
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 12:09:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 09:13:06 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 451ms
163ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: cfc78734-887b-359a-9217-63ad39d1a99b

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame C0E9 133 B
569 B 216ms
216ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: 31c46cd48f083d246d64851bb8f54ca3af16ba8d8ca770b6b41aa88fda530f57

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=aa1727fc0526ed76390f323ee1dfac896be5fe95ca4de3a23de6964f861af50e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 2b9d4714e049a693e04e54cc3eed37e30a3a0886e0e4c2db0470a31b6ba820ef
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034737Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: e7d3985f-168a-0893-ba03-7cc6b016653b
Content-Length: 133
x-amz-id-2: YcvNaIMhmeFgfebj+uwg+yA7rV57ffhLlA6QjIwMYNRay/7ZekaviX0Ap9lcnw51LJ3QC6IozDgQtr4RJyOws8IaVsLAL5Zv
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame C0E9 0
470 B 58ms
57ms XHR
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=1688635750682958426&plid=2521236318193655889&pvid=3408583802105306446&fmtid=52&e=16&rep_meta=U7BmjUvuoBT7vi1HaXySLS1spe0ji6vZ6heD2tMqOmBNahRjd-LyGy9qhQmpL-q2joSIIkGjzQfSkVVQ-hSCoT_NqZ_Bkb-LGBAfxTW9XuKNiZo4VClnC-HkjfoyD01E6aub930VoJXFiwsq5jl-i6yHv6CYJxlQmJX4bCuwXvN_WkRU7se-y9uJXG6H6tQews0Q-RvbbY1BxkUpibUxnv8e5af_DA9JZFzkyrAohxBZM4Ub0K4Mo5vmQeIga3-Nome9F8RlG4aeex5x4WdPPu6u9rzb926YjYi88705fXKApDz8kdO7UhA53lkrbOWi7-xFMbsJUlUZYm3jpoRN0MWaJgPVvUDH-KlrI00ESQRkbvUmXKTngeGlPZT0U6dAWwC5lwEh7_ye3sw0O2ptxRzYSwx6wDmKEygRBao-Krk&offsetX=0&offsetY=0&pvt=1700192853423&stime=1700192857352&etime=1700192857353&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:37 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CCFC 21 KB
8 KB 49ms
48ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 03:47:37 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame CCFC 42 B
108 B 104ms
104ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AtReCTbXrrh7D0CydtFRR5JK9L4soMyS91TkpOlgC_YCw843HsscI0RKu37k50444F237u4XoowS24-7fwOkS9Lfe8CQ&dbm_d=AKAmf-ABKe4pkzX0S16vjbo0L594hL9XwZA5bh8SsQRTdjjwkKnkzyPDVl3_Bb7OQlU6qm2pkMAJl5BTUgSYnXup-lfMbZ83pmLXgRBmwofdY8avNVN8J8Nc85kmVp-A5wEOnuDp2gZ9VxUyEeeJp6UcBmtse0F3mPc6iJUo2oy3CldJg40qlJkVCdZa65D7i-syTqOmx6LS9lAswshInwyzM1RIIbj-MgpRl6QoYgEpfoZTck0Usga1NJjHdnj65GQ6npujSPkirL4GZIFQKwoV9NXULhi3fwA_yPw2xmCT9LE-R7NPb3KX2wUDy9BqXjXazy6FTO4zhzyKbhUA1uoZx52qEHQYvJ6qV2PXpdO92MbPLEA9VTNBazNh8qFwjmtxYoiW8kAr6wZEuyENjZMo7HmmZNTWauuyWDuQKp-cJQzRTj_635Zuol95k9Qiww5scR5pBPgU66C-s1khelCoYvJ9MEyaLGI68p8iTVgHOAiMQAZery2TF8Vh6zoFKacZQI95hD-ZJBXRz4vLvx90XOYEyVdtqla9iAg_nDXABUGL81wuksg36Yd6NpdwAjIP9qFU1StDPzs26F4YUg2FCcx3_QX3Ay_AYnifwI-573tkWue0DGypEqrkl4WTpvF8VTo4d0rL36wFwm9C-Q4WbfLWVz7bTu5al6jeJ_097iHTs954xRKFMlO2s2MRcGXjLdIVVFngP-wXawrFLiscBMY4j2dxMjTlN5mwk-sGQsSMBmPumt3oBm3ZU0NXELDlbcXT57EHJyKI4vscCAa1IANmeVJcep-mCLJIBc2ZcBeJrYCjlwk1r2zZFggeVQviVeSCPMY9zDDXhhg3jTWK5HrfydUHkpJdDeG9icpiQbhuJHRUOA_Q8KEs_F4X8hrXwrKkxFwY6hYgbQ2Bjl21RE1_7EpmwBC7rzidW27gubGiJehpwjlJgegzJUUF2rTCiwer3nl7b_TZS8aBiecGx5xpnCnKPkGPOzCBlv5VpG7whTMHFi8MhmwUxwlGrl3oNsBJD2mgNzNPg3qtZlR8fSCjOJZpzMOXFy-9EoQBPu2DmpKqL6gHJLM4C-yGCtRwgiEU7pcbAF2m5S2ssTZ3oglh79Eq2fOafdmEBGb4xz2SE6I-Vdo2KwkzI1X0neDK7qYvWIdZhqUKNQCi0tBBOUZ7kIecQgdVdfZ0omQwM-kfMZV0Rvv457cQGfQ7i3jybpSBhhvvAsb2pi1ttbo6HX01OD1sDtBF28ethA87pZ0zW-VXjtkO6hbg5OR9WRyFPeQpBDfCbu4xAgdzI4HOvaDMDkBUPKxI9N_g-ZHSXZh9R2HaH9JustKTeyWgCat6__4Ilrx8jDuf5HAAVQoirtl-l8EdrYrVpTzg490WczQZbIG8xb-cIvA8dTsabGQ5cKPP1pCRP5Fn6nXuWYIGYz5hBVEF0j7_BKMdrNTthJgCb4tQBeXez-oAa6Pn0SOQBYZyBzc6S9XD9vSTLMkCl_gOyJO7cE0NOTahva0uYsuqOYygvYMGiNRoPNBEc0GhivMEKxg4gMX7eQH5j-p4ciWedTRy11n5jUca5E-zOrCDwIudtSTVxZiDoh5VHTh25HJov_W8hV2jxW_kkfCULBjagoyL2KXqhdjNBYTDTo0R-VmCvuSL1NXLVo2WyGKfR6Elv_dSyUjyBxmgaJ2lw1rZRuIk39ABn5H49cxwnHzKtc2iGgkpAL1fCXttQbBwR_m74ZWMd6UwgcLMQuAODq0NtBR7memEN2vhX998IzGPVfam0AVeFP4lW2wD184HPZFZBzd_5_qo19X6iqKm3iDyvh7amDRrOvnqaDLibQTQGYRiCRRFmNADhc5MziDzdVK2K5liYbFAfZ-ExduRwTn9bcog7IOxffrTxYBXwjc6ic9Ee5k3StlVl4XZCgTcUCW7I7sr01t-IrKheOhJD5yzHdnl6KLkNydXOQ8ZeVJiF1BFauSVv5p3MStXVSKUTWMVZLH_6gWbwgEKHrWHwYmUMZMMXlo1FFEKB9Cx1iPHN0vwYaMeb-MNGyORFbNI01o_FzQD05W2XY_2OjG-Dt_ajGyXHZBhn0ASyrLRDP1G-fAUTDza2vv8vxjns0lKyvm4a68Dbn1O3brY4xXrYNo6JqO7Xa1Tzj68ir4tOrZuOF_TcR9zcymAaC_TXCcv9EI6buatCkLU_LNE3LMUzHnc9t-qSO20Ez3cr1PjDAQuCO0QvwhAjMx_8c3hBHg2lRD3AMBTVnN3oeM--_LCtzCw8dkHy4SBCifS5mu0Yb02JnR8zBjPm5UIkZpyblQZFnRwrV3SDW_neoDwLu2ADEki3zOS3mfoEIM3tQIWX2Q686b6ZnDQpNJY5VwNOu8BXBBk0c-5IjlpZ98u7KBZzKOPrFc27s6xGFzlR0M9su9n_GqbB2fOaaL5g-GYOwDAAxyBAioPhJRic0QKp0HfjU23KYxf9wlVGBnBPHOReyd3aYoG8v-Id8Hd9Yy4nx3nripP0Ox-NmQd_orgwF_JfBpIzKIWjfOaskKZrx0gSqQJZGWxslE2WDrPAbqfolL4K5GfBB5qHxSugA0-w2KIPvW0pIMfMwqSRRcyS0miDHi8GhVHapmnACgosyRUY7V0PUt0lgIF3Aw6GadWp_MSsQuvtF6bpEhcLzO9Qc223hCn0PcHqTU&pr=67:0.495558&cid=CAQSMgDICaaNL5iJ-mnWgAPlztQKr7khZdM5FVEjErdGeQ7LrLY5_MxaMiLpwT5yJiXArEmaGAE&dc_exteid=31363022444443280817556681067382330&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame C0E9 43 B
394 B 101ms
101ms Image
image/gif 18.245.60.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=d55853b080f94ae0de39
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-107.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:37 GMT
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: 6erGC3PlVSQZuyAVMghAsslxScoVtzVZuSbCw57SY68AGlNYNKOlnQ==

GET
H2 200 ad-choices.svg
static.yieldmo.com/images/ Frame 977F 699 B
1 KB 74ms
74ms Image
image/svg+xml 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Thu, 16 Nov 2023 12:35:59 GMT
via: 1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 54699
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: private, max-age=86400
x-response-headers-policy: static-yieldmo-com_svg
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: 22E18yzC8a0ntxOBSApl1idAoXIxSZ38SX0VtqLBmJ_-kDCLnF5Wjw==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 285ms
163ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: fd1daef6-edc4-80d1-a0cd-4a6f4b58ed79

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 977F 133 B
569 B 161ms
161ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: 2f2e8d6c6412dc013e2194a7ca9d1739f10456c96b65ff87b160c8e3d91530bf

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=c8ad1834e98baab85591f8326b2a6a7ff96227fcefaa8f6d42d5af83bbb7b656
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: ebacbbaa3efc95d2132f11736c7e51ba006fee01278150c4124520db9ee4a76c
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034737Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: dd4f43dd-59ce-5000-809f-a744e864cc01
Content-Length: 133
x-amz-id-2: eKSggZgWscJ/UWdc++N0QxEBLxty87Ta7QURc7O9+/wAiHEuEsl7FMps+DAfGJTr0orCuiZ4XjqVkG7jOqK8500SWcXRYunp
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 977F 0
470 B 62ms
61ms XHR
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=3313924244940459937&plid=2521236318193655889&pvid=3408583802247911891&fmtid=52&e=16&rep_meta=67blbcalxOfIkrIcYn3ui5iXE_eM_bvtoAVBPm1CC-Qll7C74WaTRrQg7R8SeiDI70ZB6qnxG3Jnb47tvcYc6HIWBwvnWqtmFZyO2eDzE7pmBhx4oVWo0cE8zSbhsWSBBKHT-1lF3PxBa2dlshyOz-qwTck49YjEdOiHe2-9_0vkvf3ubY0AJ6xIR7-t8d8hd-GUmchtzozungQhHROyA6UCjmYNsPoq9qZEkw-uSFC9NVXmaV2um8-pc5wkfohF3mLBHvPQvQ5uJxjTZNfMOZccOS7xHK9ok1vHSLbx1GasZ3C8nvWG5XY_DZUrnXW6wKLev7r1Q6OBIBfwq59M3fC2GtjopYJf8mewu7CNou36oumj-wBYmGuRW6KFCUy1DWTMJHl04T7mU6bKwc4IOoPBBr1p1PqjEI9iRuuSEFs&offsetX=0&offsetY=0&pvt=1700192853440&stime=1700192857519&etime=1700192857519&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:37 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AEEE 21 KB
8 KB 116ms
115ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 03:47:37 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame AEEE 42 B
108 B 112ms
111ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CfdnGgYnivYTTtqChrFaZRzfTxuyqVsN5ShdVZ-UjJbAios0GMMD7u9yhXJ_EUbxIpXmTlgCN61ugwcUrhOjkRa1697g&dbm_d=AKAmf-BUsmsncVRDAZYcGiSy2lR8QiIaRRlApJ500e-vf9q9bIT-OigGmpWzUUStRD1zrmSplySg8dNZN8c5qLcN5T-CnZRr3Jb1kLucXKV5Sk64S92NfH0xB8oziWWQb04B0K9JfmhqR1Jm2qBJI1EnskbpmED6A4PC2YgJCrpcvkd7LvJLxqKUiBgy9qj0qvvRrhQyTAD1PYs8Nx5zvi1GdujMvHjCUCUZsB8t5gsnKoaWqLtm3WzyAQGSP3I98hw6wmOLPNPT0R-AxtUISbdYA2CdXMpum22Oy_czeyuHk5Y4mW1ImAz3dVsPeX3x4PAWYitEuDoYh8j3cPHIbi1JAUCrV-ixOs_fqilEXiuwOqMw87GtDCIAjy3KbTXknl1A_73kPSge2CzoR7xSfXKUUTyye8e7MW9WJ_Obblc3sS1xn4PdztWBa0LSNMn4MKH0LAxy01K3VgC3xbf1EoG8x2qj4X-RfcdDnZtTs2FMOOfae7_5HAEMk0KVYt9DiJzpxd3x5xxdlFu5bt4dYjWPj6dhzxFNxxvEQNvF8bIP-JVMGOaQBJ0lIgE0HsextQTo49AuU3rOcnrsyBph7g1aruo2agE_i6I0oNWcoeWSWYjbyuFlG0hsjFqAyKgP2ERgJdiTSYpLnhsXegDMiUz5hyAfh7B23izesbxzWoOr7RF2Ci7WRo9s5cjAJT3cKYI81KRO7TYAvg7NAiZpYoIqovmYRqHWOKrw4fzCSManG6144PN0KjK59F_wjZyUeFQfqg8PazaNRJ8IvNUUt0Ee6CplgpiiggR3EcOgRTbtUpzoUbMjI5JkEk6D0W9v9YKWlWmlVTUHJHgWkYU2jztUHUbWg5lO-BzcAwDSP8IrJkW-PDgeSljwYGlMmT5D81-3Pik0d225oZugBHWCbDrqTLpmfs7edxQZHj3lEn3bUvrbxXubYDCTTlVGWhPHuBucacz1f3T-wW1DwlLPrXgoLg57ueq0-H9oQUenfIsNEJZOV2BHRjHDCcTWEY_hmPFWANJbBtuRLBgKxn3af-I7qOe7SMIW2yPdi_Eolx_iPuzrOQYI3W6VpY8aIBNpTAIpGgEZSoqyviDtl5slgAhJnYj7SMzORrt_G8pYxZ79ucLb0tnOH3W9Ahi35Fl1Z-eeYCIgZs9z2iJ5MOqcsIMh83bEi1QnbWOxJ0IYbBWFLNWOWywWIir6ZNXn4e2zkOJTJFK57hK0G4eYnab_LJL7O4zO_xRmSEs9Y0gM7OhFLBQv5D2pBO9fIAy9ChNI371u6GRzeXxAsh2MzXEQVlrO__TeCZu7-0Sui9LppUPOZnMiIhkPb5A837fdK40HtQjYs49UDMwoWbb3ArFvMRAquMeeuF3E3A8vZ9msXgG8DDGrSBsenXqi1B3Lp51Kxm7iuCJ_maXTli3xIEgccnSNBtT2HQjH0I4oAVjDRTNGZbZCSkWqZ9ztmkLI5Nz8EXiRyYblXd8fkm7rfV6HMj_6qzr-aVNCjj4r3tf8zqM9e-7fWgTG1AcOg3IWtZ1DXJBtNtEDcnb1F17EguCdFN6kfIfgUKq2H36LKUjfcnu8_CqJYlVzH33H_80R4SOvkRHdHVg0WBXSpkls75Z73wxoGn0G6Ky_TENhF2p0IkEY-S-xjmNjLd_f8UtSj0nSn6HMv6RUj04P0ouNUZhd8GDGTt4QAvdO63thyUv7ppb4CXOosmADT2GPIdUMZhPttDatho1UGGeEG_JFr5Btnyfb7AvnXLs0DzzAhPNlYiBiKXA9zwoqYVN14u0b2UdWU6WcOB7ddUh05kXBs-8FnMsP0QYOIAL64jCN-1a1exrcEjv1hJwlEwIe0RRf15kKefmF7p6XMtj2sKV0CdPMssw12zzQmCEHvV3ub5KcRBpqCIdMHxhifPfqZ___8IZ6hrL7xrT36MaQGANKScpkKfhyqGiFjr8B6dugsjhfX-Ncgy_QHRDLIndxvoyC_2hAuMQ_K2djDb04GWGof51xlyOQqjnejDmZB7Zl_paISN3g6jJLZfukQrRKSa3hU0RfqqJ_4UsYjl6_cMJeFW4PyMtYeTsu47U2WDcmIJBLi_Xa_Mevc7LyZGGX5N3zJEioipEhBVi8BuATqyrP-mNOjPryl68zEIF6xzt52hoQUId0RfevTg39vOcQAzb7SgUV0mL5l-iSIXicTxMT6XOMrdBluyRK7DyWN7owN1Xx8f3MrZGb9YLlFvTN4h5awwYQSyJF0u4wZ7_RBrp7qjIdJzm_ia-PlA0jdZ6SBM2R26jAQ3TfNVYnTWbN-Q7hhmjcUi9gPyXSOHX76dMa3oOrPkUpFq357kAyNyl1aap9eCl-oa8d13XR2awcEE1qQ4NClSDNFKozxaFYFlfVkA6LPbZ1bNMbsvGKoyMtqsLfu59kS-E4tTqgjpNO2CR20wk8HMTAFDLHZlmT1b5KR0H_5qd1sI4N8MB-rHj2XztusX7qiv-AOMKZBwD0t3yFGGcCSVB4u1wREq66APSdkwTUr9G3KlwxPLVSGtDUvRtTgyRKfbny8ES4ByGt7eni8nW0PYxbR8FfERvgVQo99jdFHKExPk7gsAQr07z9MmJtXBsI3R0wSmCByTJSFqHESX3pSeQ8_WEaiYnN5Jzdq0UY3ClLaA5smFejEiCKWJhjaSCrdC8Rxpc5QcE&pr=67:0.495558&cid=CAQSMgDICaaN5ZL3z6cpBKY8IgKG7cmBpnl_jJMRjfPpuVddoqeu-9OdAbQemnFJNb4XcTDHGAE&dc_exteid=31363022445154089001850963552275758&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3906606857469701400
s0.2mdn.net/simgad/ Frame 977F 588 KB
589 KB 329ms
328ms Image
image/jpeg 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3906606857469701400

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

b9f409d101ade4960f8318c459ddbbc504ab84e167ae324dd6160c5710f51620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:37:12 GMT
x-content-type-options: nosniff
age: 303025
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 602483
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 12:00:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 15:37:12 GMT

GET
H2 200 14283768102260484474
s0.2mdn.net/simgad/ Frame 977F 21 KB
21 KB 275ms
274ms Image
image/jpeg 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14283768102260484474

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

dc67c7175776c1b31da1781cc91a864609b0352b874b047dd88af5873487d8ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:56:18 GMT
x-content-type-options: nosniff
age: 13879
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21217
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 11:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 23:56:18 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame 977F 43 B
394 B 52ms
51ms Image
image/gif 18.245.60.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=5c547dbc198418c4f4dc
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-107.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:37 GMT
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: hZ0bNHCIZIjVnamy5IekFA9WHFT2AXyg-tJtYvZBWsLu-0Ag2ycEHQ==

GET
H2 200 ad-choices.svg
static.yieldmo.com/images/ Frame 7D09 699 B
1 KB 84ms
83ms Image
image/svg+xml 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Thu, 16 Nov 2023 12:35:59 GMT
via: 1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 54699
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: private, max-age=86400
x-response-headers-policy: static-yieldmo-com_svg
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: ikOejkE6bSJCuaGoOaLq6nMqVaijYd1uFr3JvSTvsUamGMxUhQrN7w==

GET
H2 200 1932825149083970539
s0.2mdn.net/simgad/ Frame 7D09 567 KB
568 KB 914ms
914ms Image
image/jpeg 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1932825149083970539

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

7c4d036744b5924d2befc18881c2bf44bc51d342447c4ec4879b322895396b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:50:10 GMT
x-content-type-options: nosniff
age: 298647
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 580804
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 12:08:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 16:50:10 GMT

GET
H2 200 15565192129263080682
s0.2mdn.net/simgad/ Frame 7D09 21 KB
21 KB 915ms
914ms Image
image/jpeg 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15565192129263080682

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

dc67c7175776c1b31da1781cc91a864609b0352b874b047dd88af5873487d8ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 09:13:06 GMT
x-content-type-options: nosniff
age: 326071
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21217
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 12:09:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 09:13:06 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 178ms
160ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: e94c2998-1618-800c-b49c-cd012f65f568

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 7D09 133 B
569 B 215ms
215ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: c6a08bd15afa417eed11afcc2a4486a3275172601eae1e3787efec45477eaab7

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=65698f10f6c6dfc71edc3a8fddc2faf03ede1557ff6a4784518d43895942cd64
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 7bee3a65132558ecbb5da41b939f4245ef09d2b6c4978258ab309be7642fc4ce
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034737Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: f3252f3f-8051-95e2-aef5-cba6b92ce086
Content-Length: 133
x-amz-id-2: D7gH4xdmfkY4zS7ahCxCL5XRDmpkieQ/NOpoETWG4gKK+uHd8pY6RMc93Nj1RohhP09hgzqBIUpnReMldyxua7Jj9AvMOp5m
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 7D09 0
470 B 70ms
70ms XHR
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=5149024010350374005&plid=2521236318193655889&pvid=3408583802256311078&fmtid=52&e=16&rep_meta=QOSSttprBvD16yQ9euyC2Vf81QW3rW6aNMucKMTr5Q2hLwHdrvCZr5_omvuQ8LOd3_SWrt_7I5o9Q4P3tnPowPTmykjXqtSbzYPANt5alq9YdUabpWayGbwpvRGmjaVBeP1Go8zAcirLkFFxkrzZ06IhBwSZgpwr7gbVNJHc1SLxnxYqf940YgL6mG03Q_Cph6psfURyQddEN8DpG9ntiJHQ0BhfByUHN9DM1RYainsQny4jWnR4-JqORhcPchOZ67NsTDh-bHuLjqT_e2rx8aPY4UHjEm5YSMkHlUbNJIEhcybP0wKsSNeWXdmHIBjbo7E-3Tx0P_BuJ11S_8eb7vIas8vKkaS_gIliO4KXa_2F2PcQCs-q6CdWrtmI6u67I-vpt9wo57Ga2LhBvyvsVPidQdL9VQdD99AVPTwXuGA&offsetX=0&offsetY=0&pvt=1700192853441&stime=1700192857680&etime=1700192857680&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:37 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2CE1 21 KB
8 KB 58ms
58ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 03:47:37 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame 2CE1 42 B
108 B 58ms
57ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkUH-3qstuY4t4mGdOJGGsZ_ix7nIZ77tCc6p1zgK5CMYnV0vJSICcmGaJY-9GCYCEk61QUp9gxc3SRdu3Snre45l63g&dbm_d=AKAmf-APgOztk1LTVO23NDHIdvzE5ggLOYs9i0z9TOlUKYOltPe32o1LaDJK4YLYdoUfFyKPzooXd7GlL3lQjuLYHrPZm0eVPwEWkeuls64K9yB4zE9ceSQ-RZd-2TraCSn64DIzcBAriOIroT6elA64o1UKaMa-DmVJbngYspc4M1Wirx765ZaDxARrngEuVxfbxbBPk6djjj-jU_v6PJZRDj_Nv02Du8CexG_RfwAKIqExAOEDzGbO1VvCJfgwiL58uyvQZiuguyDXPipPIQrSzsktQJipFA8jczq-ILaK4Y9UnFEWpENJZDBFLCf_py7dHqQ4y7kLN5xLCwCo1B_1yQ_btJ4OytUySnc3i-yRlo77788CRhBcqLYl4br0vEpFGjT7WmkBTyvgF6jKLXOwZ4pfRyJPRdTsxF8bJT_trA1vzRh4rz2HLfiGto8bhHhWGnX-PtbQyWvORLHVMQVew0Ij2rBOhvjrjt59jDs2G1w9_hy5uSzqo1IRnm7VXjgNsdbntvBLoOeZG5LTmThafgt6i0oTXemgZ1S_cUxZIat2Uvx5nnxWZKv_4VZxKZTMbsTmn0x4XLL11JrzhRyAjam2jHJUZyoyzBRS53YnhvNgIsaMAY4qULL1fM4YPmsn5v3Z2OaQumMy-V2kNkrk6yUJfsF0AqMwzpPGGszNPDaUDbc_lRlVVOnfCw_3S1O0YarYOYnmqad97BXn4uHEC8EaNfuiAyAkvJnDRAliuQW94ODWvo5FYNo_pl3MHfJ-vbxcBp0ZPohcZP9iPDNraYz3-fetuiElVDfdgnTMDXpyWaPZmZecfF_jkubp8YBXumLzBW3qgcIETc0ImHMyw9rKJ7NfNiz7hQZkupdCroD9_SM-93nW48CdFBioNQ0EcO0gFiKvqgFuwrc9j-X0St5D9iAx0Ziiiz0RRjKObx4oJYqMIVkikeO9dMetoV4mxq8hDEXOvxsUKTS0b1HmTAM8zHHhAdfketbNqNV805u75Yo8bT6Em4rSJizjCyX6P4k5daUDRJCwn4Bixr2stZYfIHJGlRaeRnqcYJzgVIK77D-xqeaZMsxleXYFcNMkM2vSApkLrUoZrOIis-Jb_cbXtF2Z3diUQ54D0gFsbpAJ8xkIRjwKCtGokumTNfPAE-6rveDKskY9UX8EC4qVHSEoA7Z5R69Kx_yqtlyeOdcKBiEVupXImxzbAOuKNSbuO2hUPqNJT3q_gsYQ95R6fYVfPmPAVH2J6ZEBFoYvehnBNsBBEL1Yiizgn8uGKRPu_2lHWY2NON0TYBp7YzKqaaH3Vkwp0N7GF2wNClfatkzzmGr-fim6JHNm9x6zyLK1G905vIOvQtiU0dOMrHPNAEuYZyy1VrWIx7kHhPRsGfdl3fppFqI4BgRPMDpToOkxChHF96iElT_6dhBWdpeWAz1lL8Tdsg9bk2m-hipTTQ3Qk9Wmu86RxNWaOtVP-COzUTHHC4USlBBkr63M3G0H_9TcXyUWEZ5FgsSTBj4Gzx31QwSTgFzgvgWgYTjWviTb02nLVg4EHrUvsHy0Ysr9EnnRVUQTdXGhUWxxTVCwZCC-w63Q-NHGHWqdRHIoMVf2LORJmnNclOnoCHDnSnPOd4Un-xZ-A7hkHCOjHvYu6TJlKyoJOqR_Bso9vADXbJlWFnHxV7JIM16Xt5m8NqFnt38u3tz2bmd6V99IjBkAQu7tHDCHTVqHOaav8ibjfITiDjp2-Ly4ZQbCEWu3HMLrCBnTt91mPEXn3DeoRx7HEzGMS-xYbO9LNbxvXH-MKUAiIzvVNieRIfEByukOUAwswQuDulkx8UHv6BRmqwybcQTE66Lydh_UOGFMZcMo6wuF1UZH-PgxaY8ExPS2nXjj7Wy_83NgNGaOFqocCfJvWaretPN2vLj5hdY0nDK1qDKOfBkmXWwGafjP_lHO-sEyv2VerUMnFC_zd8nZ7kahEmdRV0TF_ePP-Lb5CmEqxIlFJnSuV-Ul5Y0Zv7hB2A226e7mkuq-K93jh6CNx8CyW8LABJ_mgG44PRPOxnMVzbl_2IWhCE6g94MmqrM20KcDheXAlW-QWKaAz4cRfrygbaWniyjX2wGh4P4VRayL2QhmgzxZ4CxbC9XeEBYQcocSc10tGuAl7QlKMTFFlfoAHSqqU4yM_jt53QlWDaSpq9psTP1uK8y0iQcBn-LrDWfdlPsMRSIoIjd1-XoanWhhD7-eiPIipnOR6_x3pxrqV0YXBzhbK45hKYw8qfskiiVXMMT7au4XimMp1gv8LG-7GNvAeZvf3tNCnvzkuQ1dmLkr5PqPlqC9dWEfeaFcK9-kcbLSizU4UdXG0lRzQNbiaxgVmV6Iws_hAW2JmwSXLr_drC0_nj82pr2j1pPcqiIbJcaYdFJrgCvjHaMEsjTTjCbPuRTAUvpYzyWC4YdD7P_5kjmWhIWnMh4R-KsxdxyrcqoWHW7mGBot6w_b_QStPDod5r0G2BsJxxWD-35If6mGiSYwLQQAcTmqi6ucfgBYGB350jlgR40cHO4iD7PgvdyS4PtedCxuDz93FZ06b_XXEmWKvSJZ-pHmxZXFLbnzKGCs9CXqZVXLo3pccsveT6EX3XnjmkbVOeQM9A4scCXvdRIimW9cEjRcwqagmshaJ2XeWTDr6mekeBDDtLpNvDcsejU48PU&pr=67:0.495558&cid=CAQSMgDICaaNZYXom3GfVUMRt4flip7AK2BWfPAHd_jj9tpi4g_q62mp3nCleLW6GK_2l42bGAE&dc_exteid=31363022444714558303373738907916378&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame 7D09 43 B
394 B 56ms
55ms Image
image/gif 18.245.60.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=a8096dfc7259e64b1acd
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-107.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:37 GMT
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: KNnewH6viOEF4No8NNA219JSKkJxFKZR48n9ql8UwlWOKs8YlM0Y4g==

GET
H2 200 ad-choices.svg
static.yieldmo.com/images/ Frame 1C0D 699 B
1 KB 73ms
72ms Image
image/svg+xml 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Thu, 16 Nov 2023 12:35:59 GMT
via: 1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 54699
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: private, max-age=86400
x-response-headers-policy: static-yieldmo-com_svg
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: 9-nl0fFNA1TvH3awkE2912ji_nQrRHU8SnCwdNquE0u70N_Ep6naJw==

GET
H2 200 3906606857469701400
s0.2mdn.net/simgad/ Frame 1C0D 588 KB
589 KB 1017ms
1016ms Image
image/jpeg 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3906606857469701400

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

b9f409d101ade4960f8318c459ddbbc504ab84e167ae324dd6160c5710f51620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:37:12 GMT
x-content-type-options: nosniff
age: 303025
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 602483
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 12:00:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 15:37:12 GMT

GET
H2 200 14283768102260484474
s0.2mdn.net/simgad/ Frame 1C0D 21 KB
21 KB 1063ms
1062ms Image
image/jpeg 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14283768102260484474

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

dc67c7175776c1b31da1781cc91a864609b0352b874b047dd88af5873487d8ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:56:18 GMT
x-content-type-options: nosniff
age: 13879
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21217
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 11:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 23:56:18 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 172ms
171ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:37 GMT
x-amzn-RequestId: fa9d3fd0-006b-d0b3-a74d-db49845534ae

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 1C0D 133 B
569 B 217ms
217ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: 0653cfe169f1be72444540ac9b083308bbb2f992d3bd68d36f5805b5e4227e67

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=b67c3c704519d9caeabef3a658e863e47d474733f171cd8905b267d37b8ca00d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 19594839bf67c34d11ce8a9aef51875b83b761136d46a2055459e8f03263bb60
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034737Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:38 GMT
x-amzn-RequestId: dc955149-eb66-caf8-8145-b5d34dfaa750
Content-Length: 133
x-amz-id-2: 8GW99B55yQfaVhz0NGuEBgEYxpZgZkeITMenbVfxtD7hyMVfW281VcOSuLDIYGK/wX1BbaRojbXej4DehfMklm4908Q2DOH0
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 1C0D 0
470 B 62ms
62ms XHR
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=3207282136591825304&plid=2521236318193655889&pvid=3408583802189188676&fmtid=52&e=16&rep_meta=8vWBwGAh266yw2M536u2KGa-MVQErRT-TJfImKZSejOqZ2frvEShz6BXN1Pn0q2wbtpw2PjkJmYzFNRZ26qfnmHpN1AbUyQWjVzuTEWEN1Svr86bZsntGcLrQimYBpOvCQkcVV6-eDGWU_b9qF6d8Zq_GSxuSoyDnvq3I3EdHbr51-_qDAiT8CgBz3QqrhRnYyDtEp47X7ASrek__QaclSfZAOdzhac00dd27ZmJvUPgk-5B0k3TjEdYVYDdQfpSllRGRfxIdqu1Jf755yUHlik3u7qZRn2NGXytP8uLAbl8m9_7oK2utpwrw4hXTAMzzq7Y0goLfWoRpuTx9m9Q3UnOZvc1ikBnGjgeL_3OZvl-8Z3yJ-Ply3n3ti5BfyEwalvo9_RwhG8-hCTkVMZYdjd0H-ytBNBCOMpEaR_ASew&offsetX=0&offsetY=0&pvt=1700192853433&stime=1700192857850&etime=1700192857850&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:37 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3D06 21 KB
8 KB 272ms
270ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 03:47:37 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame 3D06 42 B
108 B 54ms
52ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DzGHOmNG9VtUJTqljpe0URQfHGiDXfJlP8I_33et8t0vyHQjPZBq0GSNChnqDYmU9wCaW5fuhQWXd35_LD1fAXM9jHHw&dbm_d=AKAmf-BZsr9xUKL8dhthhP7UfA-nwZC_vzf7IRSTHPjZKbC0xLrQdTmXpUpC3_GilhkkifHmpg6BBxlyA6kam4HuQnHGrixbsNWunBexDgvscmvqR6q2D8wM1OTSt4YNEY6UYAiirQl6kWDM6fKnexjQ0jVZaTIcplgIFg2J9ZjAJ1lZtbU0hHzc-Xau9ImqFo45K2IoEWaRAoH5_MCmjNViycPoIjRPERUEUJgnYrQP1lNQ6yO0mhMvSVUK8lpg3uwErvayUFaLn7gsMY1ma5UY2D_Sq6Y1tSmDC5rxNogqb1V_8luYlh_-DRaoiagtWfjrss38Va0uKX89ZgJdmXOLsPDFp7TfTLLawj-lCL8196iP8T4MX4ktDM8Ply8VpfYqh7yNQM1cjqUHeqtDUyfvA8hsBaH9FzFI96r_E5ezF6EuXjiXR1TGWJDbU252CjCuR22ZQ2Iu66h__v7H6ysj3qhswcD31smIcMFdDLs5bTnt1CtD5WLZGLW0oP9E7yK8_OuVuJ1358-Gj7-TjcCIFSEUo-NE2CYSuDvlI9Im-TAueqzq5tNKBRypWrpgsTUOwQF0j0mXw37dDe0wg4utLnhwhwu62o5RF0269HJk7IHjrv_8Tlkf76Yza82BKe-p_Q4k1GYB-W7CBlTOzMD4oma8hl2JNk6QmyQMojBHrmIvV-wpx0YNy4_1u4lrEWCJUBcKMWD0cLe_KqW4lR71CEbCZZR54ZP-ShVc2v5-I-t6WBPCdMEUnBahIrfcCMWj9um4st4ZbKxt7pR-ln5b5uDt5W82cnrSl-sg5SHzj30OJrIYOa03w7TBgvjdTSwDvIRngIVZPz8iDVyAVZ58QlsVFaZFlHJbnQ9ryLcC2NJ2YaljTo3Ov9u3pxMzUBJ-vRaDhRibvWuZF7VvLqZW3R7J6LBGKVGx87XLIOBWUKps25PawSJKXpideptwQOHeNnRbzPiXrR9c9J_PCanxW2lPD4fL6Ei_rtawRACg7VQciJZbkX6Ho-CiWRZPof9JPZUOiH7Vwyv1YDvjxlmmLpPZ8JnNtYfhvl2qcAtV2iKdLeeczyH3z6BOtHt9LfuG0MzOypYuX0Lf1V-nz3p_3aBhvLOve60sNYRHTwqwpIctjJRdXEgX41eqSJ2kxsAm9gfbEr7Max5ikSgLP731cLSfvtkVH1VL_ChHkR5neq2oJ2JQ1yMlAc1RkIsK-0sKi1ooVwSvArCMfiM95JxURZYRNju05GHUbJznyLCtaB9cTtF0hWcPDL9MSl6wfY7QL2IOT5Q0LO2C-6EgASd__StFb87bCFpigEctm72zK39h1DSvpcOehvKhOqPeVwsKv9R1OY2LVdGhmAN7bhRjXnaqmeexdsbsWwPcQbvJU1II0c2ZZjfVtOqVZ-RVSxPjz1tJJ6jspgPc2W9kxZ7CxpTUl8iSRe9WL7d0SNaJjkRJAP3jW9GEbJe0rz5JA45zn_qmCVENj1uNVJPelavy9zYTMpkrKs7kH3WkUae8GiOuLj478LOiX4Yougz3-5biQmdt29u5YEb22TXhkg_-zgMYE4GHmXxfJcwGZiAmrCvEp7LPeuBkhPB_adb_ER4wK9sDVtCPP3_gqLuSQVLCISjkYpNnQIa3DR2DtHSWrYZ0O7LMOOmvMeFRgHc6BGMOEITE-vtiWkqcOxPlExPAlPn_2tniQ5dRUS9InaPe1Dz5JJ1TITHoNohGXBCEIrK441T94JitXLvKZ7tAnfVcIiTPHff-l5CKxIWMoBt0Y8WNMnfilmyWO0bd807tNzXgWqfsXFfzAB3qEo6DnCFL9x0ZGw015gfontE4Js1Khg9tvlfzOUQDnDw1ZcyNFCpC1LlPBTfEIr2nHAmxkJQLd8fh8PvCjVIZBgedIlhX677ZpjJ6TVav0K04dKrpTrDHrTHI868t-W_SnAyBUXQKRIVSuF-tGKxnSbnt2eJxqrt4shCG8Ps0WiFtXELyqw-PZH5VC82k6gfPIGTHQJsMgry4Sw6ANlWBTxes3rGVkOTRngSlGPh-QCdyS-GNzfFso9kz8fp6o3cL4JSPy02HHY6BmTjhD3N_Zs7wmo5t0Rmaa_VxWgymiGmqzBFLNDvh0CANiiKgB0FCjJyIvcPW74wcli95t5vMUKZUohLjDnHsxFvtY19g9ah9s_keDA9vRT-sFxgsdii8n5lYBg1N3gn8JvA1_liWdmsBvoTj4rt3OD3icej2va8HCdKQmVy0NRV2wYnEnjRhrqO8-hrmUgGxxyDz4uYxvgcJhS8uLda1OJnWBbKlZfniV0MYTTjkljAgM9BP0iWHrA6_XjBl9xrECRDmss-wmFTdxlCbJvRCx7oxgsTBwa0ORGf0omAjIuk0PxdVym_QM2Dzd2Cr3v5Vh_ENOkwvFeFotKJLEaF9E-mlFz9xc3ttzK5yiFORZ32-TwfEmN_iuKJ5rPUo3Avga0V4RY8VRnd1NzhTi6FXAVIwFn1mBRYJCkb4I_9sfFkcEfSl3ijj7Ay5dFEkN3blpuPYDKBydpQgGmlss4tUCiESRqfXkMG58xnS7Bl49bUY8kreexQCDcZOY8kzkiuxri40rpHF2C9Mvpixpt6ji7mXrhorkgTL6tqV_D3OcJTtObMBktQWs0V4y0E-TN7z8qAKC47iO08y6xTm16FRVPPtGuA&pr=67:0.495557&cid=CAQSMgDICaaNSlctQF6_X3bHj3IUL2VebGLWXyJ5HAt5XLMlNjShk_VdG4ipVE5-PtY1Jby3GAE&dc_exteid=31363022445327617523396607432217733&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame 1C0D 43 B
393 B 53ms
52ms Image
image/gif 18.245.60.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=3218e8ac9856da932845
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-107.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:37 GMT
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: HoY1b0Ph5Zn0yLLmw_j4EX8o2NfbH12piOUK9p17x_z26IpLmB8Adg==

GET
H2 200 ad-choices.svg
static.yieldmo.com/images/ Frame B7F3 699 B
1 KB 94ms
93ms Image
image/svg+xml 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Thu, 16 Nov 2023 12:35:59 GMT
via: 1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 54700
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: private, max-age=86400
x-response-headers-policy: static-yieldmo-com_svg
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: ee-vT2IgHAQhDDeIsyhGdUAQGNKx2FyLCZDlmxdOiBJC2g1Z7cSISQ==

GET
H2 200 3906606857469701400
s0.2mdn.net/simgad/ Frame B7F3 588 KB
589 KB 1405ms
1404ms Image
image/jpeg 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3906606857469701400

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

b9f409d101ade4960f8318c459ddbbc504ab84e167ae324dd6160c5710f51620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 15:37:12 GMT
x-content-type-options: nosniff
age: 303026
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 602483
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 12:00:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 15:37:12 GMT

GET
H2 200 14283768102260484474
s0.2mdn.net/simgad/ Frame B7F3 21 KB
21 KB 1405ms
1404ms Image
image/jpeg 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14283768102260484474

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

dc67c7175776c1b31da1781cc91a864609b0352b874b047dd88af5873487d8ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:56:18 GMT
x-content-type-options: nosniff
age: 13880
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21217
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 11:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 23:56:18 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 189ms
189ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:38 GMT
x-amzn-RequestId: da85c88c-513f-d573-8755-2c1641690a8c

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame B7F3 133 B
569 B 399ms
398ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: f40a0823581ed9f71a7ed3c4d67c57e8b30169d2a1bc21c4b7385d954887eb03

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=85f3b1675f67e7ff030a824ac1a9eccf183b1a5a573dc454ffba468c1df16f9c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 95aae521388fc29accc4564b043848ebf836ff5b1bf95d19fb338e38e1d4d886
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034737Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:38 GMT
x-amzn-RequestId: c4301c73-66c4-a667-99e0-f8e976927998
Content-Length: 133
x-amz-id-2: 8dxBX58yBSDzAw57qps1QmHiveVzDTjPWovkHvXh5KyNmdU5hVBngJ+4o2vq+l/ybSGSx3fLkWS/FCbAfaEM3H/aOde7sVrd
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame B7F3 0
470 B 83ms
82ms XHR
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=7709869598571366859&plid=2521236318193655889&pvid=3408583802197580232&fmtid=52&e=16&rep_meta=67blbcalxOfIkrIcYn3ui5iXE_eM_bvtoAVBPm1CC-Qll7C74WaTRrQg7R8SeiDI70ZB6qnxG3Jnb47tvcYc6HIWBwvnWqtmFZyO2eDzE7pmBhx4oVWo0cE8zSbhsWSBBKHT-1lF3PxBa2dlshyOz-qwTck49YjEdOiHe2-9_0vkvf3ubY0AJ6xIR7-t8d8hd-GUmchtzozungQhHROyA6UCjmYNsPoq9qZEkw-uSFC9NVXmaV2um8-pc5wkfohF3mLBHvPQvQ5uJxjTZNfMOZccOS7xHK9ok1vHSLbx1GasZ3C8nvWG5XY_DZUrnXW6wKLev7r1Q6OBIBfwq59M3fC2GtjopYJf8mewu7CNou36oumj-wBYmGuRW6KFCUy1DWTMJHl04T7mU6bKwc4IOoPBBr1p1PqjEI9iRuuSEFs&offsetX=0&offsetY=0&pvt=1700192853434&stime=1700192857994&etime=1700192857994&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:38 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A790 21 KB
8 KB 579ms
578ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 03:47:38 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame A790 42 B
108 B 74ms
74ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DgJfqeGbepDxwFns7ZYhfQ-yp1I5Om88EboPiwsDEnUjMfhukwC8IQtPtJCqS0puDnZRkLtNvae8uCV6PSPMM3owTbDg&dbm_d=AKAmf-AnzZ7IyUN0NW3rJKMXkWQRmMjN_nxf-_gqUUC3b7kJzy5S9GOQ57D-CCdE7gBp7awSaP8GrqTbbFk0TRf9OCLTJsAL51Ky9Io-MLa0oUzKoEwYLHxVBeeU8pOSSGSQR1xVAc8MDsqvvT1D186YWsLjJytkXa40TlMhMMpswvYtvwAeheeMNhnZUVI_ghs3RXoGnsUatmiYx8a_dJDLNm_0iKuuu-Oz_K1PWHBF22updBIatyHMQabru9i2Y_PHm-7KPi2y43YbNjHYaOkhaTHXbt9CLrUXORBKa8o5q-xC0-0sOX6HeQROYw1J8ZD2WUeB2U5FtVZosjVXaPbqKcHHQGWWK0KK5Y9eGq6Whz44jBoCH789IfQ5SsBwKR8rcLA58YKGSGAPgp_Nw0IIKFauUEpx8Xq8uOBuEFFrZgeeWB_Y1m8KIZGVRx-AGK85dor8n7nkRwOo4B-AcJo_7YKhJ9FlECoGVmdE3xnBeT27IVI5JPn5InTDQAgE-22hCHyRLOyFtEQEE05uWO8Li3zExZWcpk9-co_NfoFPoHG8nnoCG-dGPFZjzj2qaX1XhEBZQH0OpPs3VtQkLZOguzLnnR1foPqWH2y8O6t15cRd7lAZiTSQeN5pvhkWH79FmdLGBKYAqROnKmQGjA1QAsGq4sHD1sQTGDpOGD0G6smHqPv2xaE1PgVGCUFwUfICtTvpZOnTOSyG7ryYReZ-8YWabieRSDY9tPU3y_J5lf_ghq0F0n22M97GMylLketM5Y_FtkLznRP1z8NzchWL6Kor2xVTooJFoET7nmJvzav8d6DjQ3QCuO3ZP8cuwMdsNMDsEUSUXBJPfe9JG9nmkGY4QvwQ87Hb1ua4_ussPr_9unKV61gXEuY6T5tWe0pTuybGrCpnOgu3cV3ZoV2FvBoNYdIiF1xiTzlfhmsrygv81uUTyTPXtnH8LxvSaSmYLqHF0XtmDo9OSDLOm4NAuGbkquz_jkHAz1XcmAD-WIzSf6umFW5sAiCWA3p9CtvJeAnFERfkHalyhCI-xD7FZaKZSk-uferYijrL5WNEkwAvtzKXJ0A60vJ8KCr5WVTHlHmZ0sd5jD7Vg4MEnkrlMs5MxN-N1NBr3v2-YwVn-eNW0c9b6ZE7S4QEeZKjwkBLhhHvF4VvVfBFMIPbKEReDR1EhjsjvlXzeHcOvXx8pPaDEx30N0filx-9BwIknzwCJKCA00K16lxgYYmortTa0HmEm8GzgXPHr9K1PVlquGb4T0RtQiZU4qnNxgWGmy7LZenBhji1Oqn3pTpvmZgQpZe-6JZctNIlyX_HdFf-JRm0b1Y_fRxYk6IOkzQJAYFMe21CyoR_G1T4ym1pjm93-GfYGyvg3EVgEZT2fXfK_1k37fLsPNPw4yNwBBtBiA1r3Qas-nlcQy7V_myZYmDe_Jg15BWcKjqovjbmZunbywqNLteGuo3UcnHb0kXn298pKFbO2b6MBmVUmCq0M6bQW0ryEsaE7llSF_kKd4U_brUWF4-Zrc180dvhBEaxSOVrB5piMbYOezjBqH6bGBc5JKNgzixr3zDmuwyOpxG4GcKvz7tb9br4p1IIfpMauPjWYiUYDy6c-CgeC7mpfv4uMTyfdaTOXP8yiKRQhp-RJc9GQKKh95yrq2mGzw8Am-ZsV7bn5mLnxuIhDRNL8FavR3dqek8XfdnFrQeVMygrxt6r2ApE3ALbxmzK9DPMix-avbU45gpKEsqdCiTbpd5-GC-MSk1HG76RAVmVR2Xy26v6qid4uMS1fWhraGWntCwzK5lae9t-2JRrC6BXggSNrmYGPqmb0pZUYVY7rPmMaBn-i7Cw6MVLPkL3Fg1iKMtbwKi9VZkwPZ8NWvRUnog2nJdrX-cGcFso8rFuuzYmkXE6m4yhvI_FtxyDM1H35vwkmLZuuGVpUraJzD1BGFkjP7gp5Q0qMd177g37bYrzht_dmh1XD2xg6SmQBwYXow7EQ_K__uMyBpdyMe9TnObxxlxxJHlqHvlz_DgQBBV9HzdQhwTpv4ks_Exaq_rH746icNwAeM_dmupe9K9S8k66JgIS6SDfqGHd4rQEM3VARjslkT_TWz8fydxR3VS3cTW2J4AX171I8AyL1qS6ZeuxF5A8pSgg5rjtNdDJsxYHsTkYrZRRybzTlSzeGuXRZJVd_PPv336QYYXb0htFYGj6ef50ziCBlRtr3nbjSQ00MspRxcNRJgn3AM4jmhQYqIfsIPjyi4F-7jndruTSamRUUXNy2m6xUtPNHez7fg8BcRHQ8IVHXna-NFcK64g4pvFs0IlEoiLpWpmzcb6fQ23JYmc0b1hH-JsAhcWzJuPuqEzEYbcSTTs7ZBhVxp7uxomc9e2IV2YQbrdEDCD9bbftjyFgHVGI3aUD_vFLKzhlPeiHVjDN__9ZDZgJ9cOgdPj1jL6biq7sV3LePut55ImAPSI8w1uBcb89aYvppnEjG2Ng2hNoqxrr7CQmhgkgzNuvD2xh1VCb9RwQd1CR-g4dpLJ8xy2VTtOoCRa0L-Ui8-iKsQrgydOmlRyln53I_kG4kLawPQ_HErhv5cgY8UzJcnNdy1VdTzA17C9P-zeEJTkBX9YoGmXYXSzosq3qjLFvpZGgyB3aEIIeVf8nU5La8vT7OsCKZxuAFXXOuNrifQE3AaBW0GRA_FBZJ0zIVpKMSktMVbMCGgYmf1iK8WJJS8eCXoxjiQ&pr=67:0.495558&cid=CAQSMgDICaaNnCf9JU6SZmDzFiQwozNZDhsAOsaClbaI97qH_v0GtL_gNel_K-5H5Aaj0GkZGAE&dc_exteid=31363022445332487668831806271092012&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame B7F3 43 B
395 B 73ms
72ms Image
image/gif 18.245.60.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=15ceb7ab20c10e969ffd
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-107.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:38 GMT
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: dbR52ySFdXw8OrWvETnfPXoIMMnRIMYZACmg-cT3Bi9BPkfKePjU5Q==

GET
H2 200 ad-choices.svg
static.yieldmo.com/images/ Frame C9CC 699 B
1 KB 65ms
64ms Image
image/svg+xml 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Thu, 16 Nov 2023 12:35:59 GMT
via: 1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 54700
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: private, max-age=86400
x-response-headers-policy: static-yieldmo-com_svg
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: Ob9RULaiokG1xZMGsaQjWUrvZLMkarjS0-ypdOTOsC6XThdGyb6zxA==

GET
H2 200 1932825149083970539
s0.2mdn.net/simgad/ Frame C9CC 567 KB
568 KB 1780ms
1779ms Image
image/jpeg 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1932825149083970539

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

7c4d036744b5924d2befc18881c2bf44bc51d342447c4ec4879b322895396b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:50:10 GMT
x-content-type-options: nosniff
age: 298648
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 580804
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 12:08:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 16:50:10 GMT

GET
H2 200 15565192129263080682
s0.2mdn.net/simgad/ Frame C9CC 21 KB
21 KB 1898ms
1898ms Image
image/jpeg 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15565192129263080682

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

dc67c7175776c1b31da1781cc91a864609b0352b874b047dd88af5873487d8ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 09:13:06 GMT
x-content-type-options: nosniff
age: 326072
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21217
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 12:09:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 09:13:06 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 445ms
444ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:38 GMT
x-amzn-RequestId: c92da0ce-bdee-904c-94fd-44548493e528

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame C9CC 133 B
569 B 206ms
206ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: dd22539dbd750bf36848bfc36b81005d6f5180cbb39de12be93d8d97d9638e38

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=ee33f4efd7244fa7f7fe737f353198453cca307a1fe87d7341a7c4e4e0fdbc59
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: c0172de753f28356f02f41b368b9cd0a6e3fbc73eda52b193a24a1d9ba9e274a
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034738Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:38 GMT
x-amzn-RequestId: d965ff34-ef5d-b7d6-84b5-1baed620c2b2
Content-Length: 133
x-amz-id-2: PSog7UZczbp3QQW8AEXMLFUHtlxor1Kk7P7MFPznfXZTMOWwd6SajLHOuaftxoT+UpDzSYA5JaLC/+kkZsxWHxPJOcDG7s2g
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame C9CC 0
470 B 105ms
105ms XHR
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=939725856112663568&plid=2521236318193655889&pvid=3408583802164025787&fmtid=52&e=16&rep_meta=67blbcalxOfIkrIcYn3ui5iXE_eM_bvtoAVBPm1CC-Qll7C74WaTRrQg7R8SeiDI70ZB6qnxG3Jnb47tvcYc6HIWBwvnWqtmFZyO2eDzE7pmBhx4oVWo0cE8zSbhsWSBBKHT-1lF3PxBa2dlshyOz-qwTck49YjEdOiHe2-9_0vkvf3ubY0AJ6xIR7-t8d8h5OIYvkJpcNRc2sC28xxZdqNItjapwpVtWZCBpFObbS8FKQrM_vpQ6dFSVRxMOvD5AwrZOojqiktJA-FcehtSEk4fERJu4WkHIccFWh2d2RxfIxvKrNbbGUZeng9Evqke6HCUXtDALqGlMKY3upYxGnfyTn5KlDd2h72HIVUBRw3fcEpfHJEYbh0Nsu2scp-LchkX-6mQR6uiQ35CGXZZq4AlpbdPOsi78YPFaISJ75E&offsetX=0&offsetY=0&pvt=1700192853430&stime=1700192858135&etime=1700192858135&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:38 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FBDD 21 KB
8 KB 442ms
441ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 03:47:38 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame FBDD 42 B
108 B 98ms
97ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BvcI6hOEpuzKK9FhQfViT2WLU_V1Yt-dL58LsVdtu_i3oRr256q78MEVa0ZGMLtHTKI4LCtj_7wOJhqcYL_7qYL03eVw&dbm_d=AKAmf-D8-bqO8vYIgsXEd5XD9YgAQhrlZPJSbbo_16IOWQvSknxf0OscXsNme7rPIZi0GRxLnyrxOw_m2_fLht_5lyXue2dk1xcwbUdYAURadngq5KPggtQ-p-LEfatL0FUSabXe7jhzlpScPZLoOTTiEpjhHSolNc6W_6y3ppMynWG9NIeNWZmhfKRwvs_H8vO-3HErrQR2uYt9WDCbBEKTW9yKBjm9gaar-ieV8s_GiE_KKcthnhiz0MYQpCcv1e8WE9lU2hNMhN5_csWpCbCzzKqIEXmhl38dHsBjjdr6bACGmdmg6TqW6eC054aKAE2ZUWF25qRLU1c6qF9RCwPihzUBkxSgGlufK5Jg489w-P9WibqP2Dp2enfloIMDjKph-xEnxweG02BacGkYphZtYbCa4neayaDipBCK8-KVobsC0KLkPTP0JpiXZYIXTsFYte1-3RBE0xR9ggMjcR_g4HbyIW1Mx52Y4SDqYwIuZ5bj50RKwK00pMr6LqkoIvYXwN7aT5M7IlBtLKGaQ9QRtPQ_jCaVLCRRCQAqUySgEDhYBiPrqJcGMh83_bK2O8_bnyZKDjkCy50DvRgCmhfqdhufkQsYMEIIMPpGfm1ZTguUen3rah-Q6DjGrWY0N8_QZU61BgTdC9R1ZntDxQZKYsNG5WdbSna4UkYqC-nLHcrPNO2C9KWVYaEFvZAfFNkov72cIrS8CFwrrTUyg_MIrXyZl7wOldZ1UAQuUgOZp5B842rjf0VaWlYHfIHjtgBWbPTfbNV5o51PCZTHDfkbRypU61Qcuyj1_h5k9dR-2wOUZn_FQooCf4LqI4AU3VZk4akLG7BBOFh8F3r76S4yNpevePYOyFVVmBf_T_3VgTgIrSGTywvff_mmEi2IpDShCpFcBnhtl9SWrNtRvCcNxhuaSnI6o7g9h-QQHyFaB4nrym3x9vuJEvdWdpnW4ulI5fQaUp0to4t4xlFf9mMjfgfG9iGGhTMuM-leUfFfr9ybG-nZw2OGZFIvIcR3dAXwHgqbMx26v6nBOZ2the0xCrwxjcy-Ce_fmxGfiv2ZA2TZInJZ4luucsWwBn-O1WJ04krI_3L5d5xdhYz9d6yMBqmG0mI8EZUG1UpeYwVd5ng4-v2BXmeXpzoHN_mbivrapzg4BYt0hDROTJejOqb637wJnO1DDm3LuIPPJ-vNOmDvWlhBFrzdWspuzH-pcYTW7oTEqepBkWqqrzyw8WsFoMEGLdPh5OUnrexOJNZf-rLMzegjkncqJV_rC4--7pQVPEUCHb3aOh9PTxHGZ8krm5eyw8NTosvQMlPPv4QytdvZa6DexSgq6C_XIcmsG7rZUikQmh9p7xdl90ISPQif9VMUJcCMxyYv0H_ezgPvMTLAHDaozQroksiXNRc9kudn9aHaFvYrmaWcHc7N1uzMDglNDI2x1yxipLddIQx8D-ltVwH16YEgszjdRtHQIB9BrjqJwdQZ1CyIsUs2eS0oChyiDgxysGAO5_m959anR0B-BtJdr4FAREWRjufb8-azyt2heTm6089vK3LBVlece8qTRqXmUjdrOsmemhxvdj2pTWJTqJXrG2XQSH9igh3wIW0_Y4CFebgO4L2u2b3MWQzq_UUBgcHYt7nGEGERE1ScyphVFMfZ5VbF2vvXr7Q2dyVroTY71wAdSFgbQgvCLP90BPHMUa4sDiJIPIooAfoyyNN9UR9OxQ0PDcAbNiZT8AoXt2xex9lKGg2Jtnx7t7xJmixKbgibQ7HUdVBI_lHtBKmbb0JAwc30sDK_qAs4ZGaS4GZidIsKXPlZ8zcQfRnQd6JPOPBGGSI-VjRkYF3IExyF1prRLO0o3aIzi7XRVNBU33QwQCFq0LIBaq5FukvcdtL_qk9rU9YrDV4__VEM73CifgzBU9DI2xqKi9RgKTFpW5cbgR5kBFtc5A0LYaGuNaU6AbcKJPdhDGjvG1c9dr9U-OIY87s0NzHv_vTvxgun-9ykoJQT5Ye6JjnJXvvX1UeCS_ajlXe2UljmIpBUrNXH1fF7nEfgYu3_Kipj0eyKSnDXMjRxmnuljOlf9D92dwaSaIDyKKn1_DoeCfft5WX1vpu9ZJwEHMiJOY4YhCq87FzRlaXFUr1-DpuoOD5p8S619OX31NgfutDq-7dqqfrivdOCcg8ZEun1Y9KCbiZHQAEN9_SFl0svImEvu5Cg5x-FZB2932f1wHejkbvziQ_HnIdw4ZVwvWGsinuNHOO8JUyD2IcYMO9nOBWFOH-yAukHSZdC-ypu37lsRA4y4dNDXfYfr3Az95vk7AZgP9TreSMfQXaaKjGyt5STddErhAP8KARHNQtlMQWp65Wf38l7uM4r0Ros1tHL2ciEQkf92kMI5I3cpYAXgOACdVo1LetbpuMw45X7OPfwIEFhAahrWNjjZU4-f11YjcsoFfuiQKzGJHBFjepWZR1f3o4dub9Uk-wIxxyLGamsAat7vFmiNsJ94k0DFNE4_mj_1hH2CxBtGMePlBOM3qjIVBuFJ-rDRDjoHw4HKjv2DhRpVaugcxhidrQeidVK2iyEfWMN7xndfHXT7Eqi-S-lBDMPkveCpsgzuk1Jp-LL4Xpi8H8WH_Y35fX5OxtWTIn4UUeYxh8Vo8dzlysTsvIx2zF-II9NObKIG9C8LNE4ZlnW4W6X0M_Wm6aeDLJKz7GlNCQxsI7G&pr=67:0.495558&cid=CAQSMgDICaaN1FIA3kbwWnWMfqhTCxcqHvQSsWHLOYZBuVgQ6J9xFCHkV-_h3lmTij4JpE-LGAE&dc_exteid=31363022444683217617713225456212346&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame C9CC 43 B
394 B 41ms
41ms Image
image/gif 18.245.60.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=c15ed7e21b7d24df7cb2
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-107.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:38 GMT
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: zJDi7rbTPclvvCSQCKTPQcajDJs7pNdsrUfOUe4qXXlb9ygTuzoupg==

GET
H2 200 ad-choices.svg
static.yieldmo.com/images/ Frame E304 699 B
1 KB 318ms
317ms Image
image/svg+xml 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Thu, 16 Nov 2023 12:35:59 GMT
via: 1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 54700
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: private, max-age=86400
x-response-headers-policy: static-yieldmo-com_svg
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: 5I6GQvOiWQZeriKgFtc9q66bN_PaFMV2aCQBnjan-zmk0-qxUqts1w==

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 453ms
452ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:38 GMT
x-amzn-RequestId: d9a7260b-7710-cbfa-8477-c291d18ca652

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame E304 133 B
569 B 181ms
180ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: c5f984d0c66b101699ad51e4e02f3e7353118c0c1d30776d42095ef5f4f62c0f

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=42dd023652fbea36ad479e7e76294fc3636a7a38dda1fc57e9a374aeadbc267f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 5ab16b593cea7acdefe9e1aa53111c6ba6a63f7ba605cc52d6fb90afaa3a1de7
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034738Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:38 GMT
x-amzn-RequestId: c20e27b8-ec3b-a893-9fde-c3224aa7c53b
Content-Length: 133
x-amz-id-2: qUAsEy3QWzyj1GWHD7xwB9hNH1zaLlRaC0O4iUyCJNovbqROKHuWAT7BRnqJPDz/8ckUXRbqvYLsyC3XbUI6fo0AvGi+hQDD
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame E304 0
470 B 346ms
346ms XHR
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=7342134550923564497&plid=2521236318193655889&pvid=3408583792617787336&fmtid=52&e=16&rep_meta=8vWBwGAh266yw2M536u2KGa-MVQErRT-TJfImKZSejOqZ2frvEShz6BXN1Pn0q2wbtpw2PjkJmYzFNRZ26qfnmHpN1AbUyQWjVzuTEWEN1S81MOqUBAHH-AMLYrPZC_yeU4fnvOcVpXC7FT25R_eoK7TvSX23GUkxl4Vzp7DNbyz-chZUWGh2yimD0zUncxETQ11p7BsVm-yA10v2bNbg4dz0cNY-1HAbkNA6KGNUQIHcv-lg9r5PEKChPucNsFp4dZ4hcNvCBxVwBKxySXRQnGvLsbB3wXBDLNxWUPxDyfpRqu1zAGDhqYzlGLXR-O-eVBb_u0xpPmUKXnhSa8HRExJ74AUA08_j1N--bIzhDhUZCjG__Vz7J-ccg8y1eQ0lxDLsb3TDkCg4fxmsX1490PIJIjnQVE0te1vH4dWBRQ&offsetX=0&offsetY=0&pvt=1700192852292&stime=1700192858277&etime=1700192858277&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:38 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BF01 21 KB
8 KB 339ms
338ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 03:47:38 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame BF01 42 B
108 B 574ms
574ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cx1jsOJL2lXXpgR2HMGP6PNYJNE18uakgkGXm2jxq9Qynn9vUWRMtZyOb9nApe_syc_KpaZwXCfB68f1ho_k00hXyrdQ&cry=1&dbm_d=AKAmf-AwStpeAJinBofRHUiXXM_MA9It01HkGLQM5gIkXCuErzzBdbG3NWEmrN67xww5LMTlkefITNoehoOpIPRWBfYBq0yGQAALvEuGTe-XiLIqtt31wTNcoVTSuNOokqX4uCaALAo30vxMKqt7Q6aKtTUacs1yG0nfzsYck6cOV0IYfgzN0vYvTn_SoSkyWBcEsZTUO9_C6Lcea4uoXuVBWcOvdewpWi4YC8V8EaipyTrvqG76UNi1AOt6u6WAUXnrTrAzXKvtw_GMwanQceDvT-aqbtP6Bi7vjM8Im_ffTmNXiUTwmCFLLsW5PjyPE8eNlciW100eqEuu2z6gpeu1q6JWusLYASIfHp2-QVC4cuOxH1kPgcYDT5ip6wcmtDD0UKCcidiSGnIBLMAkuUdkvyRtoLt65AI3YkapKb8HQ9qtM-cI2XajS817sbPciLD-t7TAqswzjOA6mcr4fJGHw_UtaamTBZFuC-bILuhDXMRv6KJjahXKSyb10nxo8a5DP2QlHXsSfhJYrQAXzeRGzP4wIqMCMaqkakvO6j7uyTsS0nZyYIsB5TLi4bU7WEpvwRwFQsN7a3Cf5YjQJF4KZeFgR6R6x1gcignbaA_ieFU3sbhz1U8M20NsWHSaJWVd6nq3JZEhPy-9cjmasLsANaSqyOpzkzwOFXedqT5m4H3AGLTyrAWQ7jJNJNn2D0T9riJ4pIm-Sffl-USWOB8z_MQBetIRrRc8wNgA00Z6hlHFDhqTUUzJrm4PveRLhNqRRynv9q5LWkaf8kqenesAqWqvQpGsd-WGxdIY0ndR-eZW05FAW4BaAOUCm1DEjb0jUdjy_4AhBRi1gGIQ-mNTlQf0MWr7ILtd_Zvwye92R0qdwujob1qXsKvQyGPYFN27jSYzUpp5Ox16ZLZ2OjmZZGaH5h5FTNFTspgQN9LozG4JHNTu5jP_Mlue3kCt258o7hMuxmNQUkiMguW43xDFvcK6W2Iet8fkNoCrI1mS_heyXLwSLccCvucrsD00cVK6-MDZmfjgUoFewVioYzvtxQve8CJTsjs-D_Ydj49xK4zTP5RmY5myK9FyxNdQRmrYFFY1fIm3GEfzwe80YjuduEXr8YX8DnM7xt-FP6tBKXOi9Hyj5J0MDuXEgJ4bn6lenqLPKwstkjxgbCIOtytIUYFI-_zpYDtHWVVzLDqJckFs7zx3fsZv87kZkhsVayOx_tzy5XjZcBrqyloCJ6q8t_Wr07q1lBNASTD8Dr4FjHqFeLFaoO5bP65bGtdFjlTfd2P0EM6N5M_JahQYROS0q42mwtyKB2BHWUbrVVuBMkpwf171qLCmBqcIdehDPSQGFU0Qa-Y5EXRsbQfPaQXvrAEP-l5DUg87jNIYrRyaaYJqJaSKKyd2m0PaZ5bEwrKi6RiC9X8qcIPuxl9ACs4lTZtrUXzguoN4pNKvnPp0vIGpGRBDF8emaEY2yeaLJjUp94DkjVaV5JVgyNMcEiLuDM4hBRBWdmSTxVF_8heNvw3-BC97NfUsEGqCBzu4zsl5As1Q6RBJhQQv8cdbhZ4pysaaOx-ZQR2WjWnPW4g4OYET7XRvDOD7tR97ClvKXpffZZz09UGsqz3U4BRuSXvyqwWZM_NfwlUj1aeHP3oquKF6qKxEdlhObGxmEDdock1yg41NvU1X-jmcAZJ91j3kOV1p2VnZQYl1dOMvZRQOY4oklSN4b986DFzwhXI1WejNVGBQiNOajwCrsqpeI7z4WaECLMaJtrabS7OGAQg8C_VaFSJxX9G0EG09Ij6v_uI5a-HMpzYjAL6XBE57M1jiKmhUAa6r-xNkj9J0_2ERwWA18YJOh5TMkZIxB1SUM9fEfsfMAQP3W9UvWcUZ0nK4TnYF5atx66uVUnmZyD4dQbkiI1QOYS3lnkW4zObw5jfQiM0XwBb3qdduMIxIhz_zf46qLn14W9qa7COBoyImfMIReOfCsKnzCLdGG3o6rz22rPZhzr5zCwMyag6FHdPiGVjiCOHAfa3_0X7IdXwnginrh8qn_mHSwRZ3oZ9ccDOkOUMN7WL-9iA7AZlSk06u44KZhxWVHhnK_peGM9jkkhNiBMW5WtGiVqST7fRorqwfNB28EOTamEbvW2PzF4PXe6A07opBT7HFwGDfKGlf5YjhjYV06sxX4DwsLOVXCt7qnXjVUHm4sJkG8SejunGA7qSKmyMg_Zn96ACygr7vP5-cqGPP3vGYa7juLeZhXzM_OAg8oZPX7usp0UG_YC_Eo6fNyoSCyZRVTIFyn5fVVFgd502a8ms2F8sj01wDJOyGNlBRcMxzs3IOqpCfYIDe6mL85tLWNus5FZSU5nx_ZnvDUEv1EtPcItPgS4T5liZUF9jDvnMm_ZcYy94UW-eKDlXU5Hba_4-cA6TzfK-QM1qM6dJ7kb142NlU5RnJjIqOU6kq5KYS&pr=67:0.518684&cid=CAQSMgDICaaNwIl9yRgOdRph2w0125J1Tpsvj2vGCD10OwXSi24LGj7a40r87MSAVUIjxy5FGAE&dc_exteid=31363022423686321651189619536452874&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 14336708029933577100
s0.2mdn.net/simgad/ Frame E304 71 KB
72 KB 2235ms
2235ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14336708029933577100

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

7944db09a84c8fcfb266e016ac7a94279d69e96f5ef721af7126eb7309fcdbfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:39:00 GMT
x-content-type-options: nosniff
age: 151718
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73187
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 16:16:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Nov 2024 09:39:00 GMT

GET
H2 200 6601812533826162715
s0.2mdn.net/simgad/ Frame E304 10 KB
10 KB 2180ms
2180ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6601812533826162715

Requested by

Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

3b4360ca28098a502944b07600e089919a49dbc89b4c1e3e0437ae2bf782835b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 08:59:45 GMT
x-content-type-options: nosniff
age: 413273
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9753
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 16:17:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Nov 2024 08:59:45 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame E304 43 B
393 B 337ms
336ms Image
image/gif 18.245.60.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=afaa61c96cec1f88f943
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-107.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:38 GMT
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: 8WvM1G3OaxmjK4GlU-dDpAhxEwvTB4IiSac1E6heTs5shxcS7KkrUA==

GET
H2 200 ad-choices.svg
static.yieldmo.com/images/ Frame 46D0 699 B
1 KB 205ms
204ms Image
image/svg+xml 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Thu, 16 Nov 2023 12:35:59 GMT
via: 1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 54700
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: private, max-age=86400
x-response-headers-policy: static-yieldmo-com_svg
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: qPFpxh5a2xokXNO7nvbvzC8uL7hPbOQYLLh7oPhjV59uVMntGmyprw==

GET
H2 200 1932825149083970539
s0.2mdn.net/simgad/ Frame 46D0 567 KB
568 KB 2161ms
2161ms Image
image/jpeg 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1932825149083970539

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

7c4d036744b5924d2befc18881c2bf44bc51d342447c4ec4879b322895396b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 16:50:10 GMT
x-content-type-options: nosniff
age: 298648
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 580804
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 12:08:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 16:50:10 GMT

GET
H2 200 15565192129263080682
s0.2mdn.net/simgad/ Frame 46D0 21 KB
21 KB 2160ms
2160ms Image
image/jpeg 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15565192129263080682

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

dc67c7175776c1b31da1781cc91a864609b0352b874b047dd88af5873487d8ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 09:13:06 GMT
x-content-type-options: nosniff
age: 326072
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21217
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 12:09:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Nov 2024 09:13:06 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 299ms
299ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:38 GMT
x-amzn-RequestId: da2795da-843c-dbe5-87f7-714000023ff8

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 46D0 133 B
569 B 180ms
179ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: 6102858c2086f07a8500c403b1a2554653f2f4ce6d4b59f7546d71e97bb71189

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=a37152c18b6d11988d442161d4f08be8be88e6ad82ffbef19212f6be6b913d54
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: fa70b41842d2a27aad53b939d299fd585b85f7feb93f927680ed26d7099425b2
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034738Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:38 GMT
x-amzn-RequestId: f9df7447-14c5-dfab-a40f-90dda56f43aa
Content-Length: 133
x-amz-id-2: JDQBCYAK5ka3Woh9YYfhEnX/YHju9iWPEnkeTSYhQngHg+KmTJOMh+F6vnk5u4YCj0CMiPOy/JuloT0zfdgvVwnibQX8EO/E
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 46D0 0
470 B 302ms
301ms XHR
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=3677528976057663591&plid=2521236318193655889&pvid=3408583802147259143&fmtid=52&e=16&rep_meta=QOSSttprBvD16yQ9euyC2Vf81QW3rW6aNMucKMTr5Q2hLwHdrvCZr5_omvuQ8LOd3_SWrt_7I5o9Q4P3tnPowPTmykjXqtSbzYPANt5alq9YdUabpWayGbwpvRGmjaVBeP1Go8zAcirLkFFxkrzZ06IhBwSZgpwr7gbVNJHc1SLxnxYqf940YgL6mG03Q_Cph6psfURyQddEN8DpG9ntiJHQ0BhfByUHN9DM1RYainsQny4jWnR4-JqORhcPchOZ67NsTDh-bHuLjqT_e2rx8aPY4UHjEm5YSMkHlUbNJIEhcybP0wKsSNeWXdmHIBjbo7E-3Tx0P_BuJ11S_8eb7vIas8vKkaS_gIliO4KXa_2F2PcQCs-q6CdWrtmI6u67I-vpt9wo57Ga2LhBvyvsVPidQdL9VQdD99AVPTwXuGA&offsetX=0&offsetY=0&pvt=1700192853428&stime=1700192858430&etime=1700192858430&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:38 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3689 21 KB
8 KB 574ms
574ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 03:47:38 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame 3689 42 B
108 B 236ms
236ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZw4kwUcPueiUKaWatY-J-SQqPofZvEaZq1V1IbuoteMV9vo6FReFQa3EXfS6oirpqWqrEWTLCQrQ7X-9c58Yb8bhWIA&dbm_d=AKAmf-BO_OYVVilVzk8vRz7pNWdqRLewCuhyPABazOzakpCvbgLMXjHs8KkjFZnuKamT1Z78YqSY86HD95-H_AOa-H7_4jCgW2OmpFhGejQCqbEXeG9rwORHp6rk6zMEUPaGr-1IcFOaeeaPSxh3jgwi-sh3gBXxFXiz0LiefSa1OnHiLv0yUjQLqeLbymrVFiwy2WAZo05MX0qfZM4_YJi-0CKXm5ysnIm7qSwrIUlvkQoG9MyNuCWR4LDhMJSMT7SSR-Q31znjJtj7z4a89555O9sL8x2SVCtkZ7PifGnp567YrB5c3hVTUEV7uRNjVIAFxXSG8GPPyARWVSGsw7OVSPV4JtojDBNCwxJQGEiWjVwcqd3RhotTawUcSvbNTJQxzBAtYl17fD4rLtMOZWajdszPuuxABwltYDWJSE77tV_4pFSCzmT684B9DKMUgLFRceES2lTWGdLrc0PL4en5r8U_mjZwDckyiVIOh4IhJkZBCZJtAX2SJezEdhIp9xgXK_vh0VjZ-aiPx1KB6nkV-Ee1QWuy-zifE9YNTlqPgMBZ6t2bPRCeR__UuUpwdCz5TeVPWu6ITkKsYPSx0oMee6isPPe7ETJ62PP5woN25HM4nDc1oTtM2eV0q47-PQvlAq2vHlDD1q2DOZvWHYA9y83XId4uomxqtSwwy-xeXpgfrmkt-GxJ-VWSfS1CL01G2OVGrbQrDptpe0lcEAo_PpH2De8ISdGf3ThdT1RLv85nZ_qo-p1jz4AWV6rfBJ6g05VMDDy861IcIbbx1pl-Vwk2y7WkxQZ6L0GoENtE7sAgaJv9ZF5HkpaumSD0WjAFM2CZ6R6yRgBlAtjnWywh1JZZ188xPpkTLxm1IHCIIyQczSen5tPbrf-d-IJdx-r2EDfsX7X1WBSR-MGzrUU7PXluPElhGBXH4Vik9uMrWCBucdEtqDBVvIYTLiWUBb8zUoFHhpdEG3TUtSc2MZg3lsZ4UNe2ebvwHkU3mhAaV0AtVmO7VqpRb4m3WYLHqgOgHAjYQLoPVJr43ARTAb2LaMieMlt9rsmLpR_SAOMAvhZ-Qtb9QtDE-3fa3nZHmVLwsxXrvXSmUlJAUwFsVm4m_6Eq7K-MkwRKZGVxzQgU57Fs_BrSlsLEY00kGSIaoNl6JNhEVnBghghR_pTZE60A9LbamFQ8ISc3Hof3Psa7zCGG0x0gqjiyJ_pcKLF3BebV1VzSpXsQRKiZxbda7UKV-2HxJ2JSOwqi1KV7yZQsQnm8abDgblkObhA2EyNPHGqbz5LGJ0DpR_H89c0RYYbDAvizU8dPU8tcC8jSHHK3SxFiRMvmMUewGhoWUuoVoVZuqQj2zBt04kvg-Yri1MRGRrJtuEDaWqR8TLq6_46y9SEYYizZN2BRxTvaMpmq2e3BCTdnsW-NI-uJWjl0tuPaCMGsnbXZa3D_1oZR6ychSnDNkf6_SUH1mKPyBEaDzal4YUZCLiEJo3TGy6fOhmLkmu9m_K2DIN1__82b5DQJcGHbucqiazLSB_Aef0702byZucTcYvL9ddpQ0eX35h4qug5LxTAmbfLf3JaK52xSadn6lcJ2cBPQm4RCFJNyVQSygj4Wjq0SxuTEbAMyKn34vHkazX3riOGXYeGrvCStM80FVB53ea8U8fgU-hi0S6B4C_7c4Ibn2tDOux_4D5YYmawHs9_Y4G08IkQuRAEAuXy38R45qxWrsuOGTKr4EnfCYmCqgRzONMXhJ7MVYh-2QHanJZAteM4r7LrCX_tcckFs5BEhnfnEqmUzDFc1YQ5i8_2Z-14I9vhnR7tActMd2UCWejIInx9HQgwtVNo2AUAzPW4JFgphSyUNOEczc_q4ABHo4WGF0pIBS0RYTuluSFu5-RVlKIMu_7lMscqierS9Sr9I-Z3sTRs3ba6URGSqWCF6GTO-5eEMK17T3rfzfE62XHid5f9k4w2k_FU1jDsKMvDHXPHuqbbkwrnqfuIl8uPMuJNH5d8mjpFCY9TI2SZIUQa_QCPIvumVtwZdVHPa6cRTO9kckZZctM2jQ0mOAeGSbXNVcDH0aTR1vuU_PqV6QAwvPvfyCdXYrceh45KDw4m5cEckfFSvQP_dNkWc6C-xiAquf1NC8ZJhLzBQ0gSRSJfxYfW2iRIwhlOiDY5RqYFpaUz8T2AQOHtx7WIvrhYi1EXe60Q8bwBOdnPejfN5IX-DWkH0i_gJVS_4q_zba5lgy08f-OJJYq2xmOKwte6QwSqbhk0iqpfl5z4dLi52EC6LoywDWSnyN81r51whXI_WimFgpkKiFA_2GiIrbQGXLKm5xsYdOJpMzMN1nM5Es_lvr1lVxh9Lyjo7luWZI7M_MICFcM6se78STRXbUcufC2lqny94dBzr7ZFlxsv4m_AG8mY4enEnUw6DmOzUyw75KBqd3L0cnIBVfZNyXrnRWOAsNLylAqV8wh_xqmv25bbZl8iMm45uKT7B9A-CeKNh5ZZXDzcmb3OEDsfX7LrOVi7_9Xpe4TskpSl4flmMaaG4eEIz8gWFtyjStzOEkvB2zon0zdUGRmT8qEcwbQqU6c3mljohUAutfLikmttzomjs7hTUpnl0mHCSkTADCOzaB8P5w6EBxLC2ZxIqbtyOjxzj1zKYRm0CSYQUTTHU-IN9wm5nc2JFY-48eb19x91LZ6GI0sqa99eINxZajzR3RpsB&pr=67:0.495558&cid=CAQSMgDICaaNWPpkbcrHHvf4m7zqui-vvJTQxBUQDKfLsDDvD-iN7XNCWgpUK8SY0vbuQ-XvGAE&dc_exteid=31363022444683568105792091220863073&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame 46D0 43 B
393 B 290ms
290ms Image
image/gif 18.245.60.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=948c8e0f44eb773599b2
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-107.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:38 GMT
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: arhriT-fpvtfiFczcxbiDPoEPHErq7h3f50W3l5TM0udlOhdMMwkEQ==

GET
H2 200 ad-choices.svg
static.yieldmo.com/images/ Frame 04A2 699 B
1 KB 115ms
115ms Image
image/svg+xml 18.245.60.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yieldmo.com/images/ad-choices.svg
Requested by: Host: folkd.com
URL: https://folkd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-36.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ukz5ZHLPgcDoG6SlEGbKyNIwGl0_QMqF
date: Thu, 16 Nov 2023 12:35:59 GMT
via: 1.1 628e5146add9b3daeb91ab8792398818.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
age: 54700
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 699
x-amz-meta-replication-status: COMPLETED
last-modified: Tue, 27 Oct 2015 18:00:31 GMT
server: AmazonS3
etag: "f5483cecc2fab32a508cf2b5e5b94abf"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: private, max-age=86400
x-response-headers-policy: static-yieldmo-com_svg
x-amz-meta-version-id: smI0KdhlAdY.1IFWTq3aCHXjwPmdIPiO
accept-ranges: bytes
x-amz-cf-id: hCvbXQY2coZ7RneakJJd2rmw7H9vMjYMcWp_0gaau4q454fGhHJ3Eg==

GET
H2 200 14336708029933577100
s0.2mdn.net/simgad/ Frame 04A2 71 KB
72 KB 2698ms
2697ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14336708029933577100

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

7944db09a84c8fcfb266e016ac7a94279d69e96f5ef721af7126eb7309fcdbfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:39:00 GMT
x-content-type-options: nosniff
age: 151718
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73187
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 16:16:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Nov 2024 09:39:00 GMT

GET
H2 200 6601812533826162715
s0.2mdn.net/simgad/ Frame 04A2 10 KB
10 KB 2688ms
2687ms Image
image/png 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6601812533826162715

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f198.1e100.net

Software

sffe /

Resource Hash

3b4360ca28098a502944b07600e089919a49dbc89b4c1e3e0437ae2bf782835b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 08:59:45 GMT
x-content-type-options: nosniff
age: 413273
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9753
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 16:17:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Nov 2024 08:59:45 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 155ms
154ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:38 GMT
x-amzn-RequestId: fba84493-1023-d8b2-a678-a009a18944b3

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 04A2 133 B
569 B 182ms
180ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: d9d727f4581ff22ce33329e89199e0f1a6142afb436209d478e0afc4e82bfa31

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=137577f39203b3b4c91bd28ba6289b428543f86cc76c30da0c8f330ddf9c8c23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: db59f245af3089f8dbb294e491f3d8764959b66cf5ad433e374abd0c4c99c84c
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034738Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:38 GMT
x-amzn-RequestId: cadf92fa-d8a8-8bb8-970f-76605c966fa5
Content-Length: 133
x-amz-id-2: 6Spsk6aJXPxopCog99Af+hMj6CNt1oJppGdQBaZupqXF/mbGTw3owz127FUlG6t1AL2FkR9HlX2Cq8lNc3gnUv9hj0OCSnEU
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 04A2 0
470 B 104ms
104ms XHR
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=r&v=9.18.29-541&imp=824321474508510258&plid=2521236318193655889&pvid=3408583802122082733&fmtid=52&e=16&rep_meta=67blbcalxOfIkrIcYn3ui5iXE_eM_bvtoAVBPm1CC-Qll7C74WaTRrQg7R8SeiDI70ZB6qnxG3Jnb47tvcYc6HIWBwvnWqtmFZyO2eDzE7o4aUfTr5Mu71sBQ_yo1FCE0mLCZsm7hSITCHRzFMMm56wYGr-b8RenbOaulUkNZIPyQOTnqt4xhQc36ljqITR0m5Ek_2sduZB2oq8Rz8r_tPMMaefClH9iHi35mPAhsSK48xp3z8mC_4FfxGjwJRzeycErhmw_YieYePhiwPwUA5Dt-UDpZfZsIK_dgpeyTU_wxcZI2cyp5da1wvlPf5VBmMu01W8zL3vAbXx9JL3T_egA-h-2fIwegrRzYjsxceI-G2lTFKOOiXWq-8wzDDZuxMThKSlFnj-FS5l5LdHxw7Xd5pr9qclZs0i-ZFYO49A&offsetX=0&offsetY=0&pvt=1700192853425&stime=1700192858575&etime=1700192858575&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:38 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 200 dv3_native_client.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 16A0 21 KB
8 KB 733ms
731ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7960
x-xss-protection: 0
server: cafe
etag: 2243287812070980505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Nov 2023 03:47:38 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame 16A0 42 B
108 B 329ms
327ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DYVmwnoPrd9LNlrd0eN3t-LdY5QqSp3aJFuNA2H8nlI_YbKIKJiYiZgaybnps63HNMqwsusUpFTJwp_DSh6nD-IxBlYw&cry=1&dbm_d=AKAmf-B2sFBplXYtakPnqEb-DdDY2zCXEjgOcAd8KqqqBbfYR2f4O_xtPU5u4_owrki6P6VhW0RTov08f_Gd6nbZ_ZzlLoM8K_tCdtkkEZWvcYWoVf8Ya7yFKLigmrIQ-l-LO1oA98On9DzP-6TYHkllgq3v8f1gQZqE5-wSbGmBFSkhsB8VD5YS5lfY0Dw2QGgd-mZ7JkheeSshSrXs5TyW-V_HlV-ogPv698S3dOSTNMtWkUkHV6qEMv4fUQD-4_pKla-KcWsVr6hJCUEX5JrIFdiWgm8c_jyR6PTvttOR-qfKUqkH9hWWEzYiVpSrPn_XpLsIeEi9tvBuGla9Ly_qDQj6_w7bWiJJVU2FwCycJk2Sjhq3XH8hzAWBQ1uWCRK5TBk9PFQW5MpiTDX4LLb51Ye2L5h89jTzeIB4AqYNxg6eHS_eOqnAC7jcWVcdoWWtGKbeEukHxzvpKDs3uixw4BqlKFTdDfwbOBf0s71bPBmbquHP_mtczoMMUhaY95BIGgeNF8UO_tHf17k94VZXoc56-LaIGc7qfNQqCESmdrZ-7vUSjnDVxKJUx1MalvfIrkDqZ92XM4RhPJ7rU1cQIcWo1NuVKeaXaTWhV8SlHG9aiGzQ30tvIVndz1tjXnKuux1O2L-S9jrd03s_gsBzbKc4QKC2oOWnEUoF-xFQSc78iKUYNorELlBNQ7zXL15Y34oF1_83HJlvQiqOiWlkbftryq8O_fLE8kdkzFdZ3DKQ1kVszBt2lwwNkrAL_itT4W6I3UZ42uoKB60yojI9IncTgPxTieh8VT0-tDnIuKyNNWfluOQwC_NIfasEluXgXtYkNBP9cFpY4dsOEtjZvs5Cvc8re1kOqrfBXIISHTj-s5XLknxUcacueIwMbhYEHx0AERS1H7aL0Qe7mlhjEPCuVajJhS8DCaj32AfrTOnAe2bsE2KCPvH1k85lQj7zhoDkFibylVcfpqqgFOx7MkpI0xF_BC-_EkC4RJgsPer2zWEn1bAIiuWjbKQqRUMW-XlWW0DM2HYYpXxFfB_Z31wTCVw4GUtLlDFJQhfoQU7lRgplEmnjPERHujiQn0UBdCKK8GHmGT7SadNLBpQakG_Kkwyzmq7Pyq6H5lSmNcAmYpwkltuJu-4xoWs5Dr4R9WQfhyo5_DCZMM6RP3OWecoMpNXF4lYzIAf19-ZUpwIXus79hpglgjBWWz24GYol2ZgzVKO-fCsp9GVe-V5xQrI8ltFByUFjHRHsOUXeV_h5I-u0MFC7q-e1Y41YVFPPhbtp67eILZ9C9zMVl5DXmRUWZYacWAGhIHdASLzPXBr1jLoRLy3iVwCsaVsPi68_MmuuiSU0N6-QpMEi7fxVrwNVbitGlBBLirtZSwVpZZJM2uyV6ZRO0FtCuVRdi-WTR4j3-BKpRbAVa5tp-X2AUE1o97-rsU1g9I5WaXydX72_5l2C2lDwlwpl9txXVcKh50aKOCZlABio8j9ZNDycD1tdHXfvvbEkXEbiTaIBQsC9HYEPVttCmdppw_0SAUhEIafKdShm9qKj4P_1HufdmuRDcdCjo7YhetKj0RdcBjTwT1Qkk70HEPbBb5MOu0SQIyHymMK3MdUz93ivxIx3Tv8cUKb5Hkk54MZYtvEn9_UwRKYzOTHla-R7FI3aRq5nIPDpg0f5mGdu_D4OHdHiSCW6aerbi445hMXcad3sym3HcqcFc579yFDcFz10iwWvUmBwxUVzixYEIEn_2fuwiquqZHRrmaEwt_GyzIQUSh0CEdv6tZWgPnW6fLQKidhVkf-uilbTuhoN_ulkb4gZs9FAyrwv56FmzLKJAYllevIp1CaTB5FqNmKniADwJgz6no2_Dc9AFjRDGyfQud_Zo9nbMFS-YeQw_65JqnJ6ZlC79kA76LeZrsm_of8den7zUToncKXZNmcveY8_AW2RHbTp60flZZ81oPIb6wFuUpwlLfIhJovcTH-ZcDPySQOIxGOsmO32iKWwqc2n5qSjEECs2JkesxgKJxTQAY_7-wY0mdvFozyTYKOT1ZwiLyso6oye6fQlF9cuBAc6BhZJGHgfwyG49jLJaE9l70dlcKIoOG7lfj0Qyl0zogaGnNpQpJXEcihi5r9vDrTYRm_SKdrjWCN4qTklLYNlzuMmEQN_APWz2K9dV_2qEDR-cZvN9Bn1IiGFbWi4lvHfboHPJb4JV47OGHGBI_wXQJDsmJr99gOXm0EMRtubbmiKa-Y12B7LolpuQREEUyKsg0WmoX7j0ADJ7T38WBhP8YiySRN-UrCAyfFOf8IXnapNrnILgm4jTUMahphRu9goDPJhPbE3gajIT9DXa98QjBkjs7N-uTmGMbNMJR0mvZwtpPABGkm7tByOlapvPPI_OLsfoiLC_yaXZU7o-eaFtIOjcE5ggZ-v9XsXytaBsl1uFSw2NWaXLUkT&pr=67:0.518685&cid=CAQSMgDICaaN24rAGVA873RjJpI7T9MK5_19oqdu-XarnOgpXSako6saAZXnTX_bTmMJQradGAE&dc_exteid=31363022445271207380015310537044001&dc_pubid=4

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame 04A2 43 B
394 B 272ms
271ms Image
image/gif 18.245.60.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18969557&ns_ap_it=b&rn=311d6769caea2aa2c03f
Requested by: Host: 2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
URL: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-107.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:38 GMT
via: 1.1 69387ca0ad24846d99bf107cb3133bf6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: nk3Cjne0BSyhtbMqyApeQFkNjeHwbUgteqKCckQRFXTWxI5_qFp2PA==

GET
DATA 200
OK truncated
/ Frame BAA2 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f10de3a434eec4e487eec27ae0a9fccf2932b91843d0ce7b6c23cff2abf69f06

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 7660 38 KB
13 KB 34ms
34ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 46973
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 14:44:45 GMT
expires: Fri, 15 Nov 2024 14:44:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 5841 39 KB
15 KB 1027ms
1027ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 213ms
212ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:38 GMT
x-amzn-RequestId: fb2960f9-d70a-310b-a6f9-8463c75ceef4

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame FA4E 133 B
569 B 203ms
202ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: ba6d157276d3ed6a43549de1597b8b268bcffff30dd379a60b33c7b67110faa5

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=91b3e1f5a57e56b8b1902872f15d9a603734a3a472f8155bd24821d772e9c188
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 4fbc1184f207745b440c08a4c3b9b1ff5e680b4ae57af52882bf850e9d8940b9
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034738Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:38 GMT
x-amzn-RequestId: fecdb127-fd58-b86b-a31d-55bd79665c76
Content-Length: 133
x-amz-id-2: z5Rv+d7gqAwYoV5J/aJQ+iE5g472JvIQkhG+to5/jHzhIM+BhnjPxihVTgxLvq9XqhJZo8qeepC75wOdLvdvAE9mIIzZYVBV
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame FA4E 0
341 B 103ms
102ms XHR
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=1514&fver=5.9.26-F36-46-52-54-59-B491&imp=184414632338700827&plid=2521236318193655889&pvid=3408583802088529216&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1700192853421&stime=1700192858701&etime=1700192858702&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:38 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 184ms
183ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:38 GMT
x-amzn-RequestId: d896bf80-bbf3-5ff9-8546-5b1ae90d07fa

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame C0E9 133 B
569 B 205ms
203ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: 1e4c82f2273f3927d3dd4118b9468f232e5e770bfc7ec63453e4b7b199d576b9

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=26454f2d5b9364149975833b8d5a7b6103b9724d0054978b35f80a5a13245241
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 26c7b5f20e3b52b1edb2a0b1c3a54e4209bcd6c694dc9f6a28a50cd1afb7db38
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034738Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:38 GMT
x-amzn-RequestId: e78fcb15-1b2b-b917-ba5f-2f8f0b7d66e8
Content-Length: 133
x-amz-id-2: mHm8XK5D0tNPxKJ7GT/kmEFxrmO6NeXStSt8DaBJ7wP3TTOIxG65V1P6fnRKl5ffV8GAk3UGHs1rjdsFdvPufxkdaxqOR67/
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame C0E9 0
341 B 132ms
128ms XHR
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=1379&fver=5.9.26-F36-46-52-54-59-B491&imp=1688635750682958426&plid=2521236318193655889&pvid=3408583802105306446&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1700192853423&stime=1700192858729&etime=1700192858730&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:38 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

POST
H2 204 collect
region1.google-analytics.com/g/ 0
55 B 91ms
90ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7BR5TDFFPC&gtm=45je3b81v9135293448&_p=1700192850453&gcd=11l1l1l1l1&dma=0&cid=1635225448.1700192851&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1700192851&sct=1&seg=0&dl=https%3A%2F%2Ffolkd.com%2F&dt=Folkd%20%7C%20Home&_s=2&tfd=8734
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7BR5TDFFPC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://folkd.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 288ms
204ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:38 GMT
x-amzn-RequestId: e1b64f82-eeca-909e-bc66-ab18d7b7e5fa

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 977F 133 B
569 B 251ms
249ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: ac3faba1f42e1a33169f016cfabaeffcaeca0125642beb103a8e2282c593b0a4

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=8bda6813e968871f361fcf29636e3abf6bd212587ddc74c98c22266e1812a81e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 9d0d8ac701ecf83f41aaee6a32a6df74c74cdbf008ec4e9eecbebc7c260fa5b6
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034738Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:39 GMT
x-amzn-RequestId: c8fbe680-c03f-0b6b-952b-021bf9427e0f
Content-Length: 133
x-amz-id-2: E0eoK4gl82kw/69XMwtqXiRKPcIOQSzs9z37owSkpKb4l3hHu63ov1+uvaJ0g1y5+oNpEpI3M4P7JPk7nb8EyyEElZtNKq3Y
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 977F 0
341 B 140ms
140ms XHR
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=1261&fver=5.9.26-F36-46-52-54-59-B491&imp=3313924244940459937&plid=2521236318193655889&pvid=3408583802247911891&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1700192853440&stime=1700192858778&etime=1700192858778&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:38 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1471 13 KB
10 KB 827ms
353ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a1f1d3e09727f721a47b4f313223cdf962dbcb97a9e3fb375995036d279d40e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10393
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CCFC 13 KB
10 KB 582ms
122ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

83cf914d1f57de30a4ada3f62af1f9399bf5762e2c555a03ccdb1e8ef01a0780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10296
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AEEE 13 KB
10 KB 1074ms
627ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

18bdc55d438569acf0a6f49aa446ca4858ac2d12ecb2adcddb32abc9bcb72137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10228
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2CE1 13 KB
10 KB 1079ms
635ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

b090f1f1d5f6508490a4aa67a37d59f61d8713da4425cb788a2bf47cce35dae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10425
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3D06 14 KB
10 KB 1071ms
637ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

26e9d238e9ca051911a318bcebdcac907af217c41a4c3cb8de2f32aa5286bc22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10488
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A790 13 KB
10 KB 1011ms
633ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

772e7739d967ee911f3c2f18615cd519b3b3bb9769bf05626234ee5790abc451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10177
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FBDD 13 KB
10 KB 867ms
492ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

721410374454e4914d185680bc1d39b7bcefdc1f38f3b25983b91e64b78a9c85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10313
x-xss-protection: 0

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 7D09 133 B
569 B 161ms
161ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: 2f1653be34386ae1da00995866507f8553d80185776132885f47be4339a0789d

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=cbcf8b4bdbfcc3a270f008f34724aecc27041286c2623b097e3c97b760937e9e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: dfedbc4f1f4778a725d12dea4b966e8c2c4f02e40d7c67615326349562eca19a
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034738Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:39 GMT
x-amzn-RequestId: e30491c2-efe0-8a6e-bed4-7559ffb65591
Content-Length: 133
x-amz-id-2: JOMSldiTPXIsVhKfAR85PPW9PPPyu245DnFFRFbbkZfVMOeeVdPJ6BnmsB+VqTfy1csWl7ml052WPeH+Vb3eAZY7+0o9tQE4
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 193ms
192ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:39 GMT
x-amzn-RequestId: d160258a-34cd-0ee6-8cb0-c1119251634e

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 7D09 0
341 B 86ms
85ms XHR
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=1304&fver=5.9.26-F36-46-52-54-59-B491&imp=5149024010350374005&plid=2521236318193655889&pvid=3408583802256311078&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1700192853441&stime=1700192858982&etime=1700192858982&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:39 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 19D9 0
0 188ms
188ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst4cT9YZCoi20i3CveJedb5x-mEGqKFK4KaANmIC4nPMt1vV5-mu_GOnGOy1YWHqFsF8fG5pExB_ejQ9xYjSEegzAsCXFZTrI6Yv_CtED-yvu9Lu5yXyN89_dkU3txMrf3oCSlD1TxPeyzAIozkxDEpAwK9FmTQjCVVSxJ4klTbU0Cid1zwqcBHQIq6aTJ4rszH_7MUY1iKPRerhiLblcJ5LlRIRsH-cPBSUPj_G1tplPjRscIeBYIFoDea83sNFYYq3qeNRJKCxuGf3p3Y_2CfemMkJgWUlJ6bQITzgjis519U0yVgOKNU_bSIj9eOmkt4CPno45-vPOJPrEALDLMT6QNCUo6JUDhQrEEvyazIWy-Cd2kT-thqcCmNLo7r72wwH42EQFlyo8-9N7nJudjLRZZ8eSouh45lY5m9vbqqusxIWRgNERhBiqCaFCL5C-XbMNqMSZKTPlLMqFi9Pkx8jkY79Ov-GIfN-v-wWMO31aSVtLD7FR-fFvQchvoEol5lb3IgcNZt27ez5pmN2MKEgsfUHfluUrBiyUwVZP8B6EZoHvX3ojh161sqcBIEbo1053Mhz39-8CtsfmjUeocxbievpEEESpBsvQpWe2GbOUAsbtKmYHUFXbrHh2O2nY2Jy7sYYIoP7di9ZlOiUJU5JKc2q9uM0gTOk0sNrhRId3gbwiGvi_F3XhGTqMN-a-c0LMKyUBAk4_3i1EKDA22yrAockMV9FipdXSqZ1k8tXSNNZ2AVbDqSlrdPdZ87KOlMFvB1OqPtwyUFgMwGRiyL4fcczRRCSjGD-erwryJqvcwMynWDMLogvLr3W3vfYudB9jzwmV6JG-AAL5N1veD55WKEbtlDjocWBRPGByxv6O6sFeqOI6oiH4TqfWjBNWS5NVdeyVYotVzVnFp2mrOqW4dYgMNuI5fMlCKEqIWFSOnK4o8L0Vj0MdRoxtCav0BrxMrhIRvm-UCUIE1vTF_ompXZ8nXUxQIYLTen35Bi2FBY2P2WL7nxfE28qg57ZwyzIbECHaF0N-jV6LYk0LVQyoGVYbTvW1iCU5zURxYaKXJ4ufdUffvkSuzJYv_VdoiTu69px2IRhxryE7Czp1uf7zS7J6DUmN4NH6ugiEgXQ1P-rZuxJoSC4-o3rR6wET7zVGt_fgoQZ1nTiVnuWKEz49BCOBt0M7eGYWw-PIsq95j-l4q5plxUrxTuHjGzJ2ZIXI5BtzOlDJLMG5zl8_vhLucPV72dvvQbKq6Wap58X9_0phyK2_0Z9CS2zJp9iaNGE49fpl5VI0xjEWbWS0akpJFLCyyijyL6g8GbjFp_vivDuT1p&sai=AMfl-YQe6MDSinn1pj0wJd_V-Kl_lzmFQw-AhD5IZPwcScAi_8M0HrTDJ0wGs4dLo1TvE9YQdXacyCLEia6QchVvFPWg6fBgk1Bbl8a5LGmZ39UxsssfbGfnUvPV-YnV5lUCg2lsdJcoQsf_YC8lQUDr5i1K3NzRWht60BzPBB_I3oRdI_zkmluM3hwXVPT_qrjLPFIaudrqMmk4gl5XO1zQSFYamhoWZ91IeLfqHGaZj3WAwDL3jt1QoZVJallUs8G5Y3zJ1aR2zMVtT8nyJd3Tm0YkiV9wXNMqd92fbGVLZpvhGTITe2k8dHPx3sAl-3DIUWllDlGjnm6n8lLwB0GPs1LqqNkEB2CxiVTarJcMjmEmCxmazxn8n3wq_5ReDYuUv_nf0pnSVwmBH-_YHb1648ewNoryddbz1Z0fdiwKtJgRbCgUPYUemg-h-IFUP626_17-xAojRyXicFAFWRSqP4TztX5MKpYqnGARLcD-VdsdjCkc9dsqPAYFhDHcoQ&sig=Cg0ArKJSzBWF3DIFVDV-EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=5338&vt=11&dtpt=3444&dett=3&cstd=1891&cisv=r20231109.94093&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BF01 13 KB
10 KB 576ms
298ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

c7361bf2f4eaa5b235d1e8af1f5076a56eaf277f87784790c11438c6b818230d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10310
x-xss-protection: 0

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 7660 39 KB
15 KB 910ms
910ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame BAA2 0
0 256ms
256ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuXUGva7_InKJ7MpOf0p-GVygRSUt0udPE2ahmiUeDguA70rRINU79spv0omUL9NzVyPZMNfBQBFyWpKhkv6eDHB30d6KWpTtZP8rL3-eKmjd7Zp5DQ_3pKAFlWWxY5Gtl7I4FZe-gG4s4ls9pNfANkfOFhmaiD9FFxDyhMJMRR_QJHoscCczU1nJOuhixkDcPcptmsTa9uC5QE9bfxv3sckDifxXi-OWyBzn47YSMeoXNU4WWRiW90oLKQ-1Jz7ShEDMeP46tUX_ytMuL8t8o8YtZwnu-zQMBi_EdfX_KQw7NjvKoJcmpjwvDnTsbypDfI0X2ClQmmpYJeJC5psx3e4Nm9q3muj2_KfSEbflM9his1hsjeC_k-G_2jvJnsZ43-QGZcUUsFT7ixZ7AEDl4iOq0AlKh9gPXKVagbX1Gk-gSpzyX9tzpbZGlyGjifx2yzQXEHQ4X6kcl2h-3TZIYuMG-Gi8x8EbUbCnepVze58yQnTa60BokqhsAEstZ1LS7capA_pxtL5rZr0x4IEGTSMIkNBf2V7_JTyj0pJ8Kxfvdjf5O1NYSTtboNgmnr6gJni93LBSbBI7_HO20hniEkI0Qe_3SpliRzlcHL-zhKhVirbSg4cH598Ox2vuxpljX4y23nq2pRRcQ2wgElOftT1urebIkRMI3qqO3NVvWEtEmLcSEqQRu42lqDEMTkE4TPvewOOh4CQ4oTFxyMk2mFjgKTWmdUtY0pmZmsCEz3vMsYN814ikrGgZd4zlK7BCLZ0KDkCqFZ5iHac9zjSEL9RiNzMy7-72B1LyXRBKCylpcXzZalmR6WMUARU1NDwZzgNtMrZ-KMDlZ3a0MF6kwCQ9aUwhrbp8iRMMneRFN_5J-VlioxL77g4pP5pd2mM03c0YHJBKf5SILenWUGoX-dxo_-vwoiWv85oNTMK5kTL3z328s2lANxshTrHIbDQhS5UrzuOz4KadgtznNEUYSP7HBL7ECQtOxl_IXfULhQhneiBredBgtnPdI2NwJq3ijqG44YkcQ5eQDjrHArFlKoJKoAyyIT9NMlqQvMTca2XxHTfGrC_ckG4giOmutYFg6ncGu7jEiuKylM9FYDd9cc3nxPFvePmjzqvfc-Z3tE3NPVjiZmGUcop4kSB3Datp2qtjdkVlwI8LolBH4s_LFWfREX8BxCYrUGtT6M7iXJRltcmpdwC-tzyJSJfAEJtce8X9632EWXSday4gi0G007PZ9NQ238tbcfbPu_Z0EyhPLN3ajAFKKKEBsbjhSdKhj5XV9d5j6acs6DJvvPPGBCpVAjztQ_ikghvQLwq8xCMXIPpVC9qcHpZMdCcqwPgkM_VLyyQiBlgOF8mSlqYhasXd-v4Aw&sai=AMfl-YTlzJzaJH2yyV33Ar71TyncfpGmdsc8_iL7n8QpDS2J7sbGffqkjVp7o-C5An7oH5Jb0XcrjUFzxv8_R37BYa8_Dir0RJN4MCCqF37MQMyisNb7wsdw8InIBT9Mv8tz7b1CR6xriaE95LxNYNV1RjIRNLc87Rx_gzqCg2q3czX242svJDvBB6xZa5eEQwJoE1ktQ0BtQ4fAkzgg4qosEyE4WHpoJJPvNs-onFHngFUymVDBKSOm3cgFq_daZqRliCBrOo8H2iv5WcOG31Jbi_K2QuOD7z0b7QpKqtAXm7ijBNZKH0VzMv6GQEIqPDfRWvuMGUay0quQMjaD9lLoUniS_O-NxNqlBs5LaVLpjIhTN83MBgpM0FwmuSgTZc9D_VIzBy0YPIKwKOG9l61hUBxT&sig=Cg0ArKJSzGxZPiHmcSILEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3224&vt=11&dtpt=2326&dett=3&cstd=895&cisv=r20231109.32924&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3689 13 KB
10 KB 721ms
631ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

719f8d02f8bd460c3d641913d42fc4f655a91ca1ad13e0fc60ead220f3168565

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10227
x-xss-protection: 0

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 203ms
202ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:39 GMT
x-amzn-RequestId: d0146899-7655-826e-8dc4-8c0266035d91

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 1C0D 133 B
569 B 172ms
171ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: d9afc6d60748f57eb361bf9c162a469fa6f6be7aa9ee78127e6c44920f70e838

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=2ff5e31d2527b7a03296b1adba9287af710a0ee6527879de2ff28bac465ec0c6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 9ad02353c97c749149dec1b8b8637693a5083300d070e251c98e1678ff53d66c
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034739Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:39 GMT
x-amzn-RequestId: e5bb9c32-1daf-14c2-b86b-78a90df9cb3d
Content-Length: 133
x-amz-id-2: 9Aunrz9YGFzdR5aiwUj6FFnKCwJHyvS80ZD5BsmaAnQXxdByv9VzK4Ezsv9/rqsHpOnZMXp/EMpanqBE8KD9MBquWT1bFvsD
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 1C0D 0
341 B 97ms
97ms XHR
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=1558&fver=5.9.26-F36-46-52-54-59-B491&imp=3207282136591825304&plid=2521236318193655889&pvid=3408583802189188676&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1700192853433&stime=1700192859407&etime=1700192859407&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:39 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 16A0 13 KB
10 KB 400ms
400ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=dv3n&tv=&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

d318db919419c4e9f79e7b030b2e73990f1a83419138a63cde7b37138230a8bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10364
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BAA2 42 B
175 B 311ms
310ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIv5mT_YOt-P1RkolmC5RmFRXqnywm-4OUeRgIffpgmALWZo54_MqS4xru6OD8XoiP3ufjSce4XKH3ngempiPAE38qGpo_Wy1Sy_RO9wAlKIIyA5RXfd4zIYt7Du7pF6nIk9gt-pIHGA&sai=AMfl-YSsDTfqH6Db-Uo3QWPUBIKy7JgLWgcxkK56ZGjLDxB5vhAV-YhWU1P0sFIaTGTCQBuuvp9YFqfkwQ0yJXtZQccMYW0yF7ksgCK69GZoF0WoJZ6abYShlZ1qWoIr6WFk_Mhd7kvZBA&sig=Cg0ArKJSzHGWqs5l-Zc-EAE&cid=CAQSOwDICaaNXpyEuasU__Yt1-2RlXKU_QJkl0hnaaa6iMqOmW69O0R__19_GXzs6B3X700PiEVBLyqbf45MGAE&id=lidar2&mcvt=1018&p=159,1140,759,1440&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4068447172&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700192854566&rpt=4066&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 249ms
249ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:39 GMT
x-amzn-RequestId: e507cc99-e674-bcda-b8d7-2802df09c9be

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame E304 133 B
569 B 221ms
220ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: bb9a364901163fe17e59e1b8ec3cafcd3e6372fa3f3108b9e550770f1c87c369

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=5bc797a5397ea29281ba3f6bfd10562d5aae24a81b019512fb05df85dc68168e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: d391ab15c4314eee867197f6d972fe2f74da7d11853c3717f387229865868e90
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034739Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:40 GMT
x-amzn-RequestId: c8d297bc-3b97-952f-9502-732002eae04b
Content-Length: 133
x-amz-id-2: hbRsJdJz1dSVq26cdgI0t61Ljd9mKaAX8FIGru8VujULbbDlc++OmeZebL0DZaVlArhNcENi3EyqBG34ggvwb4xvOusn20zT
Content-Type: application/x-amz-json-1.1

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CCFC 17 KB
6 KB 155ms
154ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 03:47:39 GMT

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 205ms
202ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:40 GMT
x-amzn-RequestId: c4cdd374-974c-1797-991d-37e8871ac868

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame B7F3 133 B
569 B 171ms
170ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: fcdf0cf31641215bd3ae6546bea6bac0014aeef964cdcfd9a06f56ff6d8e254c

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=cbbba83551e3e16958e13cd92cd7232ec5f0977293662415364e9e161d10f0d9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 2ddd22294ca98998c04c4981d0912721839d3d5ae71758e40e08084397f6e639
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034739Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:40 GMT
x-amzn-RequestId: d211f098-2598-cb49-8fc1-140435ce14b6
Content-Length: 133
x-amz-id-2: jiffVL87ckC/NpmoJ+qRrWlMgCNlfE9CjYwPz+XhwLX6hhkYMs1nWu+Ua0JY4uAhZTRXOSfywgjLnCJlKBBLbYLSo3+h706q
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame B7F3 0
341 B 113ms
111ms XHR
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=1938&fver=5.9.26-F36-46-52-54-59-B491&imp=7709869598571366859&plid=2521236318193655889&pvid=3408583802197580232&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1700192853434&stime=1700192859930&etime=1700192859931&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:39 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BF01 17 KB
6 KB 105ms
105ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 03:47:40 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AEEE 17 KB
6 KB 214ms
214ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 03:47:40 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1471 17 KB
6 KB 329ms
328ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 03:47:40 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FBDD 17 KB
6 KB 433ms
433ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 03:47:40 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3689 17 KB
6 KB 621ms
621ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 03:47:40 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A790 17 KB
6 KB 528ms
528ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 03:47:40 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2CE1 17 KB
6 KB 532ms
532ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 03:47:40 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3D06 17 KB
6 KB 585ms
582ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 03:47:40 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 16A0 17 KB
6 KB 545ms
544ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3_native_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 03:47:40 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B81A 13 KB
5 KB 495ms
495ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 35197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 18:01:03 GMT
expires: Fri, 15 Nov 2024 18:01:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EB5B 13 KB
5 KB 390ms
390ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 35197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 18:01:03 GMT
expires: Fri, 15 Nov 2024 18:01:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5841 0
58 B 94ms
94ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BBm05U-JWZZTFNpKvjuwP88GLKAAAAAA4AeAEAg&bg=!6Oul66TNAAZxrfrxUa07ADQBe5WfOM5lFAf_U83YhnWfF-BaCAV67JBfs5-69uaD95EFDxXaV32UkaZ-bZcEDplZp1FVAgAAAORSAAAAA2gBB5kDRbMR7eC7usi9Ka06xv_sapViBocXXAzwEIEsTxnmQouxMj2oEpAiKPA23mr3nTqktoHDBOF0nYVivbOViW0o149w10H2l_VZUPpvlqJ7917XQ-KZq4mnDGY9AL9ckDfD4j2b4SxiYUH0MB7Y1tqV5eMFfI30sYjiFBTqaXdhZVZUIclpz8s1J4uvtEl19_JFm5DMiflomkHI_nOttENnTOjMXQSJnAvqRX0fart_fz0o2VUHF9Ls8CcAp7VpMZobk5yIZy7yxY8VOj_dRBp_Q_FUeoQaqz3X96e89o7OsNWyOhvzKkgtmSqMwFTZxwgE-YbaiYBa164k4KHrroVMPtJf0ghyzQLGZfjeA3S9efpY8DLjyLatT-Fk75Ec2X61_VsYc7v-DtEQ6AF56RUKtxgY6i_ISjkaGdxjxTI8-IsWDkXUPTCRav-oiwYN4Zt_XAZRDVrWKL7iGYOwOgaTkl_kkd8LXLnGEr0MzvmfDKD2ZrbAl8J18Rn1iy_sJZ36-L_r58WHHptnM-9fxplC4lqz-BOGz0Xpe9J0lSRTbecKhimkTk64JBBRhZx4t8B9IaTQmxhZiGMf93eHbqpXcy7eJN1LPpCGQUwkKmTYQAZxAb5mWKLutdKPprl2JWcOjxufk6FOcZpy4QkCbXUjvqKN784amtSpBchGC_bGaqU6CLJJ52-XoLjyZnaHg3vv7CjK2wifhQjl9XarfaBGxceHHRsNDoNVjQPsE40CQ2DnJSCrgUM0pWwj2gGZsI9rVeDf-0YdctqJ4TLCwaTZ8tAdAjus7XJr3mSPTtbz80xKO2V7JmZ2FjG1tP2cKHscJiwyyNDfJXlQmjJmAx9XNbSXSR_pwQBk8BxQjQny8KyE-1z6uKNgvFwQixBPDaDOLrpVDDaycPTlS4bvky7WnbAwxFI3Xg0Ezwrx15bx3RKH5XWAFbX-ss9Vo-9BVTYVC4pPjK_gNBLOtkkS8XiWIM050rCUw4Z0__JHw3DjwgslKO0S73CY6dRZlFyrIHSinCtS591KyUuzMUcbowSffFK4J2SQpYHQT3NzD0pzuWOR_Eh1U0cEtKNt5bIOGRAcTL4brEEt3PqBMGP2Xovc1Up5IfS1gA

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 34F1 13 KB
5 KB 351ms
350ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 35197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 18:01:03 GMT
expires: Fri, 15 Nov 2024 18:01:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7660 0
56 B 191ms
191ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BucErVeJWZbq3LIGlrASDypjABQAAAAA4AeAEAg&bg=!gYKlgs3NAAZxrfrxUa07ADQBe5WfOLmgbJZGZqevHU49_vI1DcksrNrZA278BxuafdsU-C-r1XYdG1xX1qT-ffG5wWmTAgAAANJSAAAAAmgBBwoAcRLGFX5HLzgj_BmpqB_BCEeKp5dmJEjkZYjdTl-yY08FA6-PeWkL2O79hhvTRJGvT9uBBm-B7V_SQrChuL8HytTspMjsZCqLgJQyzvyXLfoIVYkcd9IzmD-l9-KLaNG9yYfrtbx6LDQ5BoYJBYRT3zcUmQL5mT4BYPHiWTPr82zhwaR5FQW3BcWss2Aar9eYzZi_TqmPD8HQ-ZVN-uoliE8ae-5QHo8XgZlxcq8wbbwf3JSKs-eQuNadwUiNGDXJlS3RyjtnR3mRfXiGlGm-EcG-4cFRn3I_0FJDnTZapXVIuECxZyDpIiTPji457ZOgeQTUyPUyTQvh9dQp7xN3-SkfcVLwM6sqFYGIZR-L0Alzql5GrrzdqZpH_VFcQ4S8GgVc4YKhX04fuQS6-17CggZB6Dc5XPOeVFHuVrqPm_boAkrt1GKsdnquNNTWlNAPncvzdyJPqZuXnEX-ZcxlZgVPJbcmYMEu0e0zhEhLIlQlGA8BhbFcEqKN2pIP3MVckSY3jREk4E2x4S3BpSNyGng2__YupGoPB44AMNtezRyi5G_wMPsRJgFHSsROOyTOSv5qrKDRWXDrW2ds8LbUmF4Q16BgBdN8tSAvcvSt9dggVJpDTcLVBJlaM8qJHRF2A1hMnI9E_HfjMCK8jyFrpDl7j7MOWYI8UFKdffB9rbhn0VOLoQekcBWrXAhwCOKlhxizBvGIg2Op8OEhzPbIq5rbyO-T4EqXw4yC2suxXQ3ezpJArcSMNqS5gvUlSchXhPARGY0iUTgG9WLPL1IJKdErB8AcV1rlHtNjg2acfQjbIANF8oup8pvRGvuBHu9kB_vMOMhTfjKNDRm2GeFgpLIRMb3vTxd-TP9seSWlaoDyNbAWQEUmBftkLv9EeGR2-Vab9011mh_Ahp3Su4GBFr6mBYTVzSjWYfVOQ8PmnXL8LQyrWjz5UT6fMob93PMVmPy7pMgqZiCez_26XR6-6S3DKjOklEJzQUrOBWwVCInJx0w28IX9O998IJjfZfYPV5d4h1IjS5qNqU8BNJngP7zNbWEGKtDvwgQuBXPBZ2Ev6bUKqCTk11xwUE8RryAFIiGAmkItsCbnxHlTjOlq9LyZn_6InghnULoN68-PHltLT22ESYrFx14av-RRONr1Id0Rwp-fAy6AHOWbVbM

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B99F 13 KB
5 KB 220ms
220ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 35197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 18:01:03 GMT
expires: Fri, 15 Nov 2024 18:01:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 180ms
179ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:40 GMT
x-amzn-RequestId: d39f49c1-c09e-568e-8e4f-ad5dd0c88971

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame C9CC 133 B
569 B 176ms
176ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: 963320e82443391541c83a19693d90200300cd6ebf2789f6b6496732396d7d03

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=5d69b2c1aaa4bbd8c2f9435c3b61986cd48c773358c6d88c05352a9d9323a6e2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 181933f7ad14bb40bd576131b369fb7dd1a10e23ad62237fe765c8374b386624
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034740Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:40 GMT
x-amzn-RequestId: f6867b39-95fd-213b-ab56-9fa585abfec4
Content-Length: 133
x-amz-id-2: rFBEcnVNd4kgwsmOkmsrQo0EyUUzRuGCo/3k5hr5oVH2PtWrE5jVky6QxRh2/v41fWPhISL6Q1L0pEilMUV/YH9cwxHWPxAP
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame C9CC 0
340 B 127ms
126ms XHR
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=2349&fver=5.9.26-F36-46-52-54-59-B491&imp=939725856112663568&plid=2521236318193655889&pvid=3408583802164025787&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1700192853430&stime=1700192860483&etime=1700192860484&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:40 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 64A9 13 KB
5 KB 191ms
190ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 35197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 18:01:03 GMT
expires: Fri, 15 Nov 2024 18:01:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3AD6 13 KB
5 KB 182ms
182ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 35197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 18:01:03 GMT
expires: Fri, 15 Nov 2024 18:01:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 188ms
187ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:40 GMT
x-amzn-RequestId: c780117a-cfcd-ed62-9a50-f5e6f6b09806

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame E304 133 B
569 B 171ms
170ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: f4e676f7880bae4e1d783ac0ec1df8a78013c6bf6b83ef1578d3612f2127022e

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=9763be30df039525d6c29cb97d9ada2f978e388fd90c43b7d698fb3cbcc56a0b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: ebff7a2ea97f777aab15359536ea0b23d4dc96ef21bbd3667ade9a1a306919e0
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034740Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:40 GMT
x-amzn-RequestId: d8241208-dd0f-2183-85f4-f694e47254e7
Content-Length: 133
x-amz-id-2: HJh58wFEKgy8mdrYW6eT0fbYaBJU2/bWNd8lkqLopmA+IHwhdv14CvjD50N9MwZNDFBcAlRCIECYx0X8+xWFj4JfC9P1nlO7
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame E304 0
340 B 86ms
85ms XHR
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=2317&fver=5.9.26-F36-46-52-54-59-B491&imp=7342134550923564497&plid=2521236318193655889&pvid=3408583792617787336&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1700192852292&stime=1700192860592&etime=1700192860592&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:40 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D64A 13 KB
5 KB 228ms
225ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 35197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 18:01:03 GMT
expires: Fri, 15 Nov 2024 18:01:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2FCB 13 KB
5 KB 620ms
618ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 35197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 18:01:03 GMT
expires: Fri, 15 Nov 2024 18:01:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 39C2 13 KB
5 KB 624ms
623ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 35197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 18:01:03 GMT
expires: Fri, 15 Nov 2024 18:01:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BC33 13 KB
5 KB 614ms
614ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 35197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 18:01:03 GMT
expires: Fri, 15 Nov 2024 18:01:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame B81A 39 KB
15 KB 98ms
98ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame EB5B 39 KB
15 KB 563ms
563ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 34F1 39 KB
15 KB 524ms
523ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame B99F 39 KB
15 KB 526ms
526ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 64A9 39 KB
15 KB 527ms
527ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 3AD6 39 KB
15 KB 445ms
444ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame D64A 39 KB
15 KB 287ms
287ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H2 200 x-mark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 222 B
666 B 82ms
70ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/x-mark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77882812956b4fa5e7fbee0491c6f732c9b61012e843a61d88d45332c63bb876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 762998
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230027-FRA, cache-mxp6971-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"de-bFmB/Ch5GN9lTNmNzsBfBB/K8bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XeoazpPzpXaU4D%2F6EFG9%2B5Fr0MZhjqTvlRwWs3ocIYNdVpyqFkcXwoUjF0OTyyGmzN1VOhVNvabVTHzLvz9Crg1EBhIVzs4e7wumUtHRJBBZQW5y5596RGNVk3WuJT4EuBs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe673f4524be-ZRH

GET
H2 200 eye.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 455 B
630 B 66ms
65ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/eye.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b72b152262183a46bdf29f00817d35dd88fef330c888814bcffed7ccde27b1b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1308439
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230079-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"1c7-2ihwUVPx/n1zQR+B36KY4usUiEA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcXbVDLIuAuloUMnsP%2FYky%2FR%2F22nOVgz8e1qoIVkGnJZL4QHzfWGijxaFOjG7wgAgRG3XXwSFw%2F7p4lTc3sjKgNjnJW1tJt2UAk8rH%2Bzt1rCHpG4ouMy9MP9OF5%2B3qvqEok%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe673f4724be-ZRH

GET
H2 200 x-mark.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/ 222 B
444 B 33ms
32ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/outline/x-mark.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77882812956b4fa5e7fbee0491c6f732c9b61012e843a61d88d45332c63bb876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 762998
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230027-FRA, cache-mxp6971-MXP
x-jsd-version-type: version
server: cloudflare
etag: W/"de-bFmB/Ch5GN9lTNmNzsBfBB/K8bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZVAYmszAPUNxAxlrCPiknjSKeLIYzXC%2FuxrxejAM0ah0gXespd1frf50shxQmVhrSCVGIReDaA0wZy%2BACxVG392yPhGIVczu5BmbZQlJG0BJo0zQAcwlRo0tq8isRxWJQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe68087a24be-ZRH

GET
H2 200 eye.svg Show response
cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/ 455 B
572 B 35ms
34ms XHR
image/svg+xml 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/heroicons@2.0.18/24/solid/eye.svg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b72b152262183a46bdf29f00817d35dd88fef330c888814bcffed7ccde27b1b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1308439
x-jsd-version: 2.0.18
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230079-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"1c7-2ihwUVPx/n1zQR+B36KY4usUiEA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2OdCbpZEpbTk4w8AlY%2By%2Bjrs49iqiUGZgN7XAPrLldNXgIqxEJMduNYg%2Bz5%2BTfrc%2BOqrEfA%2BDpKXQyIjOPSnTl6w0gRdgsD5bpFt3QRTtR3MlX8Drflzh0JZ6fTG3FB%2BqU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8274fe68188224be-ZRH

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 153ms
152ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:41 GMT
x-amzn-RequestId: f596dd51-aa0f-5d8c-a846-39cc937228e8

GET
H2 200 ionicons.ttf
1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1499272922381x868922997266054100/ 184 KB
185 KB 94ms
40ms Font
application/x-font-ttf 104.16.224.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io/f1499272922381x868922997266054100/ionicons.ttf
Requested by: Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/run_css/9fb589894c6054d97d4193ccbac081765ec214105b70ec438441ebf05c19faaf/folkd0612/live/index/xfalse/xfalse/run.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.224.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2

Request headers

Referer: https://folkd0612.bubbleapps.io/
Origin: https://folkd.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:41 GMT
x-amz-version-id: xuz8RpJkqRZidkYFNofgAtkL0FYn15De
cf-cache-status: HIT
x-amz-request-id: NYZWGMM9MBYS65AM
age: 1378471
x-amz-meta-app-version: test
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 188508
x-amz-id-2: meQG8/zsOfXGEC7Yku1zpPx0fbowppVzxekhAXKozNxNAdz43MOnRrajhv/09c0wJPhL0xBD/bk=
x-amz-meta-appname: bubbledemo
last-modified: Wed, 05 Jul 2017 16:42:03 GMT
server: cloudflare
etag: "dd4781d1acc57ba4c4808d1b44301201"
access-control-max-age: 3000
access-control-allow-methods: GET, POST
content-type: application/x-font-ttf
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public,max-age=290304000
accept-ranges: bytes
cf-ray: 8274fe68da2123c7-ZRH

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 46D0 133 B
569 B 162ms
161ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: 90c24d5e86f3059905e96551cf0c65723f342949f9a84e856c1556f346950b84

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=5cee8f2d314ea22ee38bea335956fa0b4f191e27d20e02c7c8b3f36d9b334298
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 8023a639e2f42ea0fd1d801a6a8654cd7b99c99b49e7bc1e5cdfc3ebfff90a22
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034741Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:41 GMT
x-amzn-RequestId: efc499ad-0e9e-bde5-b214-7d3037e3c881
Content-Length: 133
x-amz-id-2: JUaOtkBB9lxrAlGlWjbi0qQLj5qO5XoEdywMeRMa6qmndchzbHJwVhPKAWYJBxwgl7aeVirHjkP/MiUBn1b3G8O6XKGb+Sk3
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 46D0 0
340 B 56ms
55ms XHR
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=3083&fver=5.9.26-F36-46-52-54-59-B491&imp=3677528976057663591&plid=2521236318193655889&pvid=3408583802147259143&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1700192853428&stime=1700192861512&etime=1700192861514&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:41 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 3455 61 KB
35 KB 55ms
54ms Document
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI&co=aHR0cHM6Ly9mb2xrZC5jb206NDQz&hl=de-CH&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=3vzm63sl12x3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de_ch.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

GSE /

Resource Hash

544d04bd232ddb00fda337913d8ba5564ffb697482957202e626713b3138b9c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SI7D_607p6l9v2s3FTes3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-SI7D_607p6l9v2s3FTes3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 03:47:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 152ms
151ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:41 GMT
x-amzn-RequestId: e47a25b8-173f-5b45-b9aa-c125076984ba

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame 04A2 133 B
569 B 161ms
160ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: c7a46ae5ff4e9630d078390ec271bd3cd3da8cddd4da19d00ea0c916e1c35179

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=37f5386bf6f91cf73fe63118bd0b1b10ea7cccacf16c5856dee8ebfa396d045d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: cdd084f2d8cab6a24175ad976753ffe7a791b6c14015aa4e6ac1be3a54ae114a
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034741Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:41 GMT
x-amzn-RequestId: f73e6600-ebd2-b992-aaee-829dfb84666d
Content-Length: 133
x-amz-id-2: nhAYdVE6M0dri9f+CRQswoUj34Rs68CQl1LREuRPqU51gAv1pbpPhFFqQvoal0Z/RjV+ADLcsiglGqb2ResBJOkrDgJNUjag
Content-Type: application/x-amz-json-1.1

GET
H2 204 ev Show response
ads.yieldmo.com/v000/t_tkr/ Frame 04A2 0
340 B 62ms
61ms XHR
text/plain 54.72.186.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/v000/t_tkr/ev?type=dl&dltime=2969&fver=5.9.26-F36-46-52-54-59-B491&imp=824321474508510258&plid=2521236318193655889&pvid=3408583802122082733&fmtid=52&e=16&offsetX=0&offsetY=0&pvt=1700192853425&stime=1700192861542&etime=1700192861543&viewportHeight=90&viewportWidth=728&adSlotLeft=0%2C0&adSlotRight=0%2C0
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.186.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
pragma: no-cache
date: Fri, 17 Nov 2023 03:47:41 GMT
access-control-allow-credentials: true
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: GET

POST
H2 200 frg Show response
folkd.com/ 5 B
967 B 324ms
323ms XHR
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://folkd.com/frg

Requested by

Host: folkd0612.bubbleapps.io
URL: https://folkd0612.bubbleapps.io/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Express

Resource Hash

fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

X-Bubble-Fiber-ID: 1700192861633x240236658158915940
X-Bubble-PL: 1700192849192x677
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Accept: application/json, text/javascript, */*; q=0.01
X-Bubble-R: https://folkd.com/
cache-control: no-cache
Referer: https://folkd.com/
X-Requested-With: XMLHttpRequest
x-coalias-route: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkZXN0aW5hdGlvbiI6Imh0dHBzOi8vZm9sa2QwNjEyLmJ1YmJsZWFwcHMuaW8vIiwic291cmNlX2hvc3RuYW1lIjoiZm9sa2QuY29tIiwic291cmNlX3BhdGgiOiIvIiwic2l0ZSI6Im5vY29kZW1heW8tYnViYmxlLWk4Z2Rhd2VicmcxcnJhdWZzdXV5IiwiaWF0IjoxNzAwMTkyODQ5fQ.g1nWWZG7qIkjL6_9rdlNjgdBd1n8bZIkQ0NOUKZvwzI
X-Bubble-Breaking-Revision: 5

Response headers

date: Fri, 17 Nov 2023 03:47:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bubble-perf: {"total":53.5,"percents":{"top":{"bubble_cpu":6,"block":87.6,"capacity_rl":0,"other_pause":0,"pre_fiber":6.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":55.3,"fiber_queue":26.6,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":7,"fiber_queue":8,"blocks":7},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":484198}}
strict-transport-security: max-age=63072000
x-bubble-appname: folkd0612
x-powered-by: Express
x-bubble-capacity-used: 0.007 unit-seconds used
x-coalias-cache: MISS
server: Vercel
x-vercel-id: fra1::wx4br-1700192861649-11d83e14b31c
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lI4eAAGYkwrgmrtTwEMfdbThk7GH4aqC6%2BuXNeMaN%2FOJjiQNr%2FF5XxuJOuwesZ%2BNMXwVpYLlnu%2BpSxm%2BCMOhhdIsi3EgZ2S5UwezKyJRblVSALFQYpslKjjik5YEoQFodsvVfuEbKjEypX5fx%2BReCxWVIRb3AyWUfAUEDP%2BS3ovfwwVQ5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-bubble-request-took: 53
cache-control: no-cache
cf-ray: 8274fe696bec5d87-FRA
x-bubble-capacity-limit: 0 ms slower

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 3455 55 KB
25 KB 712ms
31ms Stylesheet
text/css 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI&co=aHR0cHM6Ly9mb2xrZC5jb206NDQz&hl=de-CH&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=3vzm63sl12x3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 14:52:53 GMT

GET
H2 200 recaptcha__de_ch.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 3455 468 KB
188 KB 717ms
37ms Script
text/javascript 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de_ch.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

14f58d534c595bf9b24e8f67fbfba7a9213884866ed47888cc10ec5525b41777

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 07:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192023
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 07:57:17 GMT

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 2FCB 39 KB
15 KB 31ms
31ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 39C2 39 KB
15 KB 38ms
38ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame BC33 39 KB
15 KB 40ms
40ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame E304 133 B
569 B 166ms
165ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: ed7580dd4b502e9e4d344d415ea1265addab2126d46eab1fc1cb7b889a835244

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=afadae0dbc0e77010a6eda035c1092bd7fbe0883e2bc5416b303283026c20ec4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 42346b0ced387b8ca60dcdace113faa8afbacc777ef13038d7809aa8c9f84ccd
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034742Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:42 GMT
x-amzn-RequestId: e814967d-5b32-2c7d-b5c4-72e34b64f382
Content-Length: 133
x-amz-id-2: cXiY1OkhFsC8DVS1YCYy1NgEoIfK4Glre/TXum6R9rRCQ9aEQ1IjTXNEC3m0yvolhwpd1lef+pcKXC0hR91TvDgcDtMClKFF
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 152ms
152ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:42 GMT
x-amzn-RequestId: c65f7934-d80a-a44d-9b8f-9daac85c7bb2

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
289 B 2695ms
2660ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://folkd.com
Date: Fri, 17 Nov 2023 03:47:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
DATA 200
OK truncated
/ Frame 3455 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3455 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3455 2 KB
2 KB 36ms
35ms Image
image/png 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:15:26 GMT
x-content-type-options: nosniff
age: 45136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 23 Nov 2023 15:15:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3455 15 KB
15 KB 37ms
36ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 521379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Nov 2024 02:58:03 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCFC 0
57 B 71ms
71ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CPDR0PiPyoIDFfaHUAYdl7ILTw&bg=!tbaltvnNAAZxrfrxUa07ADQBe5WfODhrym9TQoF75vrS-OOtgHR4Pj6ZCEWgpgAoT_frFaJnj7t-BekoT0_jXnNeHf9FAgAAA5BSAAAAAmgBB5kDDQhKcPNhBfbxnK6XGnLKBuN7tt6koiLMk_uWc8c-ZM6GVR2CF4-F3e4bkOY77QtQZag6vynHB9M9bOY4FvK2OdGptmdaG1eVWGrohP0u-5V9kyob3ulPBlytoc_vqJ0_itondkauR8C-l5-WeUMYsebaoSzZOVtWIJWeweF51LBQjsBJ_xquMlWF7fvey53LP3eZdz8aoVPVYx20YfvbpzbA2lJhXLSElHfk7CE7S0IYOcVgts81otCyC2KmMub7Tg5xbePLWff7P_EctO77pV99YwCzZsjWZaD3Tp0t3RTfuaDMTdfWVyOx9JMBobvYqOpkwtPhgvnGA-NekI_mDd2uIGeBVnFT6CimOnItdKSoriztkKwu_FYxTBxjRZuR2niiHvak2Vc-h-EjuHkG-GOdyNIvMdezZ806OYJBGZW91qLbClm31NnopJMBsPv6Te3nhWAmFsyzRHrw0zWBxiNPhBgevXw_xnRJFTa7c9AlJKg93_MgNw9sc3h2sKXvQjwgh9LK28v8fe8ODyAw9Xg6zQLqb36rL2JsmQGXEP0CiQ19MiR3YjbsAE5_kIsn_ebUpsGhRiEgsd52QbRNexLX5IpWK32tQF2SZOIzzscaeL4uSkw8MLQFi55Vj1M1phem6QEDW1EJsCevImhfEYuvET62Zmw8OVXMZcXURj6IsE-bnNsJAQh1R7WPw9i-BEt14QeKwQ3Ul0sr7547BN2d3ZjTOjNMeJf3vqCP0qC8QqXUGZJoHe0zFLA3twl_Xl2jdk2UPUAbNgnum-XmwIDJ_qnI95GIWr9M6FYZ8vNeSjP4CZlT5w7iw6lKMD2AYAhSS7bgkz9WUcXodTEVsUllwDeoAognMjUuFzua6MlmUEx7OvOd6QQwjqMYTcyYyUPG27TGxuly4s07wasZIfrE6NmcZ_A-BJoR91X6HFbPZjuCpXLwcd5LvkRMZgGCvAnK64vZzElMYavjJFiF5mUnjjzjEpXxdmvH4wpDsX45RGzgZFeH1ztqlm9wp-hzZcTBDzOWbrJe5_8R0Rc

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF01 0
57 B 70ms
70ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CO_Ui_iPyoIDFeNOFQgdFzYJhw&bg=!kpGlkd7NAAZxrfrxUa07ADQBe5WfONnBZmQw2KsnTzPx46PJ7LJCtOplZxmTUfNngWGCz1nwM6shMFS7o4Z97nQeKZcbAgAAAzNSAAAAA2gBB5kDJF5gKQY4zBBkgD48vFd0qG-alAM9nW26wEM_7v5sMoRBoWCGMc1gCq9OsMpSxRG2RSn03USnsWkESQpM6kI8AlCj8-MDfKceOx2EDg0Ve8MbpeVcxw1eUtrSiUHp-3UUNLfRFBART1VSdpkmIdbJaunyDT8sWguCNSXlJ9Gb3pofrXxCfdQpKkJJjDdBCOy7l1yuhWQktjruaysGBthJSpW8Du3Q0Cc7RFqIbGOP9pD4AOdh3gzPOFdSZvKjrOYWQk9vljAVrHvFf3uyHSaR_JP8ISBaFOZHwz8q7RPPNtq2aOEYYWbFNVsCVfhwpH21db7ONtBYXovJ7BR4THsOjV0zYHg34ZrPNCwy-_aGYKiwnkyISWxY6J22A0psYNq4z3CyZNKPZG5b8KFMXKg7cDtMThI-NHYPd-oZejuwQmyp342hEQJ4sFCPM1zyvC6kTFjYG8vdmi1yzTvKCCgW3ew04Gptk5hyM4foNAe_GtJLLTmEXcMFxRupfRpS5Ms3uCnpIBVpT97Eh1ZZrW72MSUocn2oLXnPEJR9VjoKnh_IPd_wOay9qwAe3KNeP1dJEWJ8PeqeDgUVzapUI0byDDfALaEZx7wKTD8L1UoqhU1iM7LLs6cUMVtpUPliI0rJHpB6DhXliNT54BhlUmkd7uGjs-dGG4IcjYhoswXdvV-kMsLC60oDKmTiIjPm5HdmFBhF6OHi4VI1VdXZ3E4kiek3yPIb-yadQYkKQk07Wr2rQGaNMo0l8x5o7AuR3b9TvGSHaoQ21bK1T_967NUnaD-XF-5zQNliIc3OBYwRx4K_6-bZNxFEEPjrEIySJSTeRDkft3q_dHUzjQslc6F_rDVVAmTxmI1fTiNbKh52FC7kbB7ReD5S6BcJnEZy-cmPyDhpDNHBuGHn0PWddm-8rb18873DSGdfZMZ41VamADokq9NkwtGzfxfWXJojPEaLxNJEq_cgOxDQSHKtAAXL4OKfd82hJf6bGq1PP2M0YLlFnlO0BzexDpknDbjDdNm9v9aKc8_NSaOVdR_vJ16cSMT4zjiwQRhvSWY76o-vaBFuJw7hpQ

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AEEE 0
57 B 68ms
68ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CM7m0fiPyoIDFVVAFQgdjZkCew&bg=!UlGlUR7NAAZxrfrxUa07ADQBe5WfOAloJh7csd9BN-1oTUd7Ryu6JeTq-MG2DsMWBStYFVoJ4K5BAVdOdEWB6P9Nl6rLAgAAAx5SAAAAA2gBB5kDI79TX6B1ekaTLE3qSOwV7L6QStB-q-cWjnh8WcixiycPuoMIzsn1_kPxxd05vOzDz6qBAJV9daD0RvAMn-1JHcLwHfpMRpsyHtF2drOSbFNZt0nazOIrHaG4qlGso9tNXJ_BJEiC41mN5AIAYQ-JiAfEY3-vsmtf6Jp0MXtjbarAuiNjtamLVrlDF0L4HsDvUuE1edieKJYJVjBLS2m2JvvNMkrMBW7Let9dyiuH8b43SITi9G0t_bmmC2WdVjJjWx9uZyxSAUc9PlN_A0NeSRFO6HfV3pjf0ua3bJ7wkw8TzDbYsfo4GxFmJKxrgL_QcbSjh51ZzMrbYquItWxkmdnX1t1JyAdh8N2vaBIorSoZroPyF2PpRIy822wZfKDK3OsdEQ2fM8Aw3qe3tJ6szViwjkuKUOwWATAC7qfu8GuPJYohSqYX-dw4Om4jAsZrP9QUAInK4Gz2Gl8CYD8WijoOslWgOqqyuiq9c97Aj6kgDAQQhTE8-SSyHUM20xFURwz7tWzUJ29JPdS8S-N0C419W5goLOvQKv-WxD7ebrijMW8EnKj3nchke2OiHoYqOVSTFSWqkcaTUx152km94HQmQTlaUfZhdirC7GS7yuEuKncU40yM3i6lqHa3xIbBE33fbnKLS8eqoJUOcdQL5C9xPoKB_wIDK_ViHPdxM4Kub2hHsidlvfmYn-a8uYh40ZPZCNuUTv-ezv_qO9dvWNYLxkfuwqQDYlM77xiPE5agepvnzWgj5evG98AvcGAd0zjZjS6rv70E8uqlbB_I51tJ4dBeFg-Nk1_i2taat0Z03Nj7mNWJi8UyPtw3s4SA4h_6Ytzihg2hNv7TrmMhhzjoK6R3I8DznT_LE8DvckPSxOtV-8MZqj3M0fSFvUy8jDk9fEPUxlu1zmsGFQnyq5-bovuMZWEy3305KlDDXWG0aRyt8-npdjlBVopjN0B8mi8t3jSsicS77z_NG7FZXOqAt0sSxXKdY4NvQpi-irVTRI5R-YwYSYwKN2IMhTgl6_J7pnd9YXDIQ3MKlBy7qMu03K4QnRDDH2kil4wjxfT5hiuz

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 webworker.js
www.google.com/recaptcha/api2/ Frame 3455 105 B
214 B 40ms
39ms Other
text/javascript 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de-CH&v=-QbJqHfGOUB8nuVRLvzFLVed

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

GSE /

Resource Hash

f6b9d81e54a20796a7441b1eed0741d5f9c4c338761556981da51f5c02a4f191

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI&co=aHR0cHM6Ly9mb2xrZC5jb206NDQz&hl=de-CH&type=image&v=-QbJqHfGOUB8nuVRLvzFLVed&theme=light&size=normal&cb=3vzm63sl12x3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 17 Nov 2023 03:47:43 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1471 0
57 B 75ms
75ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CKDY0PiPyoIDFUKrcQodNbYO8w&bg=!ICOlI2zNAAZxrfrxUa07ADQBe5WfOL5FCWvVwEuXHWOmXybbEL-tpukh5gMUlBdEqMDjvaJ8oz53pY32wWMMEXkQXpjcAgAAAwNSAAAAA2gBB5kDGrow2-8l-WfMJbKsi9HLy583yrdZmOqttGFh71HJfmNFIGFSVRytzcD_kAXDruwzfLAP6QwQ9nidctHLYlcEH3cbQAU8xeolcL8xYqTrNqj5g9B36yllif7s87HBKOdvxHDjrFg6gaBT57ilhw9pibKR9V39kO52tx_uPYjuGR0_XVrESOMEh7-LcEHzy041ejvFoviqR-QiRsaV-6Vl1tJuBxb7JtxCpvRmInHNi82Zlaj3oWAhmiEErGTs-8dTe-OkkJYn-JDkKPCDBjoG3H7h_8Np_a0gv5jOp6v1SFDye2uC1s3DPSzD0UaqD3r4QPyoCzzBGBXsd_4AjWdkCG2iOu616F-6ZKERcbsVh1mT2V7nB4RCxy_xa2dM7woI-az078Kdf8ZJwxne8Nbp3TONwnzTv3KkPzesblPGgpPdPGCupSf7dIBCYQ4tQ4kvF2LvRTWtpzWzCWuMECIIjsHDElqJ1X-R6wPKVlxQN0y6N_EXjgueX_4BnKrjM897dxl6BkCEgNaB30OWkp1zVEOl9i7q6hzjJ4KJj2gkGDFXL-liU_ckz5Kd6c6tht16IDdz5fb4YrrRaTAX3gjym26o7yMoKL0Rg5giVzu1h2yl8pRcl69PoGLP9uC0HjeKw5uRIjHrEDx2z4s785N3eQXs6VYt3O9xnZLfuEgmL7pgFeW6IJUBTK0YNONnIYjDnCnR56fraS4iE90tfEN5Xw8lKWbeHT2RzjE2kbvV0PtgXogEa1Wf4tqqFRL0FtpM5BA9gOxzF4zFHJJGBRRzd3_M3n85JOs5YR_ARqLcqBafYIl7IL4DqpDQ8rrPr2Z5rZ_f1byE_cNwGtR75_3BdPfRo8T9gMDkD7noqTq5IM6tp9QUTPU7lkDq3-W5p5ggSJaadqKrHmeP4GAqIEAuoVnBMkxVMejOpaJnz-h4RH5rkVXKxnS0AHl9Nje6e2DBU1CdwnCR9PNsU-GKm0xi0G0ZL6uCfO9t12SsvVkTfqhn6-uWZ9m2xfzKB580U-YyYYragZEfW19yAAnB0UoUSFUuXM8vmhqcv9TM

Requested by

Host: folkd.com
URL: https://folkd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 mmt.gif
imps.monu.delivery/ 37 B
63 B 27ms
26ms Image
image/gif 35.186.236.140
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imps.monu.delivery/mmt.gif?s=a32bdd38-457f-4e83-87a9-b0fd5484cba7&a=p.l&u=5d65a9fa-c3bc-4e73-b569-1a8af1e68dc7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.236.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 06:53:14 GMT
age: 420869
x-guploader-uploadid: ABPtcPpY7imjaJdnkVO6i_GPmBn6c-3SbFw2xaTZmP6AKmYYtgiU0vX7WBCsegBLkONR-PrN1G9PaH6m7PoEZgyzttlU3A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
last-modified: Wed, 12 Jul 2017 09:13:19 GMT
server: UploadServer
etag: "455005e2f4b8ecc484500fab08619f70"
x-goog-generation: 1499850799559224
x-goog-hash: crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type: image/gif
cache-control: public, max-age=31536000
x-goog-stored-content-length: 37
accept-ranges: bytes
expires: Mon, 11 Nov 2024 06:53:14 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=BA67A30D98194F518B791D7386D10AF8&RedC=c.clarity.ms&MXFR=242E3C589A736B0D011A2F949E7365B8
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BA67A30D98194F518B791D7386D10AF8&MUID=3A5906996A36630333B115556B8F62C0

42 B
467 B

50ms
49ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BA67A30D98194F518B791D7386D10AF8&MUID=3A5906996A36630333B115556B8F62C0
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:43 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:43 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CF29FDA9E2D2481DB4E9206AE6AD7DCE Ref B: ZRHEDGE0910 Ref C: 2023-11-17T03:47:43Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=BA67A30D98194F518B791D7386D10AF8&MUID=3A5906996A36630333B115556B8F62C0
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 53ms
53ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

cfa642a8bdb6ab1f5e2d1e9c9c7885bdca4bf9c02f42bb0a75078cb58430afa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12317
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FBDD 0
57 B 66ms
65ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CKCL0fiPyoIDFd-GUAYdZHUL0Q&bg=!GhmlGVbNAAZxrfrxUa07ADQBe5WfOBGjEjsVrhRpkTybkWWPML2O5Z_R93bxsPM0hDKSW-f7dZtTnoV_FrhalmZbIUB1AgAABFRSAAAABGgBB5kDBU8VnzI5CwZuQarVluSC2UAYRfVd1grbn2LflD5J6yyb1tSS9J35BsuxucKt8Gto0tIlQNPzrxDON1A-3EGjEdzcADZyGiNHzRalg1-ZQNjcA64KGfn9qcmTub-ss2WFUnUM0REVoBVDVViMksuQtFXIsxZOBSMUqxOQBdC2bU0WZSwPuL7noVDeVNT85M8xnrihgcxaT0SDvGTZf2JQV5-cIVQLKz5uzSSMnr1td7mmmD_madCWOZctQ272FhyHkc-91PtZbTsEewzi4Y15CMwb-vCOQTUyhtHsZ26gijpABak4Ho2IPlLZbQJ3jj6y7yspB1Z3Vtf53TKxgJC3U-iJlXHgn2uJpzA5mgYPKp7B3qN0lMHWUSVEQtiN2T4NghrOiL0KfYuRXAW9HIhUAx-Xd22oFmuXFod-td3ebQ30rTMB_96iTudMh1ubX-7l6BEIiyqHqtkpixI9Fvuu2hHT0rsQmRod-LUsc0Yop8vfubfwgyu61FftyFCQ1-8z9-9ELsq0JNEzUIUEl1w15ZJq_05B1nIJIomVseUQogNQbGilFHCnwCojewy5z57r6_usLPxLxG8VzsB5sRX24NXnhU82QfSk-yXXK8Lpt19a0B1_fr9yFvXpkn3kLeZcT1ecWVfKXAHVda46_ATMdOeO005ENDTtRMv9wUqJdttlYyiLF6eHh5b71--bE_vK5miTx74NFmE2PqYyhS7CQJzlSmoHUOY3RRIKDWz9F4U7WHaImGfwZxbTr0bp6OtFXC2bXA6qHqV0ehMGLPuSUgNTEOf_flygQ1nJ_FwUH4Prjgm5eZ46naKwKLdbbOUi1JtEzeuHGoEVSU3ynTWNTlilPn3ghNwl0e-8AaApmkizuBz9zA1gVkoAjdg0Uq_a1XwZOD45g9D_TU7SAN2rueOi8JHU4oVYhwN9lveaWJ4givdovAm3VQIYXAMd6REWz0MieESStKSPKVj-w4si5huQlrAuH62YFQKRTml2kFrvnqWkPgFH30m6bVP4YoqsgF7Uc09P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A790 0
48 B 78ms
78ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CIjA0fiPyoIDFWtlFQgd0okPHQ&bg=!X1ylXBPNAAZxrfrxUa07ADQBe5WfOLTm9lLrnUxcUUcptDC_9Q_DrMNeUxkKJMOIp2a0dCDNp56B9VufnZj2ybDz6xU8AgAABD9SAAAAA2gBB5kDGBCkQ8CQVV1E251NjXirpFEo2Ip2lh3AwXstl2NS6DLhdZ71unboaPMSNdLAeKqpefqqxRax59y7anivKVzcoSQ2lLEAmhTWSP4hUv9DsP12ETx0nznH9mUJEgYWgwWKtJ-ve40ChonscVV5rSItbTUOJzMYCyeo-O3dbJJCjQfD4HX70ko_Ay8Kee_jFQz92L9NY0V9jwrfkQHEvDoI8EVDsncwK8-eP2K0dJXa0qELnCdU1BpLGbyHoyZtParCBbz3njAR9z2ZR45BOBEGKO8OBuG8ik5PR5O4tzi0wc9aP1mUaKylLtUrWa6VUkLVibxljOGChxq5P0grQUTD9MpHt2NQvfoqwWgwpj2xANrYeLL-0MJdfCY1tA0_mIgGju1_C60LmXdVyqQGCiMervILS9p3fsG2UQmlPUDk4GhsNJ9oTC2CBFhgzezz2Cp1OePxtJ8_bhnt_YhRsYi_F6CNSja8kcl-ubbEVslNo9tfmv4MLiYfw_KTiqLEPLBfHvuQUpwHpL4hZ74T7gIWqSvP7nWm_l1v9Moa-06Aon-ekCxi_jEi7JxTbNipQ77kCp8hoQXqOXCuYIPwR5Wcfbx8n02q34mQqPrxzPXLB4HFNc300JQdDXc7rcqX91F-zVFG6cC6TLd8T1Y5lRjf85xcw4Dl56pNRnKEgVOuH6YaNQkRDVV4MUrL7i3s_rSIQLwfF9E9uxFKIUFCpNmDy4_zThbm5EaRQDv_qHi4XtYKpswBv91IMpWYXxlWsrE1tS6hTmCMPKaWevxZJUPFBjREFOJhu1bdbeOgmh4spTogYJYlM5BdnQ4c6-CZ0fYUf76gnyO6yqxUQ6PshAFdGqSBWq3r-vgHkpVzhjyW37jRshQOFAL3QdckXf1s64AXV6Xfu3Q7Rc_544CPjTG3KB0vOaTOFSzzQ9C1r5cGLzqraGiYVdbu4FG7cEvnqjxjrpztKko1Krt4UxcEtkvW3SvdH6XBUDgzNbN0s9U2LvHxZL_FKDGyP6Z5Gkex5xC4Ov9UJNbd0W2Qpfs5pR0u7qbbMyGR-IkGfw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2CE1 0
57 B 68ms
68ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=COvh0fiPyoIDFcap7QodNkcG6Q&bg=!WlmlWRbNAAZxrfrxUa07ADQBe5WfOJdRW7edWwNhj2TarEpGBymQcDoRpv4RefJuFPL7dz5W1FwheRcemfO-thCrGphKAgAABCtSAAAABGgBB5kDFt6rexUSDLtTAiYd3wQUzusVx42d3m9G-ZIg-DncbsFhwdCHVdem4u9yzh3y8Im0Vb09-m4VWw9KNL3W5Q89aRoN9LVHTWIy7lhldwDLF2xBWhHffUmJHIukqESzyPlWTPDraWgBuutGT6rHJT9baW59WtZSBEFKSqe8E6PKHSePR63PNGcW6ahBeyn01wEJ1BtQb00OGcf-S6IC1XVpqSlHMa_SDQDTxKbkSV8Rp0fHq798AmDPAmfCPzfBJKnDY-uT7euIV1w3mq6qZ46H6QX3GmzGUGzza21OZzyDXRa9K26Vjc8F1RuwXwU7477vY-JrH-QRvfDQxaOW8KgA0prOcllXS0aqOBm5rDrQ6f4LFKRQhVMZm3OMIPVV3PehEfVvC90omPvbsW6rVDz8aYn_QfUCDoLewNuCQJLo6wbRoCjSTeXFSToOsV6Xm9DG4j0s9rJj-zfhg-FTEGrWzPl549g-j0-GHWHaJiu3XGisMQyH8YRgOZPQ9nXG921l1z7VQBNtlGTkl9K0MIrVr6FFO0dmEgvUJuUzMoSZQ1y-SRIWLcTvEjnsyN9tqPQF5NlfMhL9DRclTjwWk9TxcpPerd0D2rZJu5bIW-ldw7E4_QWHdoIKb3UJKAx7hAPnOmIAOjh0anWhkBF5jhEy-04Li82UgCo3pV_as9hRKCvpxUQUysT-ybi65EjQu6F3Cg14ijlWYM-m2Iqin9tK5TJDRRCK7NTa3dq9bHGjvuuShNsns0769PR9tsTSxDjFkSWvlVNNRKMOUKb2lbCTf3jWoZ-G3c7M6-bt6QBK6bXCTzCWLoWUFA2o4TOUfHHocu2LNDC7RKRIFRall6sOz-TD4_gMCZ8e8E4599cBoYMVBJ-n6dNlCV-_a5TbxTvhdIpWY5VKcbH93kHjKg-iR6XvttD8icGAHPpVHtBcRFAwBJeZp2TMC0Ud17USCOkHyxeotP1urA03EYHu0zQYkurEMTJAW2ZIdxqybgckcFGPm9Hh2TV2Sc-Wucu7Pvdz-P4lvcyKEifyNNlK9zN1SIIz_aQD4-k

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 40ms
40ms Script
text/javascript 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Nov 2023 03:47:43 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4391 13 KB
5 KB 33ms
31ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 35200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 18:01:03 GMT
expires: Fri, 15 Nov 2024 18:01:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A341 829 B
768 B 43ms
42ms Document
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

GSE /

Resource Hash

a6be959f9f1d9ac0e941677507c3924f42efefddf9acc602ae8cae544a17b1d2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xteW9_2xpxAnqTrc8tADrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-xteW9_2xpxAnqTrc8tADrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 03:47:43 GMT
expires: Fri, 17 Nov 2023 03:47:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3689 0
57 B 77ms
77ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CI7v0PiPyoIDFczs7QodrGgHdA&bg=!1dal1pnNAAZxrfrxUa07ADQBe5WfOBbS8ZL52RK-zFCAG8y_vpMyrRwQTVGIGppSlUxMqROkgpNxbR3wSPsLukc-w4XwAgAAA5VSAAAABGgBB5kDGHsSlFXRTITo0AxXymACRR5YbiJYhQkUp8HddXBnrxO9OMPG46MHT4aZI0cQpFHWFjPr2AUPYB8hqm86nxfft54aPF4Lqsi6cN0juffg7WUPtPQr_xZh8yNZ7bD2_LDQpxrNkCgFV586N1AHQ8Wyy5vU373uRavgiO9-0KqCuDLJVfHvclzuC0VLOT8auXI3tg3ccmHbg9Oo1Awx48BfO17k4C94F8vcNlwXXTNMQ1xtzSUA1QkwnGimhsTmktCZ20xohmXGcK-EG8GSj1S1aUwM0a4Ph2U4tOBx2wL6FhRonhGbCWqtSLgi5VmJY0qMQFzVWwUDBOTM66r5ErbLCUsz_j3QGjmlEpcdE94lxT8Ggb1E582Hs_k6Qy--ctWtgX52lCx2wp5hHH2fBJuF107gEi3cO95Woir62hUFHXYh_mFGFeeaeBlbLloGHUXz6nEhVx4Xwjd4K6N9m9cshRO-R8aXtWgQHdsf8-za9La7s1DpYZEFp9mUUaFBy_GeRgtchOGw9sb8gmsdno7DDTJhG4iIueVp5oUIQ6hBA3Wkk5xe4QvE1tCSc-YUC8hiNBkZDZ8Kk3YbCzM0a6s82vZhfUbcRQZWd8W7t9svR9vncRFSgXepb06CWEa3HM6bq9VSmpXBccKr9KlkaPFKRSktdA1R-htKKH5bwRuow-pSH89Dhi7o0JcZZkMJiROKqjUZp_bd9u4yO3ZByJtfpPZJrmTzlYSWXBS7m57wekQu274O20DK6WsAIuZSIRTqKrJyl8iDKcqHVoz8UaLOFcZ-RuR0CKLxtd49ZZMoeIB6wh4eOUN3xzZv6BJPIAeu2A_YQwCtd6JlO3iNIE4poCXVogAotO4j2orTGtTqScxanhUQGRXGlPb2_WAhnuh9CQAuIh-Q_mT0JOu4ezeBHTX-ibxuLrx-uwGEuKs0h-q3fkfiU7SgI_Wes0pFS8zgsYl_rI-Gv8Mh7On2t9hXrrsaQ2vqQ1lJCZmiEAUP-cPdAWkwM5ZiPTN_oaJ5ys_fJkaJdTKsE5kvfn-vMGwbQhAQhS21FBnViw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D06 0
57 B 68ms
67ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CIjb0fiPyoIDFWlAFQgdCp4OMA&bg=!FhWlFVrNAAZxrfrxUa07ADQBe5WfOG55w4v8YrAaBJ7G6LmvLed5XH8Qo3ch5mgWqqlw9LdT2L_1B1iBtYQ7X37gX6dSAgAAA7xSAAAAA2gBB5kDF01BKJhxrsGzl7B4xqcUfjn8FpoExSR0qDa0uATP5Ka2BcdAkTV-zK3dDGhFLQto0mG3RhpW2UUrFBxGbp8NwmVGpdMkcczHFPgMvIYhpETlt9MOdWr9LIXm2U3apcO_r2un08JM7cKlCuIcmhps6nlBGsPdIAxgdNvRrutxUN3FyAm0Zn4d4EVHZ0lblOm6LSMoDTWrORK8deier0jXlsyHeBVGebtWy15bGicD6rUmiPvMde4jAEroIUON7D5q4NOPSxMH0K0bRakigBGa0cAq6SVbYbj1ntJq1oCcmV0MPElKmK0Rn1DK2piLrMbgk_uzk8aqmZSOKhXTq7qiwGS7Ur4nH1CMMXa2JcUnvYfsIS4NB7De6QxdYx9ri3b_oTLAW0_wapJF263D67yib_Ed3de3MkrhIjiiMX4oMZAoG8SktK9XDofwoyFFYBHWl1WML9xcsVtjkl17ednMAAzldiIPgeSIrNFYFUROQwp1IeAp1fMv-nJwv11BVfpUJWDxM1F9gwkIo3ARbO-Qge0gyVFkbeMCD1PvPqxRTohMMFyBEMleGolDwkHq-NY9LDF2B04vf_1Ks52jDG2CvtWw97dtvOGDOZ2DNA8-kJ-x3N-H3bv3P3WPOrrtFQHk-oqYmVwsNfXrjh49jHaMKOGMD7tOg-ddHoNyZj8UZji2KpfP5hBu0luygxur6lxm4ZMBH949kJ8jFmCI6uxTs3nuO-xLzUWnlOYNTfAbim18iZK9ywgwiFt3fyPjRcrHDDYsUVPl_7YNMmblDmM_QFElkbRSK9OE9Jdf9JAS7CQuLl6G99fkxocw10_bso25DLEmqIrXW-d7qbjYLpU1YT_BHeUP-sHvxd1zVVwZpYUKDM8hEaMDyYUDICI6TUMd2w3tZLsBMi7cAFTSVivhCkARHJ8_oEKFKRnK2X53jO2Ttu8DzcNj00lXqNKbqXHcCJc7ow3ly8RMTkIVS7XRseFdKwXUvWpixZ6kWOJCoG9w9eTSrBVSF4e8rzrM79LSaTxkcFqewAhG_L_YgpPjdekrL8Za59Ia

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 16A0 0
57 B 82ms
82ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=dv3n_&jk=CIL90PiPyoIDFctiFQgd33cKEg&bg=!e3ileDfNAAZxrfrxUa07ADQBe5WfOO3Uj74w1KtXHenQtyTEAgWPGGbsezAR9BXyJPuUcjZsW7aAmaAlQwRaJtKZ4sXLAgAAA7BSAAAAA2gBB5kDJf7xZyyMA-_UQEziGCBOvCoJIOByPi_85JYakiaUC4-BtIC6py2OJWOQc3lRo69A9TKJnze5Ma-bFAEM238-YtXm6s_yvJx4cQU2yr4V_nFzdwHgZeN4BSMAVgmqwWchTbYi85xeKdAZjokKHax8naLaHVGBpkj5aQk-aZwycEq90HnZa97WQK2GFtnp3ppbYyNtlSTx7Kn2PF9bBGALqsf8VSjkaqOVgXyc1zu1O0-Q_UY1F2Ob8K5NzKpc2BsjWKFgR9Hj-0N1upmSiDALDHQh6blBv4qwIJTsh2Oa46SNGNhN-ERC9KPgSUoGAcZmKME2lFox4h1zhhnC4yNvARh3QWTyY6mlybfSJaSjsH9exSbh97xpvPT58FED88rkK_MULkellRC5GQMGuPdHadFZ1p1gMJ1tVM8WPs9lHCaBLEvdSGBBWsTg06HWei1axEPkj5KT54Crohu6nQNdU4I5dmO-OAWYJYnodGzjKI_aL1RIQZizL8Ieef4WcdtYU4GDNWGvw3laJ5Kess1FXnPAerVkw3hmmccAjPExznuF0_rTy0lEC55_aB5eyNF-k8vqEW_BxfRzvI6889D9rg58LVhnA93Is8Wg_q18hvQ6P1tJYnlja1o_vl_KYcsMAVnH54L0BMT8HNvFLSDLtW9Ms-LZJ6L6S3Wd_BuTkro72zOGUbhHUHPXtVcUX69U6Ff7cRB2KSewrfDi1j0AOByBj_Bssn5Diih8gyWCjjsohMvM2h29VxQ4yN-UiZjnM8yXdStO6le_n1e4PpvJHwAxfI7yO1edjoHNw73Bc_rpAZEaEJrDg_V9U_ZHHzCUlPUAxqKOAAxAb39hDjYoOd0ZG4_P8PXO1fuS9KPrXri7v8m0-2-Ka3B4B2G4ACXmC4D3TenSAGhICjzonllP8z5rL0TZMtorMc8WU9LjII0KTaftdyHOdNs-FUO31_aOijTNyD6uJ3jYaHBJVl6-U-BQGv_sAMvGpxeZ21G6cAySTOzXdIbDJ4xIk1FX0F9xYVyBErMEGubv5GT4MIXl_qHPTY2JKn88shqOyhPA_uJukhHSG1g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 686C 7 KB
1 KB 45ms
44ms Document
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de_ch.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f4.1e100.net

Software

GSE /

Resource Hash

c5de4774bcd28e91618cdd1cd501f6c2361372b57d85dfef447048a3586d2c03

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_jNtKmR0NDlQCxlHnAUQPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://folkd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-_jNtKmR0NDlQCxlHnAUQPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 03:47:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 686C 55 KB
24 KB 33ms
32ms Stylesheet
text/css 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 14:52:53 GMT

GET
H2 200 recaptcha__de_ch.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 686C 468 KB
188 KB 36ms
35ms Script
text/javascript 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de_ch.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de-CH&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Lff_I4mAAAAAGHfEhhVXeU12QZE9z2mPvtEr2BI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

sffe /

Resource Hash

14f58d534c595bf9b24e8f67fbfba7a9213884866ed47888cc10ec5525b41777

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 07:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192023
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Nov 2024 07:57:17 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A341 0
0 71ms
71ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=4226459497899632&rc=null
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 4391 39 KB
15 KB 32ms
32ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 09:57:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Nov 2024 09:57:20 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 4391 0
41 B 30ms
30ms Image
text/plain 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?b74Y-g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:47:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 69ms
68ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=4226459497899632&bg=!XV6lXhHNAAZxrfrxUa07ADQBe5WfOJCRnnGDZIfWxcPBvJI_823rrv-5Twrzhf2W9VVMdsIUBwd_a08HRq2c3mAbkuyFAgAAAPVSAAAABGgBB5kCrl3wodvHkqY7-Lk-b4Sl3MjQjqvSCjdovg308ASSqbygHAErsy7GDljWq9a_uzNT-peCVunR4cbNKiVVd9LgSSuA6crdS22IC4q2hlcPTOM1zJntnLTHDag4MNK4zbUFlFFjzLNFLgvoyjkKUAamWDl9TrnUEJnWLRSlv_QYqcqxOq7HxYJaYyCnjE1yRwwbnVi5XXk28-KnhiqxcCj5xdWFcgkAMcb5c8PhpKqsgWMLEv9yeAA6Iwnx7PqjlSc7k6NZo0fH4WdXWfVRYIezXH_BujAppxzaee9VJ1b_acmUWfTInrqiEqZKYeOUka_veqw9BfGG1gq7157G-u_JZ6F9f6pQvKLXQarZbufj6V7y9IPBA-xbRnLgKIB9xjyR720CFsF0agdMOp0hdKMkssGFMNJzm5QrX6tH7AnJksNiR9GXSBFkox7H7KkZSLp88OpqmKiMZWdF8IjPxBrQcBW22E75ELwh8psg5H6H5S8HMXO3Y5ukhnR8prCFy8b5xPzStwjYz266Xbrj8cW3kl3cgm_4MGYRwBIEn1F2O0K-zIbU3hRgAZQ2g-4hRxtUAltaTjSsH-p8ux7kYTjRHdOyByVmRdlT6TYwCDdIWYjpt47PyziYVgzaGGNPJiQqPK5ZnsyCNPLmemynFGXYOCi1rtGPMppFYG0mBD_BC7E3QZeRlaxPmPr51u9zlIRmthVrz3rMhWU2eNqu4QBtOx89tO-NNYWUkiGV95PFjQuOByI1eWxxzfvWHvvJuqoyNMFu3goZHbxmTpJ2sYXRdzDvYjG4HaTUmNXhwXRqOWKb-KG5IUwfw8UX2QEG-VsSI0j42yMSjTErg7Dup5XtlwgXVhmZZgn8_1vDutB5y8T8ytwxkQnyKeJ6q6wEnUyKO86d6V3GmOucJfEA8T6M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://folkd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H/1.1 200
OK / Show response
kinesis.us-east-1.amazonaws.com/ Frame E304 133 B
569 B 293ms
293ms XHR
application/x-amz-json-1.1 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Requested by: Host: static.yieldmo.com
URL: https://static.yieldmo.com/ym.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash: 5f4ddffe89629d729413540508f3e56e9a8896a08a1eb3298c9fc4d3e6e5f045

Request headers

Pragma: no-cache
accept-language: de-CH,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=AKIAIPUUKKTGWLCOV32A/20231117/us-east-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=698399d9ba496405fda0a61501f2c2710503cdcb95b6d7d51fd10a18000ee558
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-amz-json-1.1
X-Amz-Content-Sha256: 9caa1adec1d6dcc44a9c2d82af98b7bbc06c30ca8280be15fedb495469b5be5d
Cache-Control: no-cache
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
X-Amz-Target: Kinesis_20131202.PutRecord
X-Amz-Date: 20231117T034745Z
X-Amz-User-Agent: aws-sdk-js/2.10.0

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 17 Nov 2023 03:47:46 GMT
x-amzn-RequestId: fd341bd6-5936-0629-a0e4-ff744960d9d6
Content-Length: 133
x-amz-id-2: woeBRCm5LW/aL7JOXS571wigRcLkoWcE3HWYfq5IxqbH432wYo9OIkGkBtEpLyYkUtfiyKKJ1mKpwDmXHOaBD7JF/fV+mHQm
Content-Type: application/x-amz-json-1.1

OPTIONS
H/1.1 200
OK /
kinesis.us-east-1.amazonaws.com/ Frame 0
0 162ms
162ms Preflight 3.91.171.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.us-east-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.91.171.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-91-171-242.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,cache-control,content-type,pragma,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 17 Nov 2023 03:47:45 GMT
x-amzn-RequestId: d998ce0e-8d16-18d3-8448-2aaf9d40c72c

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
289 B 605ms
605ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://folkd.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://folkd.com
Date: Fri, 17 Nov 2023 03:47:47 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 dc_oe=ChMI-rXi-I_KggMVgRKLCh0DJQZYEAEYACCD0Ydg;met=1;&timestamp=1700192869082;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame BAA2 42 B
108 B 90ms
73ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-rXi-I_KggMVgRKLCh0DJQZYEAEYACCD0Ydg;met=1;&timestamp=1700192869082;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Nov 2023 03:47:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: oajs.openx.net
URL: https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp

Domain: ap.lijit.com
URL: https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESECthInwIw4O63v-0q9T8k34&google_cver=1&google_push=AXcoOmTgUl1SaVcQ8cwmUg18k82UJfLATj08biNucK0MmDxNNIYOPRnPa6_qBVoHIF_0vNjJZ2pu43oyl5SYhNZdzcAijXrcMoTC&sovrn_retry=true

Domain: image8.pubmatic.com
URL: https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT

Domain: pixel-eu.rubiconproject.com
URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=yieldmo

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58259&ovsid=3FMyO77dd47SycRjWOZc&redir=true

Domain: ad.turn.com
URL: https://ad.turn.com/r/cs?pid=45&rndcb=2710938951

Domain: bttrack.com
URL: https://bttrack.com/pixel/cookiesync?source=6f15a88d-e42c-4017-8276-dff2b21d7926&secure=1

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=yieldmo&gdpr=0&user_id=VD8upgc4LqhPPir2Bms2qFdsfvZPPCulUjjA0q6n

Domain: sync-openx.ads.yieldmo.com
URL: https://sync-openx.ads.yieldmo.com/sync?pn_id=openx&id=ed16aa8c-bba8-05c1-2870-fd483735fd7d

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=21

Domain: rtb.adentifi.com
URL: https://rtb.adentifi.com/CookieSyncYieldMo

Domain: yieldmo-match.dotomi.com
URL: https://yieldmo-match.dotomi.com/match/bounce/current?DotomiTest=716c97bbadd01848&is_secure=true&networkId=42851&version=1

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/yieldmo/?cb=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dz%26userid%3D__ZUID__

Domain: rtb.mfadsrvr.com
URL: https://rtb.mfadsrvr.com/sync?ssp=yieldmo

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11479&redirect=https%3A%2F%2Fads.yieldmo.com%2Fsync%3Fpn_id%3Dloopme%26id%3D%7Bviewer_token%7D

Domain: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-sync/mo

Domain: contextual.media.net
URL: https://contextual.media.net/cksync.php?cs=3&type=yld&ovsid=setstatuscode&redirect=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dmnt%26userid%3D%3Cvsid%3E

Domain: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=71&gdpr=0&gdpr_consent=

Domain: xsync.iqzone.com
URL: https://xsync.iqzone.com/psync?t=s&e=366&cb=https%3A%2F%2Fsync-iqzone.ads.yieldmo.com%2Fsync%3Fpn_id%3Diqzone%26id%3D%25USER_ID%25

Domain: sync-adform.ads.yieldmo.com
URL: https://sync-adform.ads.yieldmo.com/sync?pn_id=adfm&id=2391635941405129718

Domain: idsync.rlcdn.com
URL: https://idsync.rlcdn.com/397286.gif?partner_uid=3FMyO77dd47SycRjWOZc

Domain: stags.bluekai.com
URL: https://stags.bluekai.com/site/26980?limit=0&id=3FMyO77dd47SycRjWOZc

Domain: aa.agkn.com
URL: https://aa.agkn.com/adscores/g.pixel?sid=9212291508&puid=3FMyO77dd47SycRjWOZc

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/sync/yieldmo?redir=https%3A%2F%2Fads.yieldmo.com%2Fsync%3Fuserid%3D%7B%24PARTNER_UID%7D%26pn_id%3Daa

Verdicts & Comments Add Verdict or Comment

262 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

92 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
folkd.com/	1970-01-20 16:20:52	Name: folkd0612_live_u2main Value: 1700192849158x522507343399696300
folkd.com/	1970-01-20 16:20:52	Name: folkd0612_live_u2main.sig Value: t0ZBAEfxG8BwxnOywbq2ZpzUR50
folkd.com/	1969-12-31 23:59:59	Name: folkd0612_u1main Value: 1700192849145x620667586657881700
www.clarity.ms/	1970-01-21 01:02:08	Name: CLID Value: da890a33dea8420e90864ca5d8830399.20231117.20241116
.folkd.com/	1970-01-21 01:52:32	Name: _ga Value: GA1.1.1635225448.1700192851
.folkd.com/	1970-01-21 01:02:08	Name: _clck Value: 10u3uvb%7C2%7Cfgs%7C0%7C1416
folkd.com/	1970-01-21 01:52:32	Name: session Value: a32bdd38-457f-4e83-87a9-b0fd5484cba7
m.stripe.com/	1970-01-21 01:52:32	Name: m Value: 68ad984f-a24d-4725-9ba6-54e8e8712daad93cb0
.doubleclick.net/	1970-01-21 01:52:32	Name: IDE Value: AHWqTUkmyfBX3ii_kfW9OBAqBuRqRuocY25JQEfihqm0TpoF1hNud7GztYMkUYXBSzw
.folkd.com/	1970-01-20 16:17:59	Name: _clsk Value: 4s57wp%7C1700192853361%7C1%7C1%7Cw.clarity.ms%2Fcollect
.folkd.com/	1970-01-21 01:02:08	Name: __stripe_mid Value: d746615e-ec81-41a2-9a97-99e3b984d9b720c00a
.folkd.com/	1970-01-20 16:16:34	Name: __stripe_sid Value: 339ced6c-f973-4f78-b173-fc5eedb6f1151aec05
.crwdcntrl.net/	1970-01-20 22:45:18	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 22:45:18	Name: _cc_id Value: 176ca45e4ffc9ddbe347ddeb328cb0b7
.openx.net/	1970-01-21 01:02:08	Name: i Value: 5ab106c8-802b-0017-2fc3-29ceaff9db1e\|1700192853
.openx.net/	1970-01-20 16:38:08	Name: pd Value: v2\|1700192853\|n0vNvQiygu
.criteo.com/	1970-01-21 01:38:08	Name: uid Value: d8818009-ef52-488a-809a-2bd806bad6fa
.folkd.com/	1970-01-21 01:38:08	Name: __gads Value: ID=7f5a9c4823ad7a6a:T=1700192853:RT=1700192853:S=ALNI_MZApTF9qy3uKwO7qyTOAA-7SDtD6A
.folkd.com/	1970-01-21 01:38:08	Name: __gpi Value: UID=00000cca30e6d4f6:T=1700192853:RT=1700192853:S=ALNI_MY5mMU6F2BqEuzpIteIupPluei-Dw
.folkd.com/	1970-01-20 22:45:20	Name: _cc_id Value: 176ca45e4ffc9ddbe347ddeb328cb0b7
.folkd.com/	1970-01-20 16:17:59	Name: panoramaId_expiry Value: 1700279253656
.yieldmo.com/	1970-01-21 01:02:08	Name: yieldmo_id Value: 3FMyO77dd47SycRjWOZc%7C1700179200000%7C0
.adform.net/	1970-01-20 16:59:44	Name: C Value: 1
.casalemedia.com/	1970-01-21 01:02:08	Name: CMID Value: ZVbiVn6vJ.E59nNqoqPXFQAA
.casalemedia.com/	1970-01-20 18:26:08	Name: CMPS Value: 5189
.casalemedia.com/	1970-01-20 18:26:08	Name: CMPRO Value: 5189
.adform.net/	1970-01-20 17:42:56	Name: uid Value: 2391635941405129718
.amazon-adsystem.com/	1970-01-20 21:43:25	Name: ad-id Value: A8gvi0h3pEFmuFyDsNMG6K0
.amazon-adsystem.com/	1970-01-21 01:52:32	Name: ad-privacy Value: 0
.folkd.com/	1970-01-21 01:52:32	Name: _ga_7BR5TDFFPC Value: GS1.1.1700192851.1.0.1700192855.0.0.0
.simpli.fi/	1970-01-21 01:03:35	Name: suid Value: 09C14A6836C34EC980F73ECBFA698BA8
.acuityplatform.com/	1970-01-21 01:02:08	Name: auid Value: 853308099231
.acuityplatform.com/	1970-01-21 01:02:08	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRXZsQj6SmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUV2bEI+ko90aGlyZFBhcnR5VXNlcklkWkNBRVNFRjd3bFNmX1J6azlXWlk3ZEFYNVVZa/v7hnZlcnNpb27C+w=="
.teads.tv/	1970-01-21 01:00:42	Name: tt_viewer Value: 11c55c6e-ae75-47d8-987b-3df37ca35252
.pubmatic.com/	1970-01-20 16:17:59	Name: KTPCACOOKIE Value: YES
.bidswitch.net/	1970-01-21 01:02:08	Name: c Value: 1700192856
.bidswitch.net/	1970-01-21 01:02:08	Name: tuuid_lu Value: 1700192856
.bidswitch.net/	1970-01-21 01:02:08	Name: tuuid Value: 52827b17-f6f5-467b-b1e6-f576ede294f0
.adnxs.com/	1970-01-20 18:26:08	Name: uuid2 Value: 3819957177500089848
.pubmatic.com/	1970-01-21 01:02:08	Name: KADUSERCOOKIE Value: 96E72FF7-98A5-49F5-8AA3-C9AAF3C880CE
.3lift.com/	1970-01-20 18:26:08	Name: tluid Value: 1017140214006011938772
.ads.yieldmo.com/	1970-01-21 01:02:08	Name: re_sync Value: pp%3D1181529%7Cbsw%3D1181529%7Cadfm%3D1181529%7Cgoogle_supply%3D1181529%7Ciqzone%3D1181529%7Ctapad%3D1181529%7Cyahoo_supply%3D1181529%7Cmf%3D1181529%7Cbeeswax%3D1181529%7Cneustar%3D1181529%7Caa%3D1181529%7Cb%3D1181529%7Cc%3D1181529%7Ccriteo%3D1181529%7Cloopme%3D1181529%7Ceps%3D1181529%7Cstk%3D1181529%7Cdv360%3D1181529%7Ceq%3D1181529%7Can%3D1181529%7Crc%3D1181529%7Cunl%3D1181529%7Cmnt%3D1181529%7Cliveramp%3D1181529%7Ct%3D1181529%7Cadtrt%3D1181529%7Cbluekai%3D1181529%7Camazon_supply%3D1181529%7Cz%3D1181529%7Cpub%3D1181529%7Copenx%3D1181529
.adfarm1.adition.com/	1970-01-20 18:26:08	Name: UserID1 Value: 7302272713415587988
.media.net/	1970-01-21 01:02:08	Name: visitor-id Value: 3431944566223240000V10
.adnxs.com/	1970-01-20 18:26:08	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU^J<Nw^!@wnfH8K6pQK`!5=E<L5?%K>69F:p.A(`^Jw<H['he^]#_4l>zOCYlX2xTbpRzqF1`b_3r3>N=
.quantserve.com/	1970-01-21 01:46:47	Name: mc Value: 6556e258-41fda-85fef-60502
.sportradarserving.com/	1970-01-21 01:02:08	Name: zuuid Value: 9d999e81-3487-4ade-a589-a0a19b90fd13
.sportradarserving.com/	1970-01-21 01:02:08	Name: c Value: 1700192856
.sportradarserving.com/	1970-01-21 01:02:08	Name: zuuid_lu Value: 1700192856
.sportradarserving.com/	1970-01-21 01:02:08	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-21 01:02:08	Name: zuuid_k_lu Value: 1700192856
.targeting.unrulymedia.com/	1970-01-21 01:02:08	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-e55f2322-1ed7-42aa-ae45-e5732d15ff2c-003%22%7D
.yahoo.com/	1970-01-21 01:02:30	Name: A3 Value: d=AQABBFjiVmUCEA3eMdR554AIYM-ljqoyW4oFEgEBAQEzWGVgZQAAAAAA_eMAAA&S=AQAAAh0utRYbP3sgdFFvkIG55UM
.creative-serving.com/	1970-01-21 01:38:08	Name: tuuid Value: 5c82f8d4-7312-4720-85a8-28a92128cd5c
.creative-serving.com/	1970-01-21 01:38:08	Name: c Value: 1700192856
.creative-serving.com/	1970-01-21 01:38:08	Name: tuuid_lu Value: 1700192856
.folkd.com/	1970-01-21 01:38:08	Name: cto_bundle Value: toKrQ182YkJyazZkMVhQbDNBJTJCTzR5ZEZudzFmTjQ2cmprSTRvVVQ5UjRweWQlMkZ2MnlmeVpaJTJGUFhiRjRLTWJkdSUyRlJaa1BiZ21tQm13MFNGY2lKbUZKa0ZwNDhzeW9QUmQzS2pMS3JSRkVhdDRvZ1hDTFZrQnVxVlV3VlFPJTJCVlIyWEFtRU1XaFBQZm1jMjNOQXJMb1NiVDlDdGN3JTNEJTNE
.go.sonobi.com/	1970-01-20 16:59:44	Name: __uis Value: 07413442-8e7f-41e1-900f-ccbf6ecbef54
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s86156\|ZVbiW
.contextweb.com/	1970-01-21 00:54:56	Name: V Value: TjyFp9y1uOZ3
.contextweb.com/	1970-01-21 01:02:08	Name: pb_rtb_ev Value: 3-1o1a\|7TZ.0.1
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: bc681a6d214e5874
.tapad.com/	1970-01-20 17:42:56	Name: TapAd_TS Value: 1700192856825
.tapad.com/	1970-01-20 17:42:56	Name: TapAd_DID Value: c36f77e2-583e-4ca1-ae30-e32e53bfe181
.ads.yieldmo.com/	1970-01-21 01:02:08	Name: ptrpp Value: TjyFp9y1uOZ3
.1rx.io/	1970-01-21 01:02:08	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-e55f2322-1ed7-42aa-ae45-e5732d15ff2c-003%22%2C%22zdxidn%22%3A%222069.28%22%2C%22nxtrdr%22%3Afalse%7D
.dotomi.com/	1970-01-20 16:16:32	Name: DotomiTest Value: 716c97bbadd01848
.quantserve.com/	1970-01-20 18:26:08	Name: d Value: EHwBEAG5KoEO3KwQ
.tapad.com/	1970-01-20 17:42:56	Name: TapAd_3WAY_SYNCS Value:
.ads.yieldmo.com/	1970-01-21 01:02:08	Name: ptrc Value: CAESEKqnBlHvr_iDjtR6M0qa6vM
.ads.yieldmo.com/	1970-01-21 01:02:08	Name: ptrcriteo Value: d8818009-ef52-488a-809a-2bd806bad6fa
.ads.yieldmo.com/	1970-01-21 01:02:08	Name: ptran Value: 3819957177500089848
.analytics.yahoo.com/	1970-01-21 01:02:08	Name: IDSYNC Value: 195t~2f3f
.mediago.io/	1970-01-21 01:02:08	Name: __mguid_ Value: f34e9699882611da1eb9g100lp22xggm
.pubmatic.com/	1970-01-20 18:26:08	Name: SyncRTB3 Value: 1701388800%3A220
.pubmatic.com/	1970-01-20 16:17:59	Name: pi Value: 160648:3
.pubmatic.com/	1970-01-20 18:26:08	Name: chkChromeAb67Sec Value: 1
.lijit.com/	1970-01-21 01:02:08	Name: ljt_reader Value: Hq1jJGZH-vtU6kVSQC6kqh_W
.scorecardresearch.com/	1970-01-21 01:52:32	Name: UID Value: 161397727cf048e575d81381700192857
sync.srv.stackadapt.com/	1970-01-21 01:02:08	Name: sa-user-id Value: s%3A0-224cc2b6-20c0-5b3a-574b-af8ce8068305.qx1qY%2Bk7iYjlMl%2FuapyE12tglvUpyypbFHvc47ZIRLc
.srv.stackadapt.com/	1970-01-21 01:02:08	Name: sa-user-id Value: s%3A0-224cc2b6-20c0-5b3a-574b-af8ce8068305.qx1qY%2Bk7iYjlMl%2FuapyE12tglvUpyypbFHvc47ZIRLc
sync.srv.stackadapt.com/	1970-01-21 01:02:08	Name: sa-user-id-v2 Value: s%3AIkzCtiDAWzpXS6-M6AaDBR-l1zg.2Up5miub1pYH%2BIPXZ6nxqZVj7Xm%2Ba62lvwEPSOJDV3A
.srv.stackadapt.com/	1970-01-21 01:02:08	Name: sa-user-id-v2 Value: s%3AIkzCtiDAWzpXS6-M6AaDBR-l1zg.2Up5miub1pYH%2BIPXZ6nxqZVj7Xm%2Ba62lvwEPSOJDV3A
sync.srv.stackadapt.com/	1970-01-21 01:02:08	Name: sa-user-id-v3 Value: s%3AAQAKIDXXt1s3RmAHVsQimatZZufrKbkbtNdUuohHcM_myyrkEAEYAyDZxNuqBjABOgTwi70wQgRy6g1j.LaVNtCk%2B3J3wk1DQx7wv6d4vEIEYwYdwbK%2FzMkXohWY
.srv.stackadapt.com/	1970-01-21 01:02:08	Name: sa-user-id-v3 Value: s%3AAQAKIDXXt1s3RmAHVsQimatZZufrKbkbtNdUuohHcM_myyrkEAEYAyDZxNuqBjABOgTwi70wQgRy6g1j.LaVNtCk%2B3J3wk1DQx7wv6d4vEIEYwYdwbK%2FzMkXohWY
.bing.com/	1970-01-21 01:38:08	Name: MUID Value: 3A5906996A36630333B115556B8F62C0
.c.bing.com/	1970-01-20 16:26:37	Name: MR Value: 0
.c.bing.com/	1970-01-21 01:38:08	Name: SRM_B Value: 3A5906996A36630333B115556B8F62C0
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 01:38:08	Name: MUID Value: 3A5906996A36630333B115556B8F62C0
.c.clarity.ms/	1970-01-20 16:26:37	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:16:33	Name: ANONCHK Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
javascript	error	URL: https://folkd.com/ Message: Access to fetch at 'https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp' from origin 'https://folkd.com' has been blocked by CORS policy: Request header field x-coalias-route is not allowed by Access-Control-Allow-Headers in preflight response.
network	error	URL: https://oajs.openx.net/esp?url=https%3A%2F%2Ffolkd.com%2F&rid=esp Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1bccd00f7acd03ac6a93123768d650c0.cdn.bubble.io
2d89252f51bed15fead3029f33446e36.safeframe.googlesyndication.com
a.sportradarserving.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.creative-serving.com
ads.yieldmo.com
adservice.google.com
ap.lijit.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
bttrack.com
c.bing.com
c.clarity.ms
c1.adform.net
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
cruisepassenger.com.au
cs.admanmedia.com
cs.media.net
csync.loopme.me
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
esp.rtbhouse.com
eu-u.openx.net
folkd.com
folkd0612.bubbleapps.io
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gotrangtri.vn
gum.criteo.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
image6.pubmatic.com
image8.pubmatic.com
imps.monu.delivery
invstatic101.creativecdn.com
js.stripe.com
kinesis.us-east-1.amazonaws.com
live.staticflickr.com
m.stripe.com
m.stripe.network
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matchadsrvr.yieldmo.com
monu.delivery
mycitymagazine.org
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
oze6868x.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
protected-by.clarium.io
q.stripe.com
region1.google-analytics.com
rtb.adentifi.com
rtb.mfadsrvr.com
ruouvn.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
static.yieldmo.com
storage.googleapis.com
sync-adform.ads.yieldmo.com
sync-openx.ads.yieldmo.com
sync.1rx.io
sync.go.sonobi.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
tags.crwdcntrl.net
tpc.googlesyndication.com
trace.mediago.io
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
w.clarity.ms
www.clarity.ms
www.folkd.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.morningtonpeninsulasheds.com.au
x.bidswitch.net
xeqe-t3lw-i7hv.n7.xano.io
xsync.iqzone.com
yieldmo-match.dotomi.com
aa.agkn.com
ad.turn.com
ap.lijit.com
b1sync.zemanta.com
bttrack.com
contextual.media.net
cs.admanmedia.com
csync.loopme.me
idsync.rlcdn.com
image8.pubmatic.com
match.prod.bidr.io
oajs.openx.net
pixel-eu.rubiconproject.com
rtb.adentifi.com
rtb.mfadsrvr.com
ssbsync.smartadserver.com
stags.bluekai.com
sync-adform.ads.yieldmo.com
sync-openx.ads.yieldmo.com
sync.srv.stackadapt.com
ups.analytics.yahoo.com
x.bidswitch.net
xsync.iqzone.com
yieldmo-match.dotomi.com
103.146.112.163
104.16.204.66
104.16.224.78
104.16.89.20
104.17.25.14
104.18.43.90
104.21.79.59
104.22.53.86
13.107.246.45
142.250.185.134
142.250.185.194
142.250.185.226
142.250.186.162
142.250.186.36
142.250.186.65
142.250.186.66
142.250.186.67
142.250.186.97
143.204.89.213
151.101.128.176
154.59.122.79
16.171.99.149
162.19.138.118
172.217.16.130
172.217.16.198
172.217.18.123
172.217.18.3
172.217.23.106
172.64.151.101
176.34.91.195
178.250.1.11
178.250.1.3
178.250.1.9
18.245.60.107
18.245.60.36
18.66.122.57
18.66.129.71
184.30.24.22
185.3.92.76
185.64.190.78
188.114.97.3
202.92.7.98
204.79.197.200
208.93.169.131
216.239.32.36
216.58.212.130
216.58.212.168
23.32.185.35
23.96.124.156
3.121.33.140
3.127.72.135
3.91.171.242
34.102.146.192
34.111.113.62
34.120.135.53
34.255.67.121
34.96.70.87
35.158.83.137
35.186.236.140
35.190.39.111
35.193.186.65
35.204.158.49
35.208.249.213
35.244.159.8
37.157.5.132
37.252.171.85
45.252.248.51
46.228.174.117
51.89.9.254
52.223.40.198
52.28.38.5
54.156.117.66
54.187.159.182
54.201.135.255
54.239.38.253
54.72.186.48
63.251.14.14
65.9.66.104
68.178.148.206
68.219.88.97
69.166.1.66
76.223.111.18
76.76.21.21
85.114.159.118
89.207.16.140
91.228.74.200
02f923b40756a9fcc71131201d525371926f843ff807a032f3a6b4e617060789
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
0653cfe169f1be72444540ac9b083308bbb2f992d3bd68d36f5805b5e4227e67
07a10e3912e7a681e810c7cc0cfb13868b18acd4feb6ba57c90598a22fdc9d11
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
082a75157928321218428904933ebff27d7fb4532e1f6daa3c824824aecc14ec
08862b24f27ecd5e33a8a710ffdf0b168e316878e4088ca41977a1e74bb6c8d1
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
099dffd34938112da0b5c979e314a475e43f76abebe12cf1afb1965c454813a9
09fa48367ecdb31ccbb365e0428d3d7bd7f32f48890b84d2e6c6ab9d2b12e3f2
0a16a0833c0a79ac8c7a3fe2ce1f1f0b782b487e2ad8e4d4b3a85d2ff7c32864
0b26090b7c2ddac21b5731cd0dc5ada44fd88d3b7ee421dd8ddc0a7db2b12c70
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c42c23a0a15b19aa34fbf250c2ef3717f98169f8f123875936de604ca03070a
0d3459e73e9ecd7967a568701dc89f238af481441b80c66962ea15a552efe65d
0fe4cc41be62b03243ecc3a8d5ea6567dc5ebfad1500e6b753d2b4e513e748c1
0ffe09a27dee83e9a009cd98003d22c4a82d0ecfd5de870b46e669a9dd6bdcd0
129f20debee194b31b8a819edc495fa273642cab482d63c2aa9a2cfb73f1d6a9
13a98b9416e587b6aac281b68031fbc9fdfcc4e6870925efcf7416251f0ea912
14f58d534c595bf9b24e8f67fbfba7a9213884866ed47888cc10ec5525b41777
15df7612b2f445f4d18846aed403d0ca0947b3f8dead95d4b167621f5faaba57
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
187ac4bafe093e9774619686d2c0260f81e26c61c751a7c865d363d0c405c24c
18a847f8474bbd62b4a8e5d7fc404c2d3863b05bd4e940750f7bf3fb31c78430
18bdc55d438569acf0a6f49aa446ca4858ac2d12ecb2adcddb32abc9bcb72137
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
195f9ca06d2110519bdc91aac25905b23c740817de711e535f8612a7c2da9d47
1b5d12e46a4838498d352d4025bbd9800fc6457dee5965736c505707b23431da
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e4c82f2273f3927d3dd4118b9468f232e5e770bfc7ec63453e4b7b199d576b9
200dc7bef742f1444cb61f8815c670559515190e8c26b22d2321d97f0b9f772b
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
240c743c0bc735cb070b66bc92aac213ebb0e46e349b6f6a76967631ec929d79
2498da4a6af16d60195335b2aa68a8f87c7c29b98cf4959d9a7deffc039fec38
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
26e9d238e9ca051911a318bcebdcac907af217c41a4c3cb8de2f32aa5286bc22
29fe0b7dd4e649ef113ae8d25a3c7af09fa8bc7f1474235f69113fc7a64fe45d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c364351c1bbbc15f186b6424a7d46c34aa95ecdb5a9bc48ecdd58f8d9d498ce
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d3cb2be06b6d1693be3b0977fcc339b56a32331caecac6be1ddf0122f01f062
2d51d83a7d8fd1fbaf21327e8691f32936368b7794f53f67ff1a123115d0ca9c
2f1653be34386ae1da00995866507f8553d80185776132885f47be4339a0789d
2f2e8d6c6412dc013e2194a7ca9d1739f10456c96b65ff87b160c8e3d91530bf
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31c46cd48f083d246d64851bb8f54ca3af16ba8d8ca770b6b41aa88fda530f57
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
391745d698a9b473b2246c5c425b2c0eefd8afeddb702284646be40f6f70d57c
3b4360ca28098a502944b07600e089919a49dbc89b4c1e3e0437ae2bf782835b
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
432501d7bf47b128295c61f72eeee2e5c2d33755f85db43ba89188408ab9389d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4478571ae9ae5193b31afff4f08ee5bd197c9c5f7dd8774dfb0245cc4300cdb9
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b
468864041b280079274db15861a108735b454c113b93fb0768e1c8a546610dfd
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4885939ebe52f6f741e09cf672876c6f40d1e0d54f2efef61909e62cbdd8fef4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e70288b542130dac41434b0cea57ea663caed3ac93c81edd8c0b353a4c7245e
4f7fbcc4f0b1f710f80896ef3962922d86bda05c8c154893212cf9ce24b46818
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
544d04bd232ddb00fda337913d8ba5564ffb697482957202e626713b3138b9c9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a1ded14622b87be67eb7964493286cff7e12a2227855ddd975f5c9fe2e6483
5505fbb873ff896ee9a3e5ba9067bc6426a727a9de638be644152bba351e8cf4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
55ed173209f7ec86b28240d8c2ecebe894742cffefed38a4de734d35bbf8d9f2
59118c6e22cd96eba716035cd9bf7c5ae33b9feb3bde92390a758e1d9e2032e4
5970db21815b3b2ce80d074c6699e5ca9ce5ad845e53eda1ef1cf3bab7905dc4
5a9df795f52ac0c6dcaa85bc20da0bade8f553dc6f4341cdf730efc1e22804fa
5bb2c76f96cf68ecc7506168a8e3bcdd0a7da90c1834de31b773b977921ad462
5d2fa1a5a050a475141adc0f1b73284ba9646f117852193924c884c66ea241cb
5e700835ec05293a3d0f9e354e7d038319d34521cd279e782198dff6d1dd58f2
5f4ddffe89629d729413540508f3e56e9a8896a08a1eb3298c9fc4d3e6e5f045
6102858c2086f07a8500c403b1a2554653f2f4ce6d4b59f7546d71e97bb71189
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63048d3da9b8ef24703db0cb353c4bec041d9acc3575b407755a5affda7eb9db
659c7af42145807dac44cfac25b1cbcbfd5a05ffe06a76b31200a1bb8bdd3053
674a8eeeacde05874f5120985132226a000786cafbae70c56742b96e702eafc8
675bce86c0e8698a05891b0f39d6827e159d38f169119da797c558ac08e5610f
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6a50bdfb78fea1b1a14301bc87a382b504845ffd15ecc7d39955a1ce1230c672
719f8d02f8bd460c3d641913d42fc4f655a91ca1ad13e0fc60ead220f3168565
721410374454e4914d185680bc1d39b7bcefdc1f38f3b25983b91e64b78a9c85
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
745097fdeb0ffd3d61c322f951065a79ea6cde580a5746b312028d2ab4995dd3
7615afa84e6fe352f67c3483cd2ea59949d4272d239b2fc73bbb2cacd285e318
761a3ed677be90dd2ea54a66322244426c74412d3fc73334144828e3e28b8639
772e7739d967ee911f3c2f18615cd519b3b3bb9769bf05626234ee5790abc451
77882812956b4fa5e7fbee0491c6f732c9b61012e843a61d88d45332c63bb876
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7944db09a84c8fcfb266e016ac7a94279d69e96f5ef721af7126eb7309fcdbfa
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7bdc37a7cecdffe1b12286527281311425d4782e52153360f13ba5fbb0c42802
7c4d036744b5924d2befc18881c2bf44bc51d342447c4ec4879b322895396b56
7c51042da33272326e3a8fd2a8023f388a945a075a793cc290f8d98bb87e224d
7e22c77ea79cac11d9f561675afc18cda3a563013bb51eb9b887f8dc2f1bc657
7edc8dfd6163dc556935860188ef4cf0721944ada70379f155fe919a053a3c31
7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01
7fe686d98f9082ebd917492c9b1faf52494e8a56c575dcc402430155e63508b5
817b1a21fbaf46209f1e92fc83c6ac62d94cecdf641d967823970c0e8060d630
82b9bca061d2104e6dbc3207062bb0a41832a4965d1a1655185fcc30cf1ede26
83cf914d1f57de30a4ada3f62af1f9399bf5762e2c555a03ccdb1e8ef01a0780
83d6314160b784e095f1a8bee4c96df0ff659640f6138fdb3430ef57a6fccdb9
84221e6c0c5f950b44d38a40bc19ffa9a340b2a5d207cb6f6461b84d474f2555
8457a9383200d1a9283d0f1310b7f2a6cd27193ec694fb580e30ad8ebb6797c2
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd1061459bc02272828879c808303b719ddc56f951dcac741b51f999e9ccd76
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
902f47bc9eeb026da8cbcef8c7ec51aaa1f73bf7ca587c8694cceb36ff91a92e
90c24d5e86f3059905e96551cf0c65723f342949f9a84e856c1556f346950b84
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
94fbefef6eab1d06a976cad766e54657598ab7c479a7566e164a3abecdb2b2f4
959d2bff6e8aa7b4d1836a5dcc00ab6f2c2754604b0e0174bd96b6f9822d5905
963320e82443391541c83a19693d90200300cd6ebf2789f6b6496732396d7d03
97246976d349e4116999d37486b7b739816718f446ea2b2e224311884f785813
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac86f9bf7cddd7963a2df2dfd00d5bae17aff357eeee30a091c3160d86f4202
9b52e0d99a1793e38b790693f2cad99c741f8194d236e7694521f49831f04f65
9ebdca8d12ecd966a87e3ea10f97022f0fdb6d6301343bd966cad1800f9d8d3f
9f8021f5290b17ec941740cae5ec378ca4ef8317f3b3203dc6ab7f085a913953
9fc6f43c48b2377ba942b22838f3ee90dc78feb841d2675cb137335a67f06d8c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a1f1d3e09727f721a47b4f313223cdf962dbcb97a9e3fb375995036d279d40e2
a2bfd9fe607d28fd07b05046e622818b8b5b94a358d53853a0d3f03e597cdc71
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6be959f9f1d9ac0e941677507c3924f42efefddf9acc602ae8cae544a17b1d2
a9131688b6006c13fb5534ff475af1cb1b399b391df4455f6b4c62fc8838e246
a9ad0c8f4ebe68802102c94dc8ebd554373b5e4c12614ddc8ac59f9442e7c50e
ac3faba1f42e1a33169f016cfabaeffcaeca0125642beb103a8e2282c593b0a4
adcbf258772e7b0e2a59dfaa11346c847761761826ab6c5198e7155338d3bec2
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b090f1f1d5f6508490a4aa67a37d59f61d8713da4425cb788a2bf47cce35dae7
b091745c11ed4c226cfd74a0e854f4778a14e03faa6ca569208cbb6a3c149ed8
b0c53713037732287a7208b6be42d56387d61895cb5c6aa3b8131884af590982
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b4cff1017035919d9971f43d3b15f5e83eb73d104deb7d815c3ba23f3185583f
b6460cdb328131cf906195422088463ae79b760294f4f4462da6630564b8da65
b72b152262183a46bdf29f00817d35dd88fef330c888814bcffed7ccde27b1b6
b924c0f3cca5409ff9a2c9641e5610cee45e81ae4d315dc6bfa594dd0d5ca663
b9f409d101ade4960f8318c459ddbbc504ab84e167ae324dd6160c5710f51620
ba10a73faf039a64fd927b4e59e13c91a5d60d5225063dfae2501d00da112995
ba6d157276d3ed6a43549de1597b8b268bcffff30dd379a60b33c7b67110faa5
bb4137a98f20600cbb4cb7ea06f44e75781f21e67898a5a3b9ae5d33780177ed
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
bb9a364901163fe17e59e1b8ec3cafcd3e6372fa3f3108b9e550770f1c87c369
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc6cc80c7efb876ae0441132213ea15bf5fda7c24ca60a10767716524ce1e168
c1522e43d0ee0f8e622fd34e86c35758e1725b107762e5cfb5d4dc216395030f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c47b5a01db671339098d535f5e4ba9b1aea4e8f6a587115f3c5fb1c5f536c026
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c5de4774bcd28e91618cdd1cd501f6c2361372b57d85dfef447048a3586d2c03
c5f984d0c66b101699ad51e4e02f3e7353118c0c1d30776d42095ef5f4f62c0f
c6a08bd15afa417eed11afcc2a4486a3275172601eae1e3787efec45477eaab7
c7361bf2f4eaa5b235d1e8af1f5076a56eaf277f87784790c11438c6b818230d
c7a46ae5ff4e9630d078390ec271bd3cd3da8cddd4da19d00ea0c916e1c35179
c9602fd136907220e79ed7c0dbf36cef10b1e8f186183b503bb7357d81c5102e
ca40055530f1468bde44b940278ab91bf0d1b2935874a2e6830757d9577b2750
ca41f3a4fce57d52ae3aa2348f10c7fa3665a991e27ba8ab925067e729f0d587
cd2d51771a2adae72d4a2fe0d8147e364d4c3af4e21b5b2a319a8da224afbf59
ce658fec86c1f9a68dfdfcd3a26f13e51f5e6002c96fbfe1010b72810aa6bea8
cfa642a8bdb6ab1f5e2d1e9c9c7885bdca4bf9c02f42bb0a75078cb58430afa2
d0c4690dd1ca72f4164453d4c89943cc08c6e03022e28bf441961d714a635b5f
d318db919419c4e9f79e7b030b2e73990f1a83419138a63cde7b37138230a8bd
d9a24103d950c7fb7c117d03b65ba4714372350a038ce1f78f0b9596a3db524c
d9afc6d60748f57eb361bf9c162a469fa6f6be7aa9ee78127e6c44920f70e838
d9d26064b61e6856cbad5a280adea2744330764025571c11a638cbdbd216a571
d9d727f4581ff22ce33329e89199e0f1a6142afb436209d478e0afc4e82bfa31
dc67c7175776c1b31da1781cc91a864609b0352b874b047dd88af5873487d8ff
dcaa88e8efaa6f312053764588bbf2115e7d49ec69614486493594406d8f2352
dd22539dbd750bf36848bfc36b81005d6f5180cbb39de12be93d8d97d9638e38
df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4cc371b7297f0c50e1ddc03eb3dcf2e7fc1f6b2e1b8d939e865d36c1eae65cb
e57befab0fb40b9bbb3c5af7c65116865df3980e2dbf2b6412a342f6f76ce584
e669f7cff0bd3fa4ec0bfa951287c6ece86f5ed68992ed6c85bdd03f14a786f4
e861db30050b951e8a67b0111c6001d33ae6275c10c42fa4a1ec0fef8dd567bb
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e896ec3eedab353460068dd1fdb40cc8273f523144051c914662d9bbf8cedb49
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0bc3d7dd78d88761b920160741a1673167933759b1fe4fdaf4f2bb9ab80003
ed7580dd4b502e9e4d344d415ea1265addab2126d46eab1fc1cb7b889a835244
edc0c0ce3711f98a618fb251dab8954af55318e208f9947c09554792b9030a2c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd8d096210a27e0587e354c562e60fbb59fe106906f71487b333ed24054ab07
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f03302eb2e39ce0d26c41751d41a7ca791f13cf2ef74205ad4632450d099cdf4
f10de3a434eec4e487eec27ae0a9fccf2932b91843d0ce7b6c23cff2abf69f06
f27e9ca75db1b778e94c55ffb6a1f471a2fab0761034b9ce0a233bc0866e6cc2
f40a0823581ed9f71a7ed3c4d67c57e8b30169d2a1bc21c4b7385d954887eb03
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd
f4e676f7880bae4e1d783ac0ec1df8a78013c6bf6b83ef1578d3612f2127022e
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
f6b9d81e54a20796a7441b1eed0741d5f9c4c338761556981da51f5c02a4f191
f87cfb58e3b02c599629224b2ab0a6c6810f4b3f6ba08b764049fc62c7435282
f9f2900bcb7d5616b3dd3b7faa526c7157c444d98112eb56a2185dd2f940dfc3
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fcdf0cf31641215bd3ae6546bea6bac0014aeef964cdcfd9a06f56ff6d8e254c
fe4f1d0413bca8434c0e6ac44558878403e3b6d6e301b54cc9bd484de1c5dc80
fefecdb2eea635721f84d884e178b820fa48f145dae48b515185fb1a0c5aa239
ff1e843cfded44ee57255d2ded056295588bb61ee5d46c60799dbc9fe102ffd6

folkd.com Open in urlscan Pro 76.76.21.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

773 Requests

85 %HTTPS

0 %IPv6

83 Domains

114 Subdomains

67 IPs

12 Countries

13493 kBTransfer

32306 kBSize

92 Cookies

10 Outgoing links

Page URL History

Redirected requests

773 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

folkd.com Open in urlscan Pro
76.76.21.21 Public Scan

Screenshot
Live screenshot

Full Image

773
Requests

85 %
HTTPS

0 %
IPv6

83
Domains

114
Subdomains

67
IPs

12
Countries

13493 kB
Transfer

32306 kB
Size

92
Cookies

773 HTTP transactions
14 data transactions